Bluetooth Bug Could Expose Devices to Attack; Patch Coming
Jul 24, 2018, 7:42 AM by Eric M. Zeman
Researchers at the Israel Institute of Technology discovered a vulnerability in Bluetooth's Secure Simple Pairing and LE Secure Connections features that could lead to man-in-the-middle attacks. According to the researchers, the Bluetooth specification doesn't require devices with these features to validate the public key when pairing with new hardware. By not validating the key, it leaves the connection open to attack. In this case, the attacker would need to have a device within 30 meters and intercept the pairing procedure between two devices. The attacker's hardware could pose as the intended paired device, hijack the connection, and transmit malicious code. For this to work, both devices attempting to pair would need to have the Secure Simple Pairing or LE Secure Connections features enabled in their code, and the attacker's timing would have to be impeccable, according to the Bluetooth SIG. The bug impacts hardware from Apple, Broadcom, Intel, and Qualcomm, along with some Android handsets. According to ZDNet, Apple issued a patch for this bug in July. Intel and Qualcomm have updated their drivers, respectively, and some PC makers have begun to distribute the patches. LG and Huawei have said they'll include patches for the bug in security updates for their Android phones this month. Google has not mentioned the bug in any of its monthly security updates and it's not clear if the Android kernel, nor what other Android devices, are affected
Feb 9, 2022
Samsung today announced its lineup of flagship phones for 2022: the Galaxy S22 series. The top-end S22 Ultra sees the biggest changes as it essentially absorbs Samsung's Note series with an integrated S Pen stylus and a more Note-like shape and design, instead of the Contour Cut design of the other models.
Sep 7, 2022
Apple has revealed the iPhone 14 series, with new features, improved specs, and new size options. In place of a Mini option, the iPhone 14 will come in the same 6.1-inch and 6.7-inch screen size options as the Pro models.
Mar 10, 2022
Google today started rolling out a major update to its Messages app, the default SMS and RCS messaging app on most new Android phones. It includes several major new features, but the biggest for most people may be automatic conversion and tidier display of emoji reactions from iPhone users .
Sep 7, 2022
Apple has refreshed its Apple Watch lineup with Series 8, a new Watch SE, and added a larger, more rugged Apple Watch Ultra for athletes and extreme adventurers. Apple Watch Series 8 has two main upgrades over Series 7: temperature sensors and Crash Detection.
Mar 29, 2021
Google recently announced the formation of the Android Ready SE Alliance, a collaboration between Google and the makers of "secure element" chips for phones and similar devices. The new initiative will enable all Android phone makers to more easily implement hardware security features that match the functionality and security of Pixel phones (which use Google's Titan M secure element chip).