Bluetooth SIG officially acknowledges serious Bluetooth security vulnerability


The Bluetooth Special Interest Group (Bluetooth SIG) is the standards organization that oversees the development of Bluetooth standards and the licensing of the Bluetooth technologies and trademarks to manufacturers. Recently, it admitted that there is a serious Bluetooth security vulnerability. This vulnerability makes it easier for attackers to force pairing with your device.

Bluetooth SIG

Gizchina News of the week


Bluetooth connection works by having both devices to accept a connection. One sends a request, the other must accept it. It authenticates the identity of the device by exchanging the public key and generates an encryption key for the connection. This is to ensure that the connection is secure. However, with the recent vulnerability, an attacker could interfere with the encryption settings. The attacker can create a shorter encryption key making it easier to establish a connection. In addition, some Bluetooth products with lower security levels are more vulnerable. This is because not all Bluetooth specifications give a minimum length of explicit encryption keys. 

Bluetooth SIG requires vendors to update their Bluetooth devices to ensure that the encryption key is at least 7 octets. If the encryption key length meets the standard, such attacks can be prevented. This is because the window time available for spoofing connections is very short.

Via

Disclaimer: We may be compensated by some of the companies whose products we talk about, but our articles and reviews are always our honest opinions. For more details, you can check out our editorial guidelines and learn about how we use affiliate links.

Previous EMUI 9.1 stable version now available for 8 Huawei smartphones
Next Redmi Note 8 Pro Poster Shows Camera Placement and More