Billions of devices imperiled by new clickless Bluetooth attack | Ars Technica


22 bookmarks. First posted by felipek 12 days ago.


Billions of devices imperiled by new clickless Bluetooth attack
from twitter
5 days ago by jeffhammond
"BlueBorne, as the researchers have dubbed their attack, is notable for its unusual reach and effectiveness. Virtually any Android, Linux, or Windows device that hasn't been recently patched and has Bluetooth turned on can be compromised by an attacking device within 32 feet. It doesn't require device users to click on any links, connect to a rogue Bluetooth device, or take any other action, short of leaving Bluetooth on. The exploit process is generally very fast, requiring no more than 10 seconds to complete, and it works even when the targeted device is already connected to another Bluetooth-enabled device.

"Just by having Bluetooth on, we can get malicious code on your device," Nadir Izrael, CTO and cofounder of security firm Armis, told Ars. "BlueBorne abuses the fact that when Bluetooth is on, all of these devices are always listening for connections.""

Turn it off by default!
security  network  software  communication  risk  stupid  technology 
11 days ago by ssam
BlueBorne, as the researchers have dubbed their attack, is notable for its unusual reach and effectiveness. Virtually any Android, Linux, or Windows device that hasn't been recently patched and has Bluetooth turned on can be compromised by an attacking device within 32 feet. It doesn't require device users to click on any links, connect to a rogue Bluetooth device, or take any other action, short of leaving Bluetooth on. The exploit process is generally very fast, requiring no more than 10 seconds to complete, and it works even when the targeted device is already connected to another Bluetooth-enabled device.
twig  sn  632 
11 days ago by leolaporte
RT : Android, Linux, Windows: "Just by having Bluetooth on, we can get malicious code on your device"
from twitter
11 days ago by codepo8
RT : Billions of devices imperiled by new clickless Bluetooth attack
from twitter
12 days ago by akmassey
OUCH! "Billions of devices imperiled by new clickless Bluetooth attack"
from twitter
12 days ago by tguemes
Blueborne exploit works against unpatched devices running Android, Linux, or Windows.
Over the past decade, Bluetooth has become almost the default way for billions of devices to exchange data over short distances, allowing PCs and tablets to transfer audio to speakers and phones to zap pictures to nearby computers. Now, researchers have devised an attack that uses the wireless technology to hack a wide range of devices, including those running Android, Linux, and, until a patch became available in July, Windows.
Blueborne, as the researchers have dubbed their attack, is notable for its unusual reach and effectiveness. Virtually any Android, Linux, or Windows device that hasn't been recently patched and has Bluetooth turned on can be compromised by an attacking device within 32 feet. It doesn't require device users to click on any links, connect to a rogue Bluetooth device, or take any other action, short of leaving Bluetooth on. The exploit process is generally very fast, requiring no more than 10 seconds to complete, and it works even when the targeted device is already connected to another Bluetooth-enabled device.
android  bluetooth  hack  privacy  security  windows  IoT 
12 days ago by rgl7194
“BlueBorne” Bluetooth exploit works on unpatched Android, iOS 9 or earlier, Linux, Windows devices; Google to release patch today; other OSes have patches
android  bluetooth  linux  security  ios 
12 days ago by joeo10
Billions of devices imperiled by new clickless Bluetooth attack | Ars Technica
from twitter
12 days ago by Fallingbadgers
RT : Billions of devices imperiled by new clickless Bluetooth attack
from twitter
12 days ago by ampressman
RT : Owners of newer phones: please patch.
Owners of older phones: good luck.
from twitter
12 days ago by sj26