A Simple Firmware Update Completely Hides a Device’s Bluetooth Fingerprint (today.ucsd.edu)

submitted 1 month ago by BrikoX@lemmy.zip to c/cybersecurity@sh.itjust.works

3 comments fedilink hide all child comments

A smartphone’s unique Bluetooth fingerprint could be used to track the device’s user–until now. A team of researchers have developed a simple firmware update that can completely hide the Bluetooth fingerprint, eliminating the vulnerability.

top 3 comments

sorted by: hot top controversial new old

[-] jet@hackertalks.com 23 points 1 month ago* (last edited 1 month ago)

Turn Bluetooth off, super effective

They were always be ways to fingerprint and active system, you can change the current characteristics that are used, but you cannot make everything the same. There will always be a difference, be it timing, be at packet signing, be it's electrical signaling, there will always be some way to infer a fingerprint of the system active on the network.

Because Bluetooth is not use constantly, it's better to turn it off when not in use, and not even worry about the fingerprinting because you're not participating

[-] turtlepower@lemm.ee 7 points 1 month ago

Yup. Only time I ever turn bluetooth on is when I'm using my game controller or the little speaker I move to whatever room I'm in. If it's not being used for either of those things, it stays off. I don't even use it to connect my cell to my computer—that's what usb is for.

[-] sugar_in_your_tea@sh.itjust.works 2 points 1 month ago

Or WiFi. I use KDE Connect to send stuff between my desktop and phone, which works fine.

this post was submitted on 14 Jul 2024

87 points (100.0% liked)

Cybersecurity

5236 readers

15 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social