Source: Sihoo Professional Edition

Knowledge

Case

Others

Essays

Voices

Researchers have discovered for the first time that Bluetooth signals can be used as fingerprints to track smartphones.

Mobile devices such as smartphones, smartwatches, and fitness bands transmit signals at a rate of 500 Bluetooth beacons per minute. These beacons can be used for Apple’s “Find My” lost device tracking service, pandemic tracking apps, and connecting smartphones to other devices.

Bluetooth Beacon Tracking

Previous studies have shown that there are wireless fingerprints in WiFi and other wireless technologies. Researchers at the University of California, San Diego have demonstrated that Bluetooth signals can also serve as fingerprints for tracking smartphones and personal mobility.

All wireless devices have certain minor flaws at the hardware level, and each device is different. These results, caused by accidents during the manufacturing process, can serve as fingerprints to track specific devices. For Bluetooth, attackers can use anti-tracking techniques, such as continuously modifying the address of the mobile device connected to the internet. Compared to WiFi signals used for tracking, Bluetooth beacon signals are very short, making the fingerprints used for tracking less precise. Therefore, researchers proposed a method for tracking based on the entire Bluetooth signal and an algorithm to estimate two different values in the Bluetooth signal, which differ due to flaws in different Bluetooth devices, serving as a unique fingerprint for the device.

Experiments

Researchers demonstrated the effectiveness of this tracking method through real-world experiments. In the first experiment, 40% of 162 mobile devices located in public places were successfully identified. The experiment was then expanded to two days and 647 devices, ultimately finding that 47% of the devices had unique fingerprints.

Real-World Attacks?

Although researchers have demonstrated the recognizability of Bluetooth signals, factors such as temperature, power, and distance can affect device tracking in real-world attacks. Therefore, the difficulty of such attacks is very high. However, the cost of attacks is very low, with the required equipment costing less than $200.

Countermeasures

To counter this attack, Bluetooth hardware needs to be redesigned and replaced. However, this method is low-cost, and researchers believe there will be simpler and cheaper methods. Additionally, Bluetooth device firmware can hide Bluetooth fingerprints through digital signal processing.

Researchers recommend that users disable Bluetooth when not in use to stop devices from emitting Bluetooth beacon signals. However, in some phones, disabling Bluetooth does not completely stop the emission of Bluetooth beacon signals. In some Apple devices, the only way to stop the emission of Bluetooth beacon signals is through a key.

The related research results have been accepted by the security top conference IEEE S&P 2022, and the paper download link is: https://cseweb.ucsd.edu/~schulman/docs/oakland22-bletracking.pdf

References and sources: https://thehackernews.com/2022/06/researchers-find-bluetooth-signals-can.html