Bluetooth Vulnerability Could Allow iOS and macOS Devices Be Tracked and Identified

[Crowbot]

Yet you glossed over:

It's true.
People see what they want to see.

OK....Most important to me.

 

[McScooby]

IIRC did something like this not happen before?

 

[rols]

Non-continuous tracking.

For example, if you're in a Starbucks, you can find the 5 people (who have an iOS/MacOS device) that are sitting there's bluetooth ID .... now tape your device under a table tracking all these ids, you'll know when those 5 people return. Therefore you can 'track people' and their comings and goings by their devices. Of course, you don't know who those 5 people are, you'd have to monitor it in person, and then watch as they leave/enter to name these IDs to track person by person. (i.e. ID #1 is 'cute freckled girl', #2 is 'fat balding guy', etc)

It has been possible to track people via cell phone towers for a long time for iOS and Android devices.

I just read the paper, fortunately most of it is a boilerplate description of BLE. It's not actually perfect non-continuous tracking at all, ie you can't tape a phone under the table in Starbucks and know when people come back hours or days later, you need to keep in range of a device and scan it on at least an occasional basis to catch the times between one or other of the random identifiers changing (like the MAC address) and another one (like the tokens in the nearby and handoff packets). If you catch the device in the window where one of these has changed and the other hasn't, you can assume it's the same device and repeat the process, if you miss that window (someone walks out of the Starbucks for an hour and comes back), both have changed and you have no way to match the device against one you've seen before.

Android is stated as not-vulnerable because the base OS doesn't constantly send out advertising packets with tokens in them which can be used in this 'tick-tock' tracking.

As far as I can tell however this paper just uses the base OS settings. Any device could have an app on it which advertises anything, peripheral apps are common and I would have to suspect that many such apps broadcast advertising data which never changes at all. That would be a vector for a long-term attack.

All-in-all an interesting piece of research, not something which is going to keep me up nights.

 

[Tech198]

Right, the last line is the most important part.

you mean the part where is says "Apple is often quick to patch any vulnerability?" Based on the fact it doesn't break any Bluetooth security to allow the attack means its not that important i would think..

Its still something which would still be fixed, but to me, actual issues NOW as an by-pass/break are more important, for insane like that Facetime "attack" which cold allow users to join a group convocation

To me, that is more important, than this one.

 

[Appleman3546]

This is why when a user hits the Bluetooth button in control center, it should just turn off completely. It prevents harmful actors from taking advantage of someone who thought Bluetooth was turned off (but it turns back on later).

Thankfully, there is a solution around this by downloading the shortcuts app and having a shortcut turn off Bluetooth and WiFi, but most people don’t know this is an option still.

 

[albebaubles]

I am a little confused. Does this mean that if someone is following you and within bluetooth range (100 ft?), they can track you?

Non-continuous tracking.

For example, if you're in a Starbucks, you can find the 5 people (who have an iOS/MacOS device) that are sitting there's bluetooth ID .... now tape your device under a table tracking all these ids, you'll know when those 5 people return. Therefore you can 'track people' and their comings and goings by their devices. Of course, you don't know who those 5 people are, you'd have to monitor it in person, and then watch as they leave/enter to name these IDs to track person by person. (i.e. ID #1 is 'cute freckled girl', #2 is 'fat balding guy', etc)

It has been possible to track people via cell phone towers for a long time for iOS and Android devices.

But you could use it to determine if say, Eric next door is home.

That's not even accurate --- only if both identifiers didnt change before you last comm'd with the device.

Great catch be the researches, more for the real spies than us normal folks,

 

[Crowbot]

you mean the part where is says "Apple is often quick to patch any vulnerability?" Based on the fact it doesn't break any Bluetooth security to allow the attack means its not that important i would think..

Its still something which would still be fixed, but to me, actual issues NOW as an by-pass/break are more important, for insane like that Facetime "attack" which cold allow users to join a group convocation

To me, that is more important, than this one.

I'm not saying these issues are not important. I'm just saying that Apple will fix it very soon and we can calm down. I don't think (no evidence either way) that these exploits are in the wild yet. The more outward facing our devices become, the more exploits like this will creep up. Apple's rep is on the line and they know it.

 

[Tech198]

This is why when a user hits the Bluetooth button in control center, it should just turn off completely. It prevents harmful actors from taking advantage of someone who thought Bluetooth was turned off (but it turns back on later).

Thankfully, there is a solution around this by downloading the shortcuts app and having a shortcut turn off Bluetooth and WiFi, but most people don’t know this is an option still.

Apple choose to do that with Wi- in as well in control center.. I guess it make it convenient than searching, or going into settings app.. At a minimum, a notification should of been done so users could "see" "Temporarily disabled" rather no visual notifications at all as the reason it won't turn back on later.

Apple talks about the small things it gains attention do, but fails in other areas. Perhaps make the UI bigger to accommodate the text or something, but anything on the display is better than finding it out through internet.

In any case, this is the direction it chose.

 

[Altis]

All the more reason you should be able to quickly disable Bluetooth (and wifi) from CC.

Having to do it manually like the old days it tedious. As if they can't implement a better setup than this...

 

[Gutwrench]

Non-continuous tracking.

For example, if you're in a Starbucks, you can find the 5 people (who have an iOS/MacOS device) that are sitting there's bluetooth ID .... now tape your device under a table tracking all these ids, you'll know when those 5 people return. Therefore you can 'track people' and their comings and goings by their devices.

Do I have to be under the table watching my scotch-taped device to see they returned?

 

[Sedulous]

Not really sure how this is an issue worthy of much concern.

 

[SteveW928]

All the more reason you should be able to quickly disable Bluetooth (and wifi) from CC.

Having to do it manually like the old days it tedious. As if they can't implement a better setup than this...

It isn't that it is all that hard or tedious, but just a shame to take one step forward, then three back. Once upon a time, CC was actually useful for this kind of stuff. Apple giveth, Apple taketh away.

Do I have to be under the table watching my scotch-taped device to see they returned?

Well, no, you could just be sending the data from that device to be logged somewhere. But, government entities and corporate entities don't even have to resort to a device taped under a table. They can just install them all over the place as needed.

 

[Delgibbons]

1. Super
2. easy
3. to
4. prove:
5. How
6. many
7. more
8. do
9. you
10. want?

That's just from a few months; not the most major clusters from, say, the last year or two.

The world outside of your echo chamber noticed a long time ago:

Stick them on a billboard!

 

[Dirtfarmer]

Stick them on a billboard!

Nah I'm good.

I just miss the old days.

Maybe most people now don't remember what it used to be.

As a die hard in the late 90's through early 2010's, you knew you were watching history being made in real time.

Now you get to watch...talking emojis, watch straps, and thousand dollar monitor arms. What??

#FIRETHEACCOUNTANT

 

[I7guy]

Nah I'm good.

I just miss the old days.

Maybe most people now don't remember what it used to be.

As a die hard in the late 90's through early 2010's, you knew you were watching history being made in real time.

Now you get to watch...talking emojis, watch straps, and thousand dollar monitor arms. What??

What “what used to be”. Times change and emojis are a sign of one of the changes. Apple has to change with the times. Everybody has their opinions though about these changes.

 

[Dirtfarmer]

What “what used to be”. Times change and emojis are a sign of one of the changes. Apple has to change with the times. Everybody has their opinions though about these changes.

Apple did *not* change with the times. That's my point.

They started copying others and playing catch-up and being a cheesy also-ran.

The big idea would have been to hire another visionary, take risks, and do something that was revolutionary in 2015 the way Steve was doing revolutionary things in 2005.

They just lacked the intestinal fortitude, choosing instead to sell copycat headphones and copycat Bluetooth speakers. And make copycat YouTube shows. And drop the quality of their computers and their software.

(All of which produce great margins and send investors to the moon, so the only negative reinforcement would be from internet fanboys and forum dweebs like me.)

And they are in the process of paying the price for that.

#FIRETHEACCOUNTANT

 

[LizKat]

Do I have to be under the table watching my scotch-taped device to see they returned?

Well, no, you could just be sending the data from that device to be logged somewhere. But, government entities and corporate entities don't even have to resort to a device taped under a table. They can just install them all over the place as needed.

Well good for the govt and the oligarchs. They will find me in the supermarket shopping for canned goods on sale as usual. Big whoop. They'll know when tuna is a buck a can.

Not really sure how this is an issue worthy of much concern.

Yep. But... it lights up tinfoil hats all over the place pretty well, doesn't it. I admit if I still lived down in the city I'd possibly be more concerned. Not probably. Just possibly. There are already so many ways to track people if someone is into doing that. But on behalf of others, I do hope Apple fixes the BT vulnerability promptly.

 

[SteveW928]

Well good for the govt and the oligarchs. They will find me in the supermarket shopping for canned goods on sale as usual. Big whoop. They'll know when tuna is a buck a can.

Oh sure, but once you start combining all kind of layers of data together, it could get dangerous or abusive depending on one's situation. And, if there are nefarious players involved (as any such data eventually gets hacked/leaks), worse things could happen.

Yep. But... it lights up tinfoil hats all over the place pretty well, doesn't it. I admit if I still lived down in the city I'd possibly be more concerned. Not probably. Just possibly. There are already so many ways to track people if someone is into doing that. But on behalf of others, I do hope Apple fixes the BT vulnerability promptly.

I don't think we need too much tinfoil. All this stuff has already happened, it just depends on how you might have been impacted, so far. It might not be horrible in and of itself, but again, data layered on data keeps adding more detail to the overall picture.

And... the I have nothing to hide defense works so long as you conform to all the wishes of the powers that be. That gets harder and harder if you're an honest, thinking person as society degrades. Plus, if the data gets into the hands of people that might want to harm or take advantage of you, that's another avenue.

 

[kycophpd]

Non-continuous tracking.

For example, if you're in a Starbucks, you can find the 5 people (who have an iOS/MacOS device) that are sitting there's bluetooth ID .... now tape your device under a table tracking all these ids, you'll know when those 5 people return. Therefore you can 'track people' and their comings and goings by their devices. Of course, you don't know who those 5 people are, you'd have to monitor it in person, and then watch as they leave/enter to name these IDs to track person by person. (i.e. ID #1 is 'cute freckled girl', #2 is 'fat balding guy', etc)

It has been possible to track people via cell phone towers for a long time for iOS and Android devices.

Something tells me I am #2 in this scenario.

 

[I7guy]

Apple did *not* change with the times. That's my point.

They started copying others and playing catch-up and being a cheesy also-ran.

The big idea would have been to hire another visionary, take risks, and do something that was revolutionary in 2015 the way Steve was doing revolutionary things in 2005.

They just lacked the intestinal fortitude, choosing instead to sell copycat headphones and copycat Bluetooth speakers. And make copycat YouTube shows. And drop the quality of their computers and their software.

(All of which produce great margins and send investors to the moon, so the only negative reinforcement would be from internet fanboys and forum dweebs like me.)

And they are in the process of paying the price for that.

#FIRETHEACCOUNTANT

That’s your opinion that Apple is copying others. But it isn’t mine, but it would help the conversation if you cited multiple specific examples. And hopefully you won’t cite “bigger phones”.

As far as the quality of their software, if Microsoft can’t get it perfect, nobody can. But I guess iOS had no bugs prior to Tim Cook. By the way his compensation shows the board doesn’t share your opinion. That’s okay. Apple with 250 million customers, the customers all have different opinions.

 

[Sedulous]

Oh sure, but once you start combining all kind of layers of data together, it could get dangerous or abusive depending on one's situation. And, if there are nefarious players involved (as any such data eventually gets hacked/leaks), worse things could happen.



I don't think we need too much tinfoil. All this stuff has already happened, it just depends on how you might have been impacted, so far. It might not be horrible in and of itself, but again, data layered on data keeps adding more detail to the overall picture.

And... the I have nothing to hide defense works so long as you conform to all the wishes of the powers that be. That gets harder and harder if you're an honest, thinking person as society degrades. Plus, if the data gets into the hands of people that might want to harm or take advantage of you, that's another avenue.

BT is very short range. I just don’t see anyone building the infrastructure to track BT devices when it would be very difficult to link a BT device to a specific person. Would be an extremely expensive and impractical endeavor with very little “reward”; particularly when there are far easier ways to track cellular devices.

 

[Dirtfarmer]

That’s your opinion that Apple is copying others. But it isn’t mine, but it would help the conversation if you cited multiple specific examples. And hopefully you won’t cite “bigger phones”.

As far as the quality of their software, if Microsoft can’t get it perfect, nobody can. But I guess iOS had no bugs prior to Tim Cook. By the way his compensation shows the board doesn’t share your opinion. That’s okay. Apple with 250 million customers, the customers all have different opinions.

Correct. Apple has a small number of customers. Maybe 250 million in the world, and less than 1% of enterprise computers sold. So scraps from the big boys' table.

Copycat is something that already exists and is similar in form and function. You might put a spin on it here or there, but it is not "iPod vs Discman" or "OSX vs Windows XP" different.

The abbreviated list includes

Headphones
Smart speakers
Smartphones
Music store
Media store
Tv shows
Podcasts
App store
Desktop hardware
Desktop OS

Essentially their entire business now.

Some of those they were first to market with, but in 2019 you will not find anything there that is dramatically different from what other companies are selling.

Some of the items on that list are dramatically inferior.

Yes, they made Steve's watch. And Steve's tablet. And nobody else equals those two products.

But the counterpoint is that many of the items on that list are significantly worse than the competitors.

That is not the market strategy of the Apple of my youth.

Steve wouldn't touch a segment with a ten foot pole if he thought he was just going to be similar to other offerings.

He went to places where he could blow everyone away. And stayed out of every other market.

Tim seems to be trying to do exactly the opposite?

#FIRETHEACCOUNTANT

 

[I7guy]

Correct. Apple has a small number of customers. Maybe 250 million in the world, and less than 1% of enterprise computers sold. So scraps from the big boys' table.

Copycat is something that already exists and is similar in form and function. You might put a spin on it here or there, but it is not "iPod vs Discman" or "OSX vs Windows XP" different.

The abbreviated list includes

Headphones
Smart speakers
Smartphones
Music store
Media store
Tv shows
Podcasts
App store
Desktop hardware
Desktop OS

Essentially their entire business now.

Some of those they were first to market with, but in 2019 you will not find anything there that is dramatically different from what other companies are selling.

Some of the items on that list are dramatically inferior.

Yes, they made Steve's watch. And Steve's tablet. And nobody else equals those two products.

But the counterpoint is that many of the items on that list are significantly worse than the competitors.

That is not the market strategy of the Apple of my youth.

Steve wouldn't touch a segment with a ten foot pole if he thought he was just going to be similar to other offerings.

He went to places where he could blow everyone away. And stayed out of every other market.

Tim seems to be trying to do exactly the opposite?

#FIRETHEACCOUNTANT

You forgot ipod/iphone (since both the mp3 player and cell phone existed prior to iphone 1), bluetooth headphones(airpods) and finger print readers (touch id). Yep, Apple copied other designs exactly.

But what you call copying, which has a direct implication, I call it innovating. Of course, each of us has our personal, moving definition of innovation.

To me this post represents a bunch of spin. But as I said previously, horses for courses.

And as far as some of the offerings "significantly worse than competitors", that is purely subjective.

As far as what Steve would do or not. He's dead, nobody knows in 2019 what he would or wouldn't do.

All of this because of a bug in the software?

 

[citysnaps]

As a die hard in the late 90's through early 2010's, you knew you were watching history being made in real time.

And people still whined. The release of the iPod and iPhone are great examples. That's what tech forums are about. Mustering up gallons of faux outrage to feel good from the accompanying 15 seconds of fame.

 

[I7guy]

And people still whined. The release of the iPod and iPhone are great examples. That's what tech forums are about.

With the iphone 1, why couldn't Apple copy ctrl-c and ctrl-v? That I will never understand.