A new security flaw discovered by researchers at the University of California San Diego could allow hackers to identify specific devices by using errors or imperfections in the Bluetooth signals sent out by some devices.
“These applications require frequent and constant transmission of Bluetooth beacons to be detected by nearby devices,” said Nishant Bhaskar, a PhD student at the University of California San Diego. “Unfortunately, this also means that an adversary can also find out where we are at all times by simply listening to the Bluetooth transmissions from our personal devices.”
According to the team, the flaw occurs in Bluetooth signals which are “slightly distorted, creating a unique signature.” This means individuals can be picked out of a crowd based on their Bluetooth signature even though, in theory, a Bluetooth signals should transmit identically.
From the study:
In their first experiment, they went to several public places, including a coffee shop, food court, and library, with an off-the-shelf receiver (costing less than US $200) that can “sniff” out Bluetooth signals. A single phone emits hundreds of Bluetooth signals per second, making it relatively easy for a sniffer to produce a “fingerprint” of a device quickly.
Notably, an ill-intentioned person who wants to track a specific individual would need to somehow determine which signature is linked to that person’s device. In these initial experiments, the researchers simply looked to see how many unique signatures could be observed, without directly linking a device to a user. However, an attacker could theoretically go to multiple locations their target frequents, and blindly sniff out signatures at these sites until they identify one that registers multiple times.
Indeed, once a signature has been linked to a device, it’s possible to track the movement of an individual. The researchers demonstrate this in a third experiment, where a volunteer’s location was tracked as they entered and exited their home with tens of other Bluetooth devices around.
There is no telling whether or not your phone could be transmitting these broken signals but the researchers found that many specific types of device would output these defective, trackable Bluetooth pings. While not many of us will have to worry about being tracked via our phones, it’s enough of a concern that you may want to turn your device off if you’re worried about being followed for whatever reason.