Devices using Bluetooth Low Energy (BLE) to transmit their data can be intercepted by hackers, potentially exposing a trove of fitness data from wearables, IT Pro reports.
Devices using Bluetooth Low Energy (BLE) to transmit their data can be intercepted by hackers, potentially exposing a trove of fitness data from wearables, IT Pro reports.
Context researcher Scott Lester discovered that ‘Bluesniping’ can be used to intercept devices made by Nike, FitBit and JawBone as they record data to smartphones. This would allow an attacker to deduce who a device belongs to.
Bluetooth Low Energy technology has proven quite popular as it considerably reduces power consumption, making it ideal for devices that are constantly transmitting information such as wearables. The flipside of this is that this constant data travel potentially leaves it open to interception, as demonstrated by Lester.
“What is obvious is that many of these devices contain very personal information about someone’s health and patterns of life, which can lead to amusing measurements, but also represent a wealth of data about an individual,” he explained. “Whilst many people are very happy to publish such information to social media, others would be very protective of it.”
The Register explains that random addresses for BLE devices are poorly implemented or not applied to certain devices, meaning that devices either remained fixed or poorly randomized. As a result, an app and a smartphone is enough to step between the private data.
“We’ve seen some devices that are clearly changing their MAC address for successive advertising packets. They are sometimes easy to identify as they have a counter that increments the last few bytes of the address, and often send out constant identifying information,” Lester explained.
While the assumed 50 meter BLE range would limit the scope for malicious activity, there’s the possibility that an attacker could increase the range. In previous work, Lester had managed to boost regular Bluetooth’s range eight-fold with a directional antenna. If the same could be done here, the privacy threat becomes greater.
In one hour in a busy London district, Lester was able to identify “26 FitBits, two Jawbones, a couple of Nike products, one Estimote iBeacon… an Alcatel Pop C5, and a load of iPhones.”
