On many occasions, the appearance of security flaws is something totally unpredictable and that can be difficult to prevent. That is why there are working groups highly focused on investigating all technologies to look for security holes. The last one that has been detected is related to Bluetooth and can affect you if you are not careful with your iPhone. In this article we will tell you all the details about it.
New security flaw reported in Bluetooth
The Blueooth Special Intereset Group (SIG) has recently recognized that there is a vulnerability in Bluetooth connectivity. In order to issue this confirmation, they have followed the results of two security investigation teams that have reported this failure: the École Polytechnique Fédérale de Lausanne (EPFL) and Purdue University. Specifically, the problem is in the derivation of cross transport keys (CTKD) in the implementations that support pairing and encryption with Bluetooth BR / EDR and LE in the Bluetooth specifications , as stated in the official statement .
This vulnerability can cause anyone who is in range of a device with this problem to access it. It requires necessary software that any cybercriminal can access and access the information on a mobile phone without being seen . It can also go unnoticed because if you already have a previously paired device you can impersonate it. In this way, it could access at any time without the user noticing what is happening as it is something normal.
At the moment, SIG has not given any information on how to solve this problem. It has limited itself to informing that it will contact all vendors to make the necessary recommendations to patch this vulnerability. That is why in a few weeks there will surely be some important security updates to be able to solve it.
Avoid being hacked on iPhone
If you have an iPhone, you can be somewhat calmer in the face of this new vulnerability but as long as you exercise caution. In iOS, different security systems are included in which authorization is always requested for an external device to pair with your iPhone. This causes an attacker to announce that they want to access your device and you can reject it. This is where both common sense and the precaution that each of the users have regarding security comes in.
As a general rule, you should always cancel all those matching requests if you do not know their origin. You always have to make sure who is given access and only do it to whoever we have next to us and see that the notification appears when you send the request. Or this case also occurs when pairing bluetooth headphones on iPhone that asks you for something similar. If these situations do not occur for me to ask for your authorization, it is possible that you accept a pairing from a totally strange person who trusts that you will accept the pairing by accepting. Now is the time to be more cautious until the update is released that applies a security patch to resolve the bug that Bluetooth has presented. Obviously, caution should always be the highest priority for everyone even if this problem is solved.
