Researchers Have Discovered Critical Bluetooth Vulnerabilities That Could Enable Successful Man-in-the-Middle Attacks

[Peter_Brosdahl]

Researchers have discovered critical Bluetooth vulnerabilities that could potentially affect billions of devices around the world. The newly discovered exploits are categorized as Bluetooth Forward and Future Secrecy Attacks and Defenses, or BLUFFS for short. A researcher at EURECOM published a paper on them detailing how an attacker can utilize a man-in-the-middle (MITM) technique to impersonate a paired device using four flaws in the key derivation process. Once that stage is achieved the attacker can then brute-force attack the device(s) to further decrypt the key for access. The vulnerabilities affect BT 4.2 through the current BT 5.4 version and technically cannot be patched out. However, it's not all bad news as it's possible to mitigate the vulnerabilities with increased security settings. The Bluetooth SIG has posted its statement regarding the findings in a new security bulletin.

See full article...

 

[Zarathustra]

I hate to sound like a broken record, but if you care about performance, quality, reliability, and yes, security, wired is always best.

Doesn't even matter what it is. Keyboards, Mice, speakers, networking, charging, whenever there is a choice between something that is wired and somethibg that is not, the wired option is far superior.

The only things wireless has going for it is convenience and aesthetics, but it sure ha shell isn't convenient when the device for some stupid reason just won't pair right ...

Wired wired wired wired. Wire the everything!