Galaxy Tab A9+ 11” 64GB - 40% off!
Pre-order the Galaxy Z Fold 7 now and get double the storage!
Pre-order the Galaxy Z Fold 7 now and get double the storage!
Samsung has opened pre-orders for its brand new foldable.

Did you know – enabling Bluetooth in non-discovery mode doesn't prevent access to your smartphone

By
5comments
Google News Follow
Follow us on Google News
Did you know – enabling Bluetooth in non-discovery mode doesn't prevent access to your smartphone
Some smartphone users like to have Bluetooth turned on, but keep their devices in non-discoverable mode so other connected gadgets won't detect them. It turns out this precaution is just a myth, and keeping your device non-discoverable won't fully protect it against hackers bent on breaking into your phone. There are scanners and sniffer devices in existence that find your device's Bluetooth address and let infiltration commence even when it’s set to non-discoverable.

Your best bet is still keeping Bluetooth off. - Did you know – enabling Bluetooth in non-discovery mode doesn't prevent access to your smartphone
Your best bet is still keeping Bluetooth off.
A significant vulnerability that eases the process is the "factory" default password used on the majority of Bluetooth devices, which is something to the tune of "0000" or "1234". Once someone has sniffed your Bluetooth address, chances are they can establish a connection using this PIN code. According to security researchers, it's this unreasonably simplified system that faciliates most cases of Bluetooth eavesdropping and so-called "Bluejacking"  – connecting to a phone and sending spam content. So one of the better things you can do in this regard is change your Bluetooth password to a less  PIN.

The way this goes is that most consumer devices rely on the Bluetooth Device Address (BD_ADDR) information as a security mechanism. Operating in discoverable mode, Bluetooth devices respond to page request messages issued by other gadgets with their BD_ADDR information. In non-discoverable mode, though, BD_ADDR information requests are ignored. It may be common sense, but devices in discoverable mode are especially vulnerable as they get easily identified with tools such as BTScanner that send repeated page request messages to all Bluetooth devices within range.

What's the take-away here? Keeping Bluetooth devices non-discoverable is still good practice, but it won't stop attackers. They are able to send con request messages to every common BD_ADDR prefix or OUI until the full BD_ADDR is known. Either that, or they can use a list of common BD_ADDR prefixes that lets an attacker test all known Bluetooth OUI values in less than 2 minutes. Ultimately, Bluetooth is best left switched off unless you're using it to pair a device or transmit information.

source: SANS Tech Institute via MakeUseOf

ALSO READ

Grab Surfshark VPN now at more than 50% off and with 3 extra months for free!

Secure your connection now at a bargain price!


We may earn a commission if you make a purchase

Check Out The Offer
https://s-cdn.phonearena.com/images/nothumb_user_300x300.png
Luis D. Former Tech News and Features Writer
Luis D. has a multitude of news, features and review articles written for PhoneArena. He adeptly demystifies complex technology topics, such as the development of advanced materials for bendable device displays and the evolution of chipset manufacturing.
Loading Comments...

Latest Discussions

You cannot count on Samsung to repair their phones

by ourslander • 5

Hypothetical Which Phone Would You Choose

by TBomb • 9

Stop Playing

by Doug Fresh 123 • 5
Start Discussion View All

Recommended Stories

Popular stories

Everyone can get a free Galaxy Z Flip 7 from T-Mobile with or without a trade-in and minimal effort
Everyone can get a free Galaxy Z Flip 7 from T-Mobile with or without a trade-in and minimal effort
T-Mobile is desperately trying to stop its users from leaving with better-than-ever retention offers
T-Mobile is desperately trying to stop its users from leaving with better-than-ever retention offers
Past Pixel problem resurfaces again creating chaos in users' lives
Past Pixel problem resurfaces again creating chaos in users' lives
T-Mobile expected to face tough times ahead, lag behind AT&T, Verizon
T-Mobile expected to face tough times ahead, lag behind AT&T, Verizon
I'm a bargain hunter, and I think the Pixel 9 Pro is a must-have at its lowest price this Prime Day
I'm a bargain hunter, and I think the Pixel 9 Pro is a must-have at its lowest price this Prime Day
Ex-Verizon rep spills the best time to call your carrier and get results
Ex-Verizon rep spills the best time to call your carrier and get results

Latest News

I’m a big fan of the JBL Endurance Peak 3 for workouts—and at 40% off this Prime Day, they’re a steal
I’m a big fan of the JBL Endurance Peak 3 for workouts—and at 40% off this Prime Day, they’re a steal
The iPhone has become awful at photography as of late
The iPhone has become awful at photography as of late
Apple’s S Pen alternative might work with iPhone, MacBook Pro, and even Apple Watch
Apple’s S Pen alternative might work with iPhone, MacBook Pro, and even Apple Watch
The budget-friendly Galaxy Tab S6 Lite (2024) is an epic bargain at 43% off this Prime Day
The budget-friendly Galaxy Tab S6 Lite (2024) is an epic bargain at 43% off this Prime Day
I'm a bargain hunter, and I think the Pixel 9 Pro is a must-have at its lowest price this Prime Day
I'm a bargain hunter, and I think the Pixel 9 Pro is a must-have at its lowest price this Prime Day
The Pixel Tablet plunges in price for Prime Day
The Pixel Tablet plunges in price for Prime Day
FCC OKs Cingular\'s purchase of AT&T Wireless