Bluetooth is becoming more popular, but devices are an easy mark for potential attackers.
Robustness test results using smart model based fuzzing tools, 80% of all the tests against various Bluetooth devices find critical issues, according to a Codenomicon report. Every device failed with at least one test suite against a critical communication profile.
“Together with our partners, we have tested over ten different Bluetooth-enabled carkits this year,” said Ari Takanen, chief technology officer of Codenomicon, a security testing software provider. “We found critical issues in all of them.”
Bluetooth is particularly vulnerable against malformed input. Malformed input may cause Bluetooth device operation to slow down, or device may show unusual behavior or crash completely.
An attacker could use malformed input to gain unauthorized access to the Bluetooth device.
When vulnerabilities are in low-level communication profiles such as L2CAP, they do not get protection from the pairing process. An attacker can exploit these critical flaws without the user accepting or even noticing the connection.
So far, Bluetooth quality and security has not really been a problem. The experts felt pairing process and conformance testing should provide enough protection. Besides, Bluetooth applications have not offered access to confidential information so there has been little motivation to attack the Bluetooth interface.
However, Bluetooth is becoming more and more critical. Modern carkits and healthcare equipment use Bluetooth technology. When the number of critical applications increases, the importance of equipment robustness and reliability grows.
“Bluetooth is mostly used in consumer products and consumers tend to buy the cheaper rather than the best quality product. Unless customers require testing there is no requirement for the manufacturers to build secure code,” Takanen said.