Friday, October 19, 2018
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Micron Wants to Buy Remaining Interest in IM Flash Technologies to Advance the 3D XPoint Technology
YouTube to Sell Concert Tickets Through Music Videos
Apple Expected to Unveil New iPad and MacBook on October 30
Pioneer's New In-Ear Headphones Combine Styling With Sound Quality
Samsung Debuts the Galaxy Book2, an always on, always connected 2-in-1 PC With Snapdragon 850
Sony Releases the World's First 4-layer 128GB BD-R XL Disc
SoundCloud to Offer Access to Music Directly Through the DJ Software
Western Digital Releases New 3D NAND UFS Embedded Flash Drive For Connected Cars
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > Bluetoo...
Last 7 Days News : SU MO TU WE TH FR SA All News

Monday, July 23, 2018
Bluetooth SIG Patches Security Vulnerability


The Bluetooth SIG has updated the Bluetooth specification to correct a security hole of the Bluetooth technology that could be used for man-in-the-middle attacks.

Researchers at the Israel Institute of Technology identified a security vulnerability in two related Bluetooth features: Secure Simple Pairing and LE Secure Connections.

The researchers identified that the Bluetooth specification recommends, but does not require, that a device supporting the Secure Simple Pairing or LE Secure Connections features validate the public key received over the air when pairing with a new device. It is possible that some vendors may have developed Bluetooth products that support those features but do not perform public key validation during the pairing procedure. In such cases, connections between those devices could be vulnerable to a man-in-the-middle attack that would allow for the monitoring or manipulation of traffic. For an attack to be successful, an attacking device would need to be within wireless range of two vulnerable Bluetooth devices that were going through a pairing procedure. The attacking device would need to intercept the public key exchange by blocking each transmission, sending an acknowledgement to the sending device, and then injecting the malicious packet to the receiving device within a narrow time window. If only one device had the vulnerability, the attack would not be successful.

To remedy the vulnerability, the Bluetooth SIG has updated the Bluetooth specification to require products to validate any public key received as part of public key-based security procedures. In addition, the Bluetooth SIG has added testing for this vulnerability within our Bluetooth Qualification Program.

The Bluetooth SIG says there is no evidence that the vulnerability has been exploited maliciously and that is not aware of any devices implementing the attack having been developed, including by the researchers who identified the vulnerability.


Previous
Next
Huawei Wants to be the First to Launch a Foldable Smartphone        All News        MiiiW Mouse Pad Can Charge Your Phone
Alphabet Reports Strong Profit Despite Recent Google Fine     General Computing News      Google, Facebook, Microsoft, and Twitter Partner on New Data Project

Get RSS feed Easy Print E-Mail this Message

Related News
Bluetooth Gets Mesh Networking Capability
Bluetooth 5 Technology Brings Advancements In Terms Of Range, Speed And Capacity
Bluetooth 5 Quadruples Range, Doubles Speed, Increases Data Broadcasting Capacity
Bluetooth Technology to Gain Longer Range, Faster Speed
New Bluetooth Specifications Enable IP Connectivity, Deliver Privacy and Increased Speed
Updated Bluetooth 4.1 Adds New Usability Features
NFC And Bluetooth Groups To Promote Interoperability
New Toshiba Bluetooth IC Supports Two Communication Methods
Bluetooth Smart Ready Support for Android Coming Later this Year
New Wireless Chip Trasmits Data 1,000 Times Faster Than Bluetooth
NFC Forum and Bluetooth SIG Publish Developers Guide To NFC for Bluetooth Pairing
Bluetooth SIG Extends Bluetooth Brand, Introduces Bluetooth Smart Marks

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2018 - All rights reserved -
Privacy policy - Contact Us .