Bell Labs Researchers Spot Bluetooth Insecurities 61
Kyobu writes: "There's an article by John Markoff in [Saturday's] New York Times about insecurities in Bluetooth. The defects allow eavesdropping and caller identification." Markus Jacobson and Susanne Wetzel, both of Bell Laboratories, discovered weaknesses in the key exchange protocol currently implememented by Bluetooth. From the article: "The researchers are suggesting that the Bluetooth standard be altered so that the identity numbers are masked by a constantly changing pseudonym when transmitted." Considering the ubiquity many people expect Bluetooth devices to achieve, perhaps it's a good thing that this kind of attention starts early rather than late. (Complete with gratuitous Bruce Schneier quote.)
Re:It's Not Surprising... (Score:1)
Cross platform virii (Score:1)
Re:Bluetooth can o' worms (Score:1)
The chief difference between a cell phone and your home phone is the 'wireless' part. The phone network always knows where to route your home phone calls to because they only need to get to their end of the wire.
For you to receive information from any kind of network, you need to broadcast your location. It's done automatically because many devices, cell phones in particular, might as well be off if their not primed to receive.
It would be nice to be able to turn off the broadcast on things like PDAs, kind of a 'stealth mode'. Or better still, have it constantly listening with a ruleset for broadcasting defined by the user.(e.g. only broadcast on work/home network). Again this would only be useful for things that do more than two way communication.
--
Bluetooth is Insecure (Score:2)
Now we get to watch them backpedal and spin while the techs scramble to kludge some kind of security into the protocol.
What would be better would be if someone started over FROM SCRATCH and designed a new wireless protocol, with security in mind from square one.
--
Re:Interesting hole, but... (Score:1)
That's an advantage IrDA has over Bluetooth -- IrDA devices beam data in about a 30-degree cone with a range of roughly one meter. It's hard to intrude on a conversation over IrDA.
Bias/Plug: Synchrona has released a Java implementation of IrDA (parts of it, more to follow) to sourceforge.net/projects/jred [sourceforge.net].
About the Bluetooth attack (Score:3)
Somebody suggested that since Bluetooth is a broadcast protocol, it cannot be secure. That is not quite fair. First of all, it is known how to make key establishment protocols secure against an adversary who sees all transcripts, and it is known that the man-in-the-middle attack can be avoided by means of certification and other public key methods - which can be run on the application layer to enhance the security of the Bluetooth key exchange. (This is not the same as saying that it will practical, or econimically feasible for a product like Bluetooth to imcorporate such methods.) On the other hand, some security is better than none - as long as everybody understands exactly what "some" means.
The second attack allows an attacker to recognize and locate Bluetooth devices, whose identities can be linked to user identities by means not related to Bluetooth. This could allow companies to determine where competitors' CEOs are travelling (by bugging airport gates, for example), and may also allow for quite nasty types of blackmailing (starting, for example, by determining what politicians frequent what establishments.) While it does not appear that this problem can be remedied on the application layer, the use of pseudonyms, as noted in the Times article, can disassociate user sessions from each other, and would avoid these problems.
One should therefore be hopeful that appropriate changes are made, and that a careful analysis of the de-facto standard results in an improved product that is safe for both individuals and society.
The Bluetooth specs are available at
http://www.bluetooth.com
Markus Jakobsson's homepage is
http://www.bell-labs.com/user/markusj/
Susanne Wetzel's homepage is
http://www.bell-labs.com/user/sgwetzel/
Re:New technology (Score:3)
/. supporting the writing of John Markoff (Score:1)
--
There is Bluetooth security research (Score:3)
On page 149 of the Bluetooth 1.0b spec it says... (Score:2)
It's no great surprise that the identity of a Bluetooth tranceiver can be discovered.
Gotta laugh... (Score:1)
Problems like security holes in private and public companies pop up, and at Slashdot, a thousand-million geeks all come up with the solutions --> for FREE.
Hey I don't wanna sound like a troll, but when are these companies going to send us all on a pizza night?
Re:Well, one good thing (Score:1)
Re:On page 149 of the Bluetooth 1.0b spec it says. (Score:1)
Cheers,
Markus
http://www.markus-jakobsson.com
There is no brick wall 10 metres away! (Score:2)
This was exactly the point Bruce Schneier was making, which a lot of people seem to have missed: if you can pick up transmissions from a monitor from outside a building, just how much easier will it be in a bluetooth environment, where the devices are _intended_ to be transmitters.
To make it worse: they are using PINs... (Score:3)
However, this will probably be RARE, to say the least. A lot of devices, like the Blue Tooth ear phone/mic for your mobile will have a hard to modify (from a user point of view) fixed pin.
By default a lot of devices will be shipped with pin codes of 0000 or 1234 or whatever. Most users will not change that PIN, or when they do choose something like 1111...
In an automated world, 10000 tries (5000 on average) is not much. It won't take long before someone writes a Palm-Blue Tooth scanner.
Even if some people are a bit more sensible and change their PINs to 8 digits (or even the maximum of 16) this will leave a LOT of mostly unprotected devices. Just imagin, walking past someone's house, and you will be able to start the Blue-Tooth coffee machine... Or better still, you see someone with the ear-mic thingie, you'll be able to whisper in his ear
Re:Well, one good thing (Score:1)
The problem with triangulation... (Score:3)
I mean if they have to be within 10 meters, they can just watch where you are going with their eyes (whoever 'they' are).
Re:That's the signpost up ahead. Next stop ... (Score:1)
Everyone has missed this boat!!! (Score:1)
Re:Oh really? (Score:1)
Sorry but I'm just too curious to know (no 8) if this kind of misspelling errors only comes from Americans or is common to any English speaking individuals (where English is the mother tongue).
Kill me but give me opinions.
Thanks
Does this really... (Score:1)
ANY sort of radio transmission can, with the right equipment, be intercepted. With enough subsequent effort, any such transmission, even if encrypted, can be decoded.
An example: Motorola likes to propagate the myth that the mobile data terminals used by a lot of cop-shops are "secure" simply because they're data terminals.
Well, guess what? All it takes to monitor MDT's is a good scanner, a PC with a sound card, free decoding software, and a couple of dollars investment in some cable and a connector or two. It's plain ASCII data... not in the least encrypted! Yes, it's packaged into a messaging protocol that the cop-shop's mainframe likes, but there's nothing alien about it.
What I'm getting at is that, unless a radio data channel is -known- to be tightly encrypted, one should not consider ANY wireless solution to be a secure channel.
Hmm (Score:2)
Susanne Wetzel [bell-labs.com] home page
The funny thing is, I can't find any papers on their sites (nor at Secure Systems Research Department [bell-labs.com]) at bell labs [bell-labs.com]
Calculated risk or paranoia? (Score:2)
Just how many hackers (or their equipment) could you get connecting to your fax machine within 10 meters from you? Calculate the probability and take measures. It does not apply if you are paranoid, though. In the latter case you'd eliminated every chance for anyone to crack your agenda/VISA/phone (and would be right, too).
Eriksson's main task now would be to clean out the errors and bugs (or even certain concepts) from their code and give the world something very secure. Besides, that's what the market wants, anyway. I wonder when they go opensource and ask Slashdotters for help...
Re:That's the signpost up ahead. Next stop ... (Score:1)
Dean Koontz: Demon Seed
or something like that. ISTR a film called "electric dreams" too.
Re:Interesting hole, but... (Score:1)
Bluetooth can o' worms (Score:4)
Obviously you will be able to set allowed access rules on the individual device, but can you hide the fact that you're carrying a Bluetooth device altogether?
To be useful for local-area communications (messaging across a classroom, for instance) the device would have to be as openly addressable as a telephone number. The difference being that, unlike a cellphone, the device itself automatically broadcasts that addressability (its phone number, as it were), which makes unwanted communications more of a risk. For instance: you're driving down the highway and some jerk cuts you off. You check your PDA and sure enough he's got a Bluetooth device in range. So you flame him! Far better than shaking your fist, huh?
Does anyone know what's being done to balance the privacy issue with the comminucations need for open accessibility?
Feelings about this Article (Score:4)
1) This is a protocol issue. It's basically saying that in the current form of the protocol, a machine's identity could be marked. Big deal. This is a completely new technology which is still being developed. When holes are discovered in technologies in wide use, there's a problem. When they are discovered in a yet-to-be released product, the problems can be fixed. Bruce is premature in his attack on Bluetooth.
2) Kudos to the Lucent team who discovered the problem. Not only did they search and find the problem, showing they are dedicated to this project and its security, but they told the world. It would have been all too easy to hide the problem and fix it, but they spread the word, even though the technology is not really in active use. This says to me again that they are dedicated to fixing the problems and keeping Bluetooth secure, which makes me more interested in using it. I'm not paranoid, nor do I feel like I'm a particular target for espionage, however, I enjoy my freedoms just as much as anyone else, including my right to privacy, and if Lucent and the rest of the developers are working to make sure I continue to enjoy that privacy, I'm just a little bit happier. Congratulations to the Lucent team and keep up the good work.
Re:It seems likely that (Score:4)
Joe User cares when his identity is stolen and his bank account is wiped
yes, but he won't blame the technology. he'll know from the media that evil hax0r5 are to blame. and legislation to require licensing of all internet access tools and regulations to control internet content will have won a new lifelong supporter.
"I will gladly pay you today, sir, and eat up
Re:Well, one good thing (Score:2)
Oh really? (Score:3)
I posted about this a while back on slashdot and the implications of a network to track bluetooth devices, but know one seemed to be interested Do you always have a cell phone on you? Bluetooth negotiations are automated. Imagine a scenario of a building filled with bluetooth devices in certian locations like doorways ect. Every person carrying a phone has a unique identifier and could be tracked room to room in the building. You can take this to any level you want, I think it is pretty scary to say the least. As each person becomes networked, I'd say with almost any wireless scheme, not just bluetooth, there will be ways of tracking the devices. Triangulation comes to mind as a last resort, cell phone tracking ect. It's becoming easier and easier to do...
Isn't security outside of it's domain? (Score:4)
There are some subtle security issues since you can control the physical security of an ethernet lan and anyone can jack in to a bluetooth simply by walking in to range.
Not that scary. (Score:2)
Everyone, calm down (Score:1)
Ummmm... (Score:3)
Re:It a broad cast protocol (Score:2)
Basically, the guy says "Oo! Radio waves! Anyone with a paperclip and a sheet of aluminum foil can listen to radio waves! The sky is falling! And i don't know *ANYTHING* more about it!"
The problem of securing data that will be heard by unwanted recipients is very, very old. It may surprise you to learn that your connection is no more secure through an ethernet hub than it is over a bluetooth link.
Or honestly, any information that's transmitted over the internet. Traceroute to something. Every host it lists between here and there can snoop your connection.
The problem is not in the encryption per se, but how it exchanges keys. This can be fixed.
Sure, no data transmission protocol is ever truly 100% secure. But there's "somebody maybe might find a way to get the inverse of my public key" and then there's "Any scriptkiddie can flip their device into promiscuous mode and have all the data fly into their lap."
A lot of people argue that mediocre encryption systems give people a false sense of security. In a mission critical operation, this is true, you shouldn't trust it just because it's not cleartext. But for me, for personal use and casual corporate use, I'll take any system that's difficult to snoop over any other system that's flat out easy to snoop. Wouldn't you?
Link w/o password (Score:1)
Re:On page 149 of the Bluetooth 1.0b spec it says. (Score:2)
1) The "MMI" interactions take place on the local device. There is reason a user can't see his own BD_ADDR.
2) Bluetooth units can ONLY be inquired if they are in Inquiry Scan mode. If some developer wishes his device to do this all the time then so be it, but this is NOT a requirement of the Bluetooth spec. In fact a device may never be inquired but could still be connected to.
Re:Feelings about this Article (Score:3)
Go back and read the first part of the quote you excerpted, then -- it's where he said that it's a peer-to-peer system where the devices don't actually know each other up front.
To anyone who's built secure systems, that pretty much says it all. Where is the "trust" in the system supposed to come from? Consider GPG as an example (the safe version of PGP :-). You don't accept keys from just anyone, or shouldn't; you accept keys from people you have some out-of-band knowledge about. Secure key distribution is a well known problem, with many solutions, but if there is by design no up-front physically secure bootstrapping system (no, trusting the device vendor isn't good enough in the least!) then the overall system has major problems passing the first milestone in the "can it be trustworthy" contest ... MAJOR problems.
What's worrisome about this stuff is that bluetooth is being rushed to market (or as you put it, "fixed") with undue haste. These folk found a couple nontrivial problems. Their corporate parents would shoot them if they talked about the real risk this raises: that the various other bugs, as-yet unfound, could easily be much worse.
Of course, on the flip side of things if you expect that any widely available technology getting regulatory approvals from governments isn't automatically full of security holes for the benefit of folk like the FBI (or more to the point, the ever-untrustworthy LAPD) ... you're really not living on Planet Earth, Year 2000.
Re:Cross platform virii (Score:2)
//rdj
Re:Calculated risk or paranoia? (Score:2)
Anyway:
Just how many hackers (or their equipment) could you get connecting to your fax machine within 10 meters from you?
I agree. Unless they're crouching in the broom closet, this hypothetical malicious hacker would have a hard time getting into your local bluetooth net. But a thought occurs to me(experts in this field, corect me if it's implausible): what about piggy-backing a signal? Say I want to get into an bluetooth handheld sitting on someone's desk in an office building. I get into a laptop two floors down over the 'net, then use its bluetooth chip to access its owner's mobile phone. From there I go up a floor to a printer, through a fax machine, and up into the aforementioned handheld. Granted, this is abit convoluted, and requires all the parties involved to stay in one place, but is it feasible? Could you write a program to seek out a route to any bluetooth unit, and more importantly, could you go through bluetooth unit like that without the owner's knowledge?
-J
Re:To make it worse: they are using PINs... (Score:1)
Um, if you make that "her", it could actually be quite interesting!
Schneier's Take on Bluetooth: Tempest, Closed Code (Score:4)
Schneier's 8/15 Cryptogram newsletter [counterpane.com] touched on these issues weeks ago.
Namely, if capability like the US government's Tempest technology (reads electro magnetic pulses, CRT, keyboard radiation, etc. - spy craft stuff) is available, it's a matter of time before such tactics are _readily_ used on commonplace bluetooth devices doing private or delicate matters in public. After all, reading your OpenSSH-downloaded, and GnuPG encrypted email privately to yourself in the back booth might seem secure, but, what if a black hat type is capturing your radiating emissions quite easily? Illusory protection. Treat Bluetooth as a broadcast protocol, because that's what it is, says Schneier.
What amazes me is the dearth of information about the security of this protocol. I'm sure someone has thought about it, a team designed some security into Bluetooth, and that those designers believe it to be secure. But has anyone reputable examined the protocol? Is the implementation known to be correct? Are there any programming errors? If Bluetooth is secure, it will be the first time ever that a major protocol has been released without any security flaws. I'm not optimistic, continues Schneier.
Check out some of these articles on Bluetooth, and it's lack of discussion on it's possibly inherent security shortcomings.
Bluetooth [bluetooth.com]
A list of Bluetooth articles, none of them about security [zdnet.co.uk]
One mention of security [zdnet.co.uk]
An essay about the Bluetooth hype [idg.net]
Recent article on TEMPEST [zdnet.com]
Me pican las bolas, man!
Thanks
Re:Cross platform virii (Score:1)
Re:Does this really... (Score:2)
Re:Calculated risk or paranoia? (Score:1)
Switch It Off (Score:1)
I agree with Perdo's comment about important information that should be stored offline. With the exception of some high-grade encryption algorithms currently in the possession of the NSA, it is remarkably easy to eavesdrop on somebody's Internet communications.
Anyone see Tom Cruise explaining the Langley supercomputer room in Mission: Impossible? It's on a stand-alone. No modem access. If there's no modem access then there's NO FUCKIN WAY that you can pull something off that computer. Even if you reconstructed the radio emissions from the screen into another computer (which can be done I might add) you'd have to be at least a few feet away. By then (provided your security personnel have at least half a brain between them) your datathief would already be out the door and into a jail cell.
So if it's important or confidential, store it offline.
Re:Calculated risk or paranoia? (Score:1)
There is already an opensource Bluetooth driver (for Linux) available over at www.developer.axis.com [axis.com]
Re:Oh really? (Score:1)
As for other English speaking countries, they DO share a common brain, and therefore their attempts at written communication are a) redundant and b) prone to spelling errors. That's why we left Britain in the lurch.
(it's a joke, people. Take a deep breath.)
I can't wait to get started... (Score:1)
Of course, once you start using Bluetooth on a regular basis then your usage patterns can be established, and simply turning all the transmitters off can be viewed as a suspicious act, pinpointing times and locations that bear further investigation. To this end, I figure there might be some use for a Bluetooth emulator, complete with changable ID numbers, that sits around your office and makes traffic for you while you are out ;-).
I figure these are going to be expensive, and I will make sure they arrive in a plain brown wrapper.
It seems likely that (Score:1)
Interesting hole, but... (Score:2)
Just off the top of my head, they could use an algorithm based off of the user ID characters, the date, the time, or practically anything else.
Also, the problem with dropping a bug in a cybercafe could be resolved by making the transmission more tight-beamed. This might increase the amount of radiation output slightly, as it will require more energy to focus the transmission beam, but it could be worth it. Basically, you'd end up having to place the 'bug' in precisely the right spot to catch a transmission.
Kierthos
no registration link (Score:1)
Re:It seems likely that (Score:1)
Well, one good thing (Score:1)
P.S. - \/\/ Hit that link
Re:It seems likely that (Score:2)
Joe User cares more about whizbang features than security.
Joe User cares when his identity is stolen and his bank account is wiped
1Alpha7
New technology (Score:1)
That's the signpost up ahead. Next stop ... (Score:3)
I'm skeptical... (Score:1)
It a broad cast protocol (Score:3)
Damn! (Score:2)
If people keep going around fixing things before they become problems, what are the scriptkiddie haxxors of tomorrow gonna do to keep themselves busy?
Problems in protocols, analysis (Score:5)
A little known fact in the general computing public is that problems in secure communications lie more often in the communication protocol than in the encryption primitives.
There are some classical attacks:
It is possible to prevent those attacks by clever design of the protocol. For instance, the use of old keys can be prevented by some "nonce" numbers (generated once) or some clock data.
It is very difficult to analyse protocols and prove them correct.
First, a formal model of the protocol, its environment and what it means for it to be correct. This is nontrivial, since some models may just ignore some kinds of attacks.
Then the protocol must be proved correct with respect to the formal specification. Alas:
I have made some research on these topics [di.ens.fr]. For more information, see for instance Jon Millen's page [sri.com].