Bluetooth Vulnerability Could Allow iOS and macOS Devices Be Tracked and Identified

A security vulnerability in the Bluetooth communication protocol has the potential to allow malicious actors to track and identify devices from Apple and Microsoft, according to new research from Boston University that was highlighted by ZDNet.

Apple devices including Macs, iPhones, iPads, and the Apple Watch are impacted, as are Microsoft tablets and laptops. Android devices are not affected.

appledevicesbluetooth
As outlined in the research paper [PDF], Bluetooth devices use public channels to announce their presence to other devices.

To prevent tracking, most devices broadcast a randomized address that periodically changes rather than a Media Access Control (MAC) address, but the researchers have found that it is possible to extract identifying tokens that allow a device to be tracked even when this randomized address changes by exploiting the address-carryover algorithm.

We present an online algorithm called the address-carryover algorithm, which exploits the fact that identifying tokens and the random address do not change in sync, to continuously track a device despite implementing anonymization measures. To our knowledge, this approach affects all Windows 10, iOS, and macOS devices.

The algorithm does not require message decryption or breaking Bluetooth security in any way, as it is based entirely on public, unencrypted advertising traffic.

The tracking method explained in the research paper has the potential to allow for an identity-exposing attack that allows for "permanent, non-continuous tracking," plus an iOS side-channel that "allows insights into user activity."

iOS or macOS devices have two identifying tokens (nearby, handoff) which change in different intervals. In many cases, the values of the identifying tokens change in sync with the address. However, in some cases the token change does not happen in the same moment, which allows the carry-over algorithm to identify the next random address.

Android devices do not use the same advertising approach as Microsoft and Apple, and are immune to the data tracking methods used by the researchers.

It's not clear if the method described has been used by any bad actors for the purpose of tracking Apple devices using Bluetooth, but it would be undetectable as it does not require breaking Bluetooth security. The research paper contains several recommendations on how to mitigate the tracking vulnerability, and Apple is often quick to patch any security issues that come up, so we could see a fix for this problem in the near future.

Top Rated Comments

Dirtfarmer Avatar
37 months ago
if the software is of such demonstrably low quality, it should be easy for you to prove it. let's hear your proof.

BTW: Nothing like Windows not loading on its own surface laptops, or Excel crashing while running on Windows, or...., or myriad android bugs allowing replacement of software. Fact: Bugs do exist
[LIST=1]
* Super ('https://apple.slashdot.org/story/19/07/11/151241/apple-disables-walkie-talkie-app-due-to-vulnerability-that-could-allow-iphone-eavesdropping')
* easy ('https://it.slashdot.org/story/19/07/11/0423244/apple-pushes-a-silent-mac-update-to-remove-hidden-zoom-web-serverhttps://it.slashdot.org/story/19/07/09/0521212/serious-zoom-security-flaw-could-let-websites-hijack-mac-cameras')
* to ('https://it.slashdot.org/story/19/06/29/0651212/new-mac-malware-abuses-recently-disclosed-gatekeeper-zero-day')
* prove ('https://apple.slashdot.org/story/19/06/15/0450239/cellebrite-says-it-can-unlock-any-iphone-for-cops'):
* How ('https://apple.slashdot.org/story/19/06/03/1957213/apple-finally-kills-itunes')
* many ('https://apple.slashdot.org/story/19/05/14/1938252/its-almost-impossible-to-tell-if-your-iphone-has-been-hacked')
* more ('https://it.slashdot.org/story/19/04/08/221253/exodus-spyware-found-targeting-apple-ios-users')
* do ('https://apple.slashdot.org/story/19/03/29/173216/macos-10144-mail-client-has-broken-gmail-access-for-some-users')
* you ('https://apple.slashdot.org/story/19/02/19/1722240/apples-newest-macs-seem-to-have-a-serious-audio-bug')
* want ('https://apple.slashdot.org/story/19/02/07/2046203/apple-releases-iphone-update-to-fix-group-facetime-eavesdropping-bug')?


That's just from a few months; not the most major clusters from, say, the last year or two.

The world outside of your echo chamber noticed a long time ago:

Score: 17 Votes (Like | Disagree)
matt_and_187_like_this Avatar
37 months ago
What's so difficult to long press/3d touch the settings icon and then choose WiFi or bluetooth and turn it off?
Not difficult, but annoying that it doesn't work in control center that way anymore. When I turn Wifi off I want to turn it off not "disconnect but still on".
Score: 11 Votes (Like | Disagree)
bbeagle Avatar
37 months ago
I am a little confused. Does this mean that if someone is following you and within bluetooth range (100 ft?), they can track you?
Non-continuous tracking.

For example, if you're in a Starbucks, you can find the 5 people (who have an iOS/MacOS device) that are sitting there's bluetooth ID .... now tape your device under a table tracking all these ids, you'll know when those 5 people return. Therefore you can 'track people' and their comings and goings by their devices. Of course, you don't know who those 5 people are, you'd have to monitor it in person, and then watch as they leave/enter to name these IDs to track person by person. (i.e. ID #1 is 'cute freckled girl', #2 is 'fat balding guy', etc)

It has been possible to track people via cell phone towers for a long time for iOS and Android devices.
Score: 10 Votes (Like | Disagree)
laz232 Avatar
37 months ago
What's so difficult to long press/3d touch the settings icon and then choose WiFi or bluetooth and turn it off?
Except that doesn't turn it off Apple changed that in iOS 11(?) - now it's in a disconnected-but-still-on mode. very annoying. Same problem when I travel. I use a VPN, but turn it, and wifi, off when I go to bed. If I turn Wifi "off" via control centre then it turns back on at 5am (without the VPN).

Great management on that one, Tim Cook and co...
Score: 8 Votes (Like | Disagree)
matt_and_187_like_this Avatar
37 months ago
iOS 13 reveals how many apps want to access Bluetooth. Really appreciate the new controls, but I wish Apple hadn't made turning off Bluetooth and Wifi so difficult in general. Never seems to turn off completely.
Score: 8 Votes (Like | Disagree)
MauiPa Avatar
37 months ago
Demonstrably low-quality software and decreasing-quality hardware.

Meaning increased margins and increased stock price!

Karaoke web series, watch bands, Doctor Dre headsets.

The sky's the limit!

#FIRETHEACCOUNTANT
if the software is of such demonstrably low quality, it should be easy for you to prove it. let's hear your proof.

BTW: Nothing like Windows not loading on its own surface laptops, or Excel crashing while running on Windows, or...., or myriad android bugs allowing replacement of software. Fact: Bugs do exist
Score: 8 Votes (Like | Disagree)

Popular Stories

iPhone 14 Pro Purple Front and Back MacRumors Exclusive

iPhone 14 Pro Renders Highlight Multiple Design Changes

Wednesday May 25, 2022 8:56 am PDT by
Leaker Jon Prosser today shared ostensibly accurate renders of the iPhone 14 Pro, providing the most accurate look yet at what the device could look like when it launches later this year. In the latest video on YouTube channel Front Page Tech, Prosser revealed renders of the iPhone 14 Pro made by Apple concept graphic designer Ian Zelbo, highlighting a range of specific design changes...
iPhone 13 Always On Feature

iPhone 14 Pro Screen Refresh Rate Upgrade Could Allow for Always-On Display

Tuesday May 24, 2022 7:23 am PDT by
Last year's iPhone 13 Pro models were the first of Apple's smartphones to come with 120Hz ProMotion displays, and while the two iPhone 14 Pro models will continue to feature the technology, their screens could well boast expanded refresh rate variability this time round. To bring ProMotion displays to the ‌iPhone 13 Pro models‌, Apple adopted LTPO panel technology with variable refresh...
iPad Pro USB C Feature Coral

Deals: Apple's iPad Pro Reaches Up to $449 Off in Amazon's Latest Sales

Wednesday May 25, 2022 10:09 am PDT by
Amazon is marking down a wide variety of 11-inch and 12.9-inch iPad Pro models this week, with prices starting as low as $749.00 for the 11-inch tablet. You'll find the full list of sales below, all of which can be found on Amazon. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep...
apple account card

Wallet App Now Supports Apple Account Cards on iOS 15.5

Wednesday May 25, 2022 5:01 pm PDT by
Apple appears to have recently updated the Wallet app to allow users to add an Apple Account Card, which displays the Apple credit balance associated with an Apple ID. If you receive an App Store or Apple Store gift card, for example, it is added to an Apple Account that was previously visible in the App Store and Apple Store apps. As of today, the Apple Account balance can also be added to...
Apple Tap to Pay iPhone

Apple Stores Rolling Out iPhone-to-iPhone Contactless Payments Starting Today

Wednesday May 25, 2022 6:54 am PDT by
Apple in February unveiled a new "Tap to Pay on iPhone" feature that will allow compatible iPhones to accept payments via Apple Pay, contactless credit and debit cards, and other digital wallets, with no additional hardware required. Apple began testing the feature at its Apple Park Visitor Center earlier this month, and now Bloomberg's Mark Gurman has tweeted that the feature will begin...
apple wwdc 2022

Apple Shares WWDC 2022 Schedule, Keynote to Take Place June 6 at 10:00 a.m PT

Tuesday May 24, 2022 9:06 am PDT by
Apple today confirmed that the keynote event for the Worldwide Developers Conference will begin at 10:00 a.m. Pacific Time on June 6, the first day of WWDC. The keynote will be an online-only event, though a select number of developers have been invited to the Apple Park campus for a viewing event. In addition to confirming the keynote date and time, Apple has shared the full WWDC 2022...