Bluetooth Vulnerability Could Allow iOS and macOS Devices Be Tracked and Identified

A security vulnerability in the Bluetooth communication protocol has the potential to allow malicious actors to track and identify devices from Apple and Microsoft, according to new research from Boston University that was highlighted by ZDNet.

Apple devices including Macs, iPhones, iPads, and the Apple Watch are impacted, as are Microsoft tablets and laptops. Android devices are not affected.

appledevicesbluetooth
As outlined in the research paper [PDF], Bluetooth devices use public channels to announce their presence to other devices.

To prevent tracking, most devices broadcast a randomized address that periodically changes rather than a Media Access Control (MAC) address, but the researchers have found that it is possible to extract identifying tokens that allow a device to be tracked even when this randomized address changes by exploiting the address-carryover algorithm.

We present an online algorithm called the address-carryover algorithm, which exploits the fact that identifying tokens and the random address do not change in sync, to continuously track a device despite implementing anonymization measures. To our knowledge, this approach affects all Windows 10, iOS, and macOS devices.

The algorithm does not require message decryption or breaking Bluetooth security in any way, as it is based entirely on public, unencrypted advertising traffic.

The tracking method explained in the research paper has the potential to allow for an identity-exposing attack that allows for "permanent, non-continuous tracking," plus an iOS side-channel that "allows insights into user activity."

iOS or macOS devices have two identifying tokens (nearby, handoff) which change in different intervals. In many cases, the values of the identifying tokens change in sync with the address. However, in some cases the token change does not happen in the same moment, which allows the carry-over algorithm to identify the next random address.

Android devices do not use the same advertising approach as Microsoft and Apple, and are immune to the data tracking methods used by the researchers.

It's not clear if the method described has been used by any bad actors for the purpose of tracking Apple devices using Bluetooth, but it would be undetectable as it does not require breaking Bluetooth security. The research paper contains several recommendations on how to mitigate the tracking vulnerability, and Apple is often quick to patch any security issues that come up, so we could see a fix for this problem in the near future.

Top Rated Comments

Dirtfarmer Avatar
30 months ago
if the software is of such demonstrably low quality, it should be easy for you to prove it. let's hear your proof.

BTW: Nothing like Windows not loading on its own surface laptops, or Excel crashing while running on Windows, or...., or myriad android bugs allowing replacement of software. Fact: Bugs do exist
[LIST=1]
* Super ('https://apple.slashdot.org/story/19/07/11/151241/apple-disables-walkie-talkie-app-due-to-vulnerability-that-could-allow-iphone-eavesdropping')
* easy ('https://it.slashdot.org/story/19/07/11/0423244/apple-pushes-a-silent-mac-update-to-remove-hidden-zoom-web-serverhttps://it.slashdot.org/story/19/07/09/0521212/serious-zoom-security-flaw-could-let-websites-hijack-mac-cameras')
* to ('https://it.slashdot.org/story/19/06/29/0651212/new-mac-malware-abuses-recently-disclosed-gatekeeper-zero-day')
* prove ('https://apple.slashdot.org/story/19/06/15/0450239/cellebrite-says-it-can-unlock-any-iphone-for-cops'):
* How ('https://apple.slashdot.org/story/19/06/03/1957213/apple-finally-kills-itunes')
* many ('https://apple.slashdot.org/story/19/05/14/1938252/its-almost-impossible-to-tell-if-your-iphone-has-been-hacked')
* more ('https://it.slashdot.org/story/19/04/08/221253/exodus-spyware-found-targeting-apple-ios-users')
* do ('https://apple.slashdot.org/story/19/03/29/173216/macos-10144-mail-client-has-broken-gmail-access-for-some-users')
* you ('https://apple.slashdot.org/story/19/02/19/1722240/apples-newest-macs-seem-to-have-a-serious-audio-bug')
* want ('https://apple.slashdot.org/story/19/02/07/2046203/apple-releases-iphone-update-to-fix-group-facetime-eavesdropping-bug')?


That's just from a few months; not the most major clusters from, say, the last year or two.

The world outside of your echo chamber noticed a long time ago:

Score: 17 Votes (Like | Disagree)
matt_and_187_like_this Avatar
30 months ago
What's so difficult to long press/3d touch the settings icon and then choose WiFi or bluetooth and turn it off?
Not difficult, but annoying that it doesn't work in control center that way anymore. When I turn Wifi off I want to turn it off not "disconnect but still on".
Score: 11 Votes (Like | Disagree)
bbeagle Avatar
30 months ago
I am a little confused. Does this mean that if someone is following you and within bluetooth range (100 ft?), they can track you?
Non-continuous tracking.

For example, if you're in a Starbucks, you can find the 5 people (who have an iOS/MacOS device) that are sitting there's bluetooth ID .... now tape your device under a table tracking all these ids, you'll know when those 5 people return. Therefore you can 'track people' and their comings and goings by their devices. Of course, you don't know who those 5 people are, you'd have to monitor it in person, and then watch as they leave/enter to name these IDs to track person by person. (i.e. ID #1 is 'cute freckled girl', #2 is 'fat balding guy', etc)

It has been possible to track people via cell phone towers for a long time for iOS and Android devices.
Score: 10 Votes (Like | Disagree)
laz232 Avatar
30 months ago
What's so difficult to long press/3d touch the settings icon and then choose WiFi or bluetooth and turn it off?
Except that doesn't turn it off Apple changed that in iOS 11(?) - now it's in a disconnected-but-still-on mode. very annoying. Same problem when I travel. I use a VPN, but turn it, and wifi, off when I go to bed. If I turn Wifi "off" via control centre then it turns back on at 5am (without the VPN).

Great management on that one, Tim Cook and co...
Score: 8 Votes (Like | Disagree)
matt_and_187_like_this Avatar
30 months ago
iOS 13 reveals how many apps want to access Bluetooth. Really appreciate the new controls, but I wish Apple hadn't made turning off Bluetooth and Wifi so difficult in general. Never seems to turn off completely.
Score: 8 Votes (Like | Disagree)
MauiPa Avatar
30 months ago
Demonstrably low-quality software and decreasing-quality hardware.

Meaning increased margins and increased stock price!

Karaoke web series, watch bands, Doctor Dre headsets.

The sky's the limit!

#FIRETHEACCOUNTANT
if the software is of such demonstrably low quality, it should be easy for you to prove it. let's hear your proof.

BTW: Nothing like Windows not loading on its own surface laptops, or Excel crashing while running on Windows, or...., or myriad android bugs allowing replacement of software. Fact: Bugs do exist
Score: 8 Votes (Like | Disagree)

Related Stories

studio buds family

Beats Studio Buds Debuting Today With Active Noise Cancellation, Stemless Design, and More for $150

Monday June 14, 2021 8:00 am PDT by
We've seen a lot of teasers about the Beats Studio Buds over the past month since they first showed up in Apple's beta software updates, and today they're finally official. The Beats Studio Buds are available to order today in red, white, and black ahead of a June 24 ship date, and they're priced at $149.99. The Studio Buds are the first Beats-branded earbuds to truly compete with AirPods...
macos catalina legacy system extension alert

Apple Begins Warning Users That 'Legacy System Extensions' Won't Work With a Future Version of macOS

Wednesday March 25, 2020 9:53 am PDT by
Apple has shared a new support document that indicates kernel extensions — which it calls "legacy system extensions" — will not be compatible with a future version of macOS because they "aren't as secure or reliable as modern alternatives."System extensions are a category of software that works in the background to extend the functionality of your Mac. Some apps install kernel extensions, which...
General Spotify Feature

Spotify Pauses Plans to Add AirPlay 2 Support to iOS App [Update: Spotify Clarifies]

Friday August 6, 2021 9:07 am PDT by
See update at bottom of article Spotify this week confirmed that its plans to add AirPlay 2 support to its iOS app have been placed on indefinite hiatus. In an online discussion forum post, a Spotify representative said the streaming music service had been working on supporting AirPlay 2, but the company has paused the efforts "for now" due to "audio driver compatibility issues." The...
apple privacy

Apple Publishes FAQ to Address Concerns About CSAM Detection and Messages Scanning

Monday August 9, 2021 1:50 am PDT by
Apple has published a FAQ titled "Expanded Protections for Children" which aims to allay users' privacy concerns about the new CSAM detection in iCloud Photos and communication safety for Messages features that the company announced last week. "Since we announced these features, many stakeholders including privacy organizations and child safety organizations have expressed their support of...
youtube apple tv

YouTube Discontinuing 3rd-Generation Apple TV App, AirPlay Still Available

Wednesday February 3, 2021 3:09 pm PST by
YouTube is planning to stop supporting its YouTube app on the third-generation Apple TV models, where YouTube has long been available as a channel option. A 9to5Mac reader received a message about the upcoming app discontinuation, which is set to take place in March.Starting early March, the YouTube app will no longer be available on Apple TV (3rd generation). You can still watch YouTube on...
m1 macbook air

Kuo: Mini-LED MacBook Air Coming in Mid-2022

Thursday July 22, 2021 7:48 pm PDT by
Apple will release a new version of the MacBook Air around the middle of 2022, Apple analyst Ming-Chi Kuo said today in note to investors seen by MacRumors. The upcoming MacBook Air will feature a 13.3-inch mini-LED display, which would make it the second Mac to gain mini-LED technology after the 2021 MacBook Pro, which is rumored to include a mini-LED display and is expected to launch later ...
Apple Films Tom Hanks Finch First Look

Apple Original Film 'Finch' Starring Tom Hanks to Premiere November 5

Thursday August 12, 2021 8:52 am PDT by
Apple today announced that the original film "Finch," starring Tom Hanks in its titular role, will premiere on Apple TV+ on Friday, November 5 and shared a first-look image from the film. The first look at "Finch," shared by Apple. The film, which is anticipated to be an awards season contender, revolves around a man, a robot (played by "Get Out" actor Caleb Landry Jones), and a dog that form ...
whatsintheboxiphonexs

Apple's iPhone XS, XS Max and XR Won't Ship With Lightning to 3.5mm Headphone Jack Adapter

Wednesday September 12, 2018 12:58 pm PDT by
Since the headphone jack was removed from the iPhone with the launch of the iPhone 7, Apple has bundled iPhones with a Lightning to 3.5mm Headphone Jack Adapter for customers who continue to have 3.5mm headphones. With the launch of the iPhone XS, iPhone XS Max, and iPhone XR, Apple is discontinuing this practice and will not include the Lightning to 3.5mm Headphone Jack Adapter. On the...
macbook air m1 first benchmark

Apple Silicon M1 Chip in MacBook Air Outperforms High-End 16-Inch MacBook Pro

Wednesday November 11, 2020 4:43 pm PST by
Apple introduced the first MacBook Air, MacBook Pro, and Mac mini with M1 Apple Silicon chips yesterday, and as of today, the first benchmark of the new chip appears to be showing up on the Geekbench site. The M1 chip, which belongs to a MacBook Air with 8GB RAM, features a single-core score of 1687 and a multi-core score of 7433. According to the benchmark, the M1 has a 3.2GHz base...
iphone 13 teal with text

Apple Begins Preparation for iPhone 13 Production Ahead of Fall Launch

Monday June 28, 2021 3:29 am PDT by
We're just a few months away from when Apple is expected to reveal the 2021 iPhone, dubbed the "iPhone 13." In preparation for its launch, it has been pulling in shipments of different components needed to produce the new iPhones, according to a report from DigiTimes. In years past, Apple released its latest iPhone lineup, alongside a new Apple Watch, during a September event at Apple Park....