Bluetooth has long been believed to be insecure. No doubt you’re already aware that many devices use this wireless connection to do their bidding including smartphones, smartwatches, tablets, headsets, game controllers and more. When two devices are paired — such as a smartphone and smartwatch — it’s more than likely that sensitive information will be transmitted between the two. It stands to reason, that it’s entirely possible for resourceful hackers to pick-up this wireless transmission and collect some of that sensitive data. For example, text messages, important emails and even various alerts can contain very personal information. Someone could easily glean credit card numbers, addresses, purchase history and much more.
It’s not really a surpise then that a high-profile security firm is claiming Bluetooth can be hacked pretty easily. That means, smartwatches, smartphones and anything from the long list of Bluetooth powered devices is suspectible. In particular, researchers from the security firm hacked into an Android Wear smartwatch to prove their point.
Who Found the Vulnerability and How Does It Work?
Most smartwatches use a six-digit passcode or PIN in order to secure data being transferred between them and a paired Android smartphone. If you do the math, that means there are only a total of one million possible keys, one of which is used to lock down the Bluetooth connection. That’s a lot of combinations for a human to attempt, but hackers rarely do the work manually. The PIN can be found using a brute-force hack which involves using a software program or application that tries every possible combination until it gets one right.
Researchers with the renowned security firm Bitdefender, used a proof-of-concept hack to gain access to data being transferred from a Samsung Gear Live smartwatch to a connected Google Nexus 4 running the latest version of Android (L in a preview build). It turns out, they were successful by using a brute-force hack like the one mentioned above. Once they gained access, they were able to monitor any and all data being transmitted between the two devices.
That means, just as mentioned above text messages, emails, notifications and more can be monitored and recorded.
How Likely Is It That This Will Happen to Me?
Great, so our devices are insecure. What does this mean for the average consumer?
To be honest, this has all been common knowledge for some time now. The real question is whether or not a brute-force attack — like the one Bitdefender pulled off — is likely to happen in the wild? It’s entirely possible yes, but not likely at all.
There’s one huge problem with the whole thing, in order to gain access the attacker must remain within the appropriate vicinity. Sure, it’s possible for someone to hop into a white unmarked van and follow you around, but the chances of that happening are probably slim to none. It also means that in order for the hacker to gain sensitive information, it has to be shared between the two devices at the exact moment they are monitoring the signal. If you move out of range, or they’re working on gaining access when it happens then they’ll have no luck.
Furthermore, there are plenty of other ways that a hacker could gain access to your information. That is to say, plenty more readily accessible and easier routes to take. They’ll be using some of these other methods to access your personal and sensitive data, before they try to patch in through a local wireless Bluetooth signal.
Is This Vulnerability Exclusive to Android Wear Smartwatches?
Bitdefender used a couple Android Wear devices to perpetrate their hack, which could imply that it’s a problem exclusive to the Android powered lineup. That is not true at all. In fact, the problem exists with the Bluetooth LE protocol as a whole.
The Bitdefender security expert that demoed the issue says that a “6-digit pin can easily be brute forced using available tools.” In reference to the Android Wear device, he’s saying that an attacker could easily gain access, yet he fails to acknowledge the rather serious limitations for doing so.
After gaining access to the test device, he then peeks at a Google Hangout message that had been sent in a plain text within the encrypted data. He further explains that the type of obfuscated algorithms used are “not at all that difficult to decrypt.”
You also have to take into account that this guy is from a security firm. This is a company that makes their money by instilling fear in their customers, and then selling them software and applications that keep them protected. In most cases, the software is nothing more than a placebo yet many consumers fall into the trap of believing its necessary.
If you’re interested in seeing how the analyst hacked into the device(s) and obtained the plain text message, check out the video included below.
How Can This Be Prevented or Fixed?
This information is not surprising, after all we are talking about a wireless signal here which by all rights is vulnerable for that reason alone. There are several ways that manufacturers and developers can go about fixing all this, some of which would inconvenience consumers and device owners. For example, a workable solution would require a password to be entered on both smart devices before they can be paired to one another. In turn, this would prevent third parties from patching in and gaining access to the wireless connection. Keep in mind, the hacker must also have the pairing link-key used between the two connected devices to gain access to the signal.
As an alternate method that’s less intrusive for the rest of us, manufacturers could also use NFC to pair two devices exclusively. Unfortunately, that requires an NFC chip — read, hardware — to be installed in both devices being connected which would mean a higher price tag in most cases.
Hell, developers could even layer on a second encryption method over their signal transfer. For example, that would mean the Bluetooth connection is encrypted and the data being transferred is also encrypted, leaving multiple layers. Again, encryption does not necessarily prevent access to sensitive data but it will slow down hackers and make their job more difficult — hopefully making them second guess the attempt.
Long story short, there are ways to prevent and secure these devices from some of the more inconsicious folks out there. Just because a security firm is crying wolf, does not mean you should avoid these devices completely. It’s just something to keep in mind while you’re using them, and until the vulnerability can be fixed.
Should I Steer Clear of Android Wear Smartwatches and Other Bluetooth Enabled Devices
There’s no reason to panic, and no reason to throw your phone over the bridge. The likelihood of someone patching in to an active Bluetooth connection is very small. Even if they do gain access they need to remain close enough to keep their connection open, and they have to be monitoring at the time you send the sensitive data. There is no backlog of data included in the wireless signal itself. Some of you more tech savvy folks may scoff at that last statement, but it’s a relevant point nonetheless.
You can keep right on using your Android Wear smartwatch — or alternate brand device — without fearing of being hacked. That said, just keep in mind the vulnerability exists and that means you should try to avoid sending extremely private information via a wireless Bluetooth signal. This is easily done, as you can avoid discussing credit card numbers, addresses, social security numbers and more. If you need to share such information — which you should never do over a remote connection anyway — then just disable the Bluetooth connection temporarily and send the data direct.
We’re not saying there are no security risks with using such devices and connections, we’re just saying you have to weigh the true pros and cons of using them.