LCD Display Inverter

Researchers have disclosed a Bluetooth security flaw dubbed BIAS that could allow attackers to spoof remotely paired devices.

As a wireless communication widely used in billions of devices. The Bluetooth (BR/EDR) standard includes a traditional authentication process and a secure authentication process. If two Bluetooth devices are to establish an encrypted connection, they must be paired with each other using a link key.

But once two bluetooth devices are successfully paired and connected, next time they can reconnect without going through the pairing process. BIAS attacks take advantage of this, affecting billions of Bluetooth devices.

A and B are two normal bluetooth devices that have ever established a connection. Then, the attacker’s attack target is selected as B. At this time, he only needs to know the Bluetooth address of A, and then takes out a device to pretend to be A, which we call A’.

When A’ appears within the wireless range of B, and pretends to be a device A that only supports unilateral authentication, the vulnerability will be activated, A’ cheats, and successfully establishes a connection with B, and possibly after the attack is successful, Use B devices to obtain relevant permissions, transfer data, etc.

According to the report, this vulnerability affects Bluetooth basic rate/enhanced data rate, among which iPhone8 and above, 2017 MacBook devices and above, and 2018 iPad models and above are also vulnerable. Experts tested as many as 30 Bluetooth devices and found that they were also vulnerable to BIAS attacks.

Finally, BIAS was the first to be discovered to be related to Bluetooth secure connection establishment authentication, adversarial role switching, and secure connection degradation, and because establishing a Bluetooth secure connection does not require user interaction, the attack is stealthy and more harmful.

Although the Bluetooth Special Interest Group (SIG) has updated the Bluetooth core specification to mitigate this vulnerability, caution is still required, and follow-up attention should be paid to whether manufacturers such as Apple will release firmware or software patches to cooperate with the repair measures.