Wednesday, September 13, 2017









TECH







Virtual padlock symbol with computer network

How to Check If You’re Exposed to Those Scary BlueBorne Bluetooth

The security research firm Armis Labs had identified massive vulnerabilities in the Bluetooth wireless technology that can allow attackers to take over people's devices, whether they be smartphones, PCs or even Internet of Things devices such as smart TVs and watches.
The "BlueBorne" flaws would allow a virus to leap from device to device, regardless of the operating system being used.
They can even allow attackers to access so-called "air-gapped" computer networks that aren't connected to the Internet, Armis warned Tuesday. Bluetooth-equipped devices do not need to be in discoverable mode, or paired with the attacker's device, in order to be vulnerable.
"These silent attacks are invisible to traditional security controls and procedures. Companies don't monitor these types of device-to-device connections in their environment, so they can't see these attacks or stop them," Armis CEO Yevgeny Dibrov said in a statement. "The research illustrates the types of threats facing us in this new connected age."
So, are your Bluetooth-equipped devices vulnerable? Armis told many of the affected tech companies about the flaws well before informing the public—an approach known in the industry as responsible disclosure—so they've had a chance to push out patches.
Not everyone has, though.
According to Armis, Google (googl, +0.36%) put out an Android security update last month and Microsoft (msft, -0.12%) planned a Windows update for Tuesday. The team working on security for the open-source Linux operating system was also targeting an update for Tuesday.
Apple (aapl, -0.78%) fans will be delighted to hear that the current versions of its software are not vulnerable. That means anything more recent than iOS 9.3.5 or, for Apple TV users, version 7.2.2 of the software for that device. iOS 10 is definitely OK, Armis said.
Samsung (ssnlf, +6.33%) fans will be less pleased to read this from Armis: "Contact on three separate occasions in April, May, and June. No response was received back from any outreach."
Those using non-Google-branded Android devices will just have to hope that the manufacturers issue security updates to keep them safe. Google automatically updates its own devices, such as the Pixel, but when it comes to the wider Android ecosystem, all it can do is make updates available to manufacturers and hope they relay them to their customers' phones and tablets.
Armis has released an Android app to help people check if they are vulnerable.
In short, install the latest updates for everything, and unless you're sure that your devices have been updated with a fix, it might be a good idea to turn off Bluetooth for now.



fortune.com





at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

  APPLE iPhone 17 Air Could Be The Thinnest iPhone Ever, But What About The Galaxy S25 Slim? It looks like we have a new smartphone trend in...

  • (no title)
    TECH In Memoriam: The Tech That Died in 2018 A bongo enthusiast once said, "time is a flat circle," which is a pretentious...
  • (no title)
      HONOR Model 60 Pro: Sparkling design and camera configuration confirmed by teaser image Honor is not due to unveil the Honor 60 series for...
  • (no title)
      OPPO New and unprecedented model Find X6 will debut with a huge photo sensor Oppo has a strong smartphone lineup lately, offering great fo...