Millions of SmartPhones Privacy at Risk Due to Leaky Bluetooth

While its great to have a smartphone and fitness tracker to keep up-date-date with your latest workout habits, these products may be having an adverse effect and actually be putting you risk, but not your health, this time your privacy.

Researchers from Context security firm have discovered that devices utilizing Bluetooth Low Energy (BLE) technology, such as iPhones and their endless fitness tracker addons, were able to be tracked and pinpointed just shy of 100 meters away.

Context senior security researcher, Scott Lester, said many people wearing these fitness devices are unaware they are broadcasting their location in real time and are often attributed to a unique device, putting privacy further at risk.

“These devices, in their normal operation, broadcast constantly,” Lester wrote in a blog post Thursday. “The range is supposed to be around 100m in an open area, but as mentioned in the above previous research (albeit for regular Bluetooth), and from what we’ve seen in surveying for devices, devices can be detected at a greater range due to anomalies affecting RF propagation such as ducting. As mentioned about, the random MAC addresses are still largely fixed.”

Researchers identified that electronics making use of cheap hardware make it entirely possible to identify and locate users specific device within 100 meters of it. Lester noted affected devices could belong to a variety of personnel including celebrities, politicians or high-powered business executives.

Such information could be a gold-mine for social engineers or intelligence agencies anticipating an attack, knowing the physical movements of individual people. Information could be highly valued by stalkers, assassins, intelligence agencies or just about anyone wishing to know the exact location and movement of targeted devices.

To identify what apps were leaking this data, the firm developed a sniffing app called RaMBLE, that scans, detects and logs wearable technology and their signals emitted aiding track you. The app, which identifies all Bluetooth enabled devices, logs signals transmitted from the device through a £30 (roughly $45) development dongle.

One researcher using RaMBLE managed to request and successfully identify data from almost 150 different devices within just a half an hour. Devices emitting the data included fitness trackers from Jawbon and Fitbit, alongside the iPhone, which currently utilized BLE for its iBeacon technology, a feature developers can enable in iOS apps to identify users location.

However, the company does note that hundreds of new devices still utilize BLE technology, including smartphones running Androids latest 4.3, BlackBerry 10, Windows 8 and Windows 8.1.

The leak of information is presumably due to the fact that the MAC address doesn’t change in BLE-enabled devices, making it just that much easier to track. This is a privacy threat Apple only recently addressed in their iOS 8, revealing that iOS 8 devices would now randomize its MAC address every time it scans for open WiFi networks. Meaning open WiFi networks can no longer track iOS 8 devices throughout their network strictly based off of their MAC address.

Lester said that the countless time the firm collected data, packets also contained the device name the user had chosen. The device broadcasted ID’s such as ‘[brand name] smart watch #123‘, or ‘John’s Watch‘.

Lester said while the ability to track these devices does not present a current threat, the future could pose potential threats leading to users privacy being compromised.

Bluetooth SIG, the developers of the BLE technology have not yet responded for comment regarding the news.

Too pile on the bad news, the security firm believes that by 2018, more than 90 percent of Bluetooth-enabled smartphones come pre-packed with embedded Bluetooth BLE.