Yuck! Bluetooth is horribly insecure (episode #2913)

Here we go again: Yet another critical security bug in Bluetooth.

This time, we learn the latest 4.2 and BLE standards were badly written. So just about every implementation fails to properly validate encryption parameters, so a nearby malicious actor could break into a pairing exchange and steal the keys.

When will we learn? In this week’s Security Blogwatch, we can’t wait for the next Bluetooth fail.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Metrication 

State of Security Operations 2018

King Harald fails again

What’s the craic, Catalin Cimpanu? Many Bluetooth Implementations and OS Drivers Affected:

[Most] Bluetooth-capable devices do not sufficiently validate encryption parameters. … Pairing devices do not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange.

[It] may allow a remote attacker to obtain the encryption key used by a device and recover data sent between two devices. … Both the Bluetooth … "Secure Simple Pairing" process and Bluetooth LE's "Secure Connections" pairing process are affected.

The Bluetooth Special Interest Group (SIG) … has now updated the official Bluetooth specification to require that all pairing devices validate all parameters.

Apple, Broadcom, Intel, and Qualcomm have confirmed that Bluetooth implementations and OS drivers are affected [and] have deployed fixes … for CVE-2018-5383. [They] should be expected as OS updates … driver updates … or firmware updates.

What should you do? Thomas Fox-Brewster cunningly urges you to Update Your iPhones And Androids Now:

[This] potentially serious vulnerability … could lead to leaks of private data from … smartphones and PCs. Patches are being made available, so concerned users should update where they can. Millions, if not hundreds of millions or billions, of devices are likely affected.

[It] means that a hacker who is within Bluetooth range of an affected device could get the keys needed to reveal what’s supposed to be encrypted data “with high probability,” the U.S. CERT said. … In the worst case scenario [it] could include security codes such as those used in two-factor authentication.

Which mischief-makers discovered this one? Eli Biham and Lior Neumann snappily call it a Fixed Coordinate Invalid Curve Attack:

[The] attack provides a new technique for attacking the Bluetooth pairing protocol by manipulating specific messages. [It] relies on … protocol design flaws.

[Windows is] "not affected" because Microsoft implements an old version of the standard, which is even less secure. … Google's [Android and ChomeOS] patch was included in their June 2018 update.

Almost any device, including smartphones and headsets of all types, are affected. In addition, the Android Bluetooth stack (Bluedroid) is affected when using Bluetooth smart. … The Windows Bluetooth smart stack did not implement the latest Bluetooth smart protocol and is therefore still vulnerable to older and simpler attacks.

In order to exchange secret information over a public channel Bluetooth uses [an] elliptic-curve. Due to insufficient validation an attacker could send an "invalid" point, which does not satisfy the mathematical properties of the elliptic-curve. By leveraging this phenomenon the attacker can compromise the secrets.

Naturally, Richard Chirgwin snarks it up:

Fixes are needed. … We're guessing for random small-time Bluetooth gizmos, it won't be very easy to prise an update out of the vendors.

What, me worry? 78910 does:

This sounds like it could affect Bluetooth keyboards — them things that people use to type passwords with.

As does this Anonymous Coward:

Many years ago now, I went to a conference. The CISO of a very large regulated company was … giving a presentation.

Anyone senior with access to business-sensitive information at his organisation was "strongly cautioned" against using Bluetooth accessories on business communications. [He] made a good case for the decision and cited a number of published vulnerabilities as well as some of their own internal research.

He summed it up neatly: … "You are paying hardly anything for these cheap mass-produced accessories. That should start ringing alarm bells. … Then you start considering the small package size, limited components, battery life, etc. and I will let you come to your own conclusions."

And this one:

Bluetooth never worked well. … Bluetooth is, was, and will remain completely unfit.

It was half baked and should not have been released. … It sucks batteries dry like a vampire and forgets everything like an old man with dementia.

Oh it has security flaws on top of low battery life and connectivity issues? Well color me shocked.

All of which reminds your humble blogwatcher of last week’s topic. Yubico’s Stina Ehrensvard unlocks The Key to Trust :

As the principal inventor behind both the Security Key and U2F protocol, we are true supporters of open standards.

Over the past several years, Google has deployed hundreds of thousands of FIDO U2F-enabled Yubico devices internally with amazing results. Today, Google released their own version of a security key … not manufactured by Yubico.

Google’s offering includes a Bluetooth (BLE) capable key [which] does not meet our standards for security, usability and durability. BLE does not provide the security assurance levels of NFC and USB, and requires batteries and pairing that offer a poor user experience.

Yubico is a believer in NFC.

Meanwhile, yet another Anonymous Coward has a profound case of déjà vu:

I've had bluetooth off … since the first time I've seen this headline.

About 15 years ago.

The moral of the story? It’s high time we all disabled Bluetooth for sensitive devices.

And finally …

Why the heck doesn’t the US use the metric system?

You have been reading Security Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or sbw@richi.uk. Ask your doctor before reading. Your mileage may vary. E&OE.

Image source: Melanie Burger (cc:by-nd)

Topics: Security