Apple’s new Bluetooth security hole

Apple’s move to require Bluetooth headphones on the iPhone 7 could put devices at risk if users aren’t careful

Apple’s new Bluetooth security hole

When the iPhone7 ships, you’d best have your mobile device management (MDM) on the phone locked down. Apple’s self-described “courageous” move to warrant Bluetooth instead of wired headphone connectivity will give you nightmares. Part of the problem is the Bluetooth protocol itself; the other problem is that civilians leave it on and accessible. 

But you’ve already buttoned down all of that stuff, right? Like others in the tech press, I’ve taken out my Bluetooth analyzer and watched the count of responding devices in downtown Bloomington, Indiana, near the lab. It’s easy to do. 

+ Also on Network World: First Look: Apple’s new iPhone 7, iPhone 7 Plus +

So far, the count is under 200 in just under a lunch hour. That’s 200-plus devices publicly exposed in a university downtown on a Friday afternoon. Each device, mostly smartphones (also autos, ear stuff and a stove), was broadcasting its presence. I was reminded of a journey long ago: A group of researchers at a CeBIT tradeshow event in Hannover, Germany, attempted to gain access to a line of Ericsson early smartphones via Bluetooth so as to expose a vulnerability in that phone’s security. Hundreds of phones were found with Bluetooth enabled and visible, and many had OBject EXchange enabled—a decided no-no. 

Bluetooth pairing can be incredibly simple, and security is comparatively weak. Some devices can be plundered to smithereens in fairly short order.

You can’t get very far in Bluetooth on iOS 9.x, as several vulnerabilities have been well-patched by Apple—so far as we know. But more will be invented. It’s not quite guaranteed that more will be found inasmuch as it’s very likely most users will capitulate to using Bluetooth earphones of one type or another and will eschew the near-Rube Goldberg break-out jack offered for actual wired connectivity to the phone. Although Apple purchased one of the largest Bluetooth headphone makers, iPhone 7 buyers will be barraged by alternatives of every description. 

The alternatives, arriving in variety, may not be as well-engineered or secured—and may or may not have vulnerabilities. Apple will attempt to protect the phone side, in certainty. 

An additional security issue

Adding to Apple’s potential security, if I’m not mistaken, is the fact that Apple still doesn’t support Serial Line Internet Protocol (SLIP) and Point-to-Point Protocol (PPP) over Bluetooth—networking protocols of yore—as many Android devices permit. SLIP-over-Bluetooth has allowed a number of novel smartphone–device pairings, ranging from the Automatic Position Reporting System (APRS) over Android used by Mobilinkd’s TNC, which takes an Android’s smartphone GPS coordinates and transmits them to a linked device, like a ham radio operator’s transceiver. I’m stunned that there aren’t more and plentiful devices that use this protocol. Oh, wait, yep, it’s ready to be hacked in some novel and/or ingenious way.

All iPhone7s will ship with fresh iOS and so are likely to be highly prevented from break-ins, at least for a while. An ever-increasing number of phones will be used with Bluetooth, whether it’s connecting to the mind of an automobile, headsets, home-entry access and smart home mysterium. Indeed, the Internet of Thingies may kill us first.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2016 IDG Communications, Inc.

IT Salary Survey: The results are in