Thursday, July 26, 2018

New Bluetooth vulnerability affects all devices and could allow an attacker to snoop on your data

 

Computer Emergency Response Team (CERT) has published a report on a serious Bluetooth vulnerability, which not only affects smartphones, but other devices like tablets, laptops and basically most Bluetooth enabled devices. The bug was discovered by Lior Neumann and Eli Biham of the Israel Institute of Technology and it is tracked by the number CVE-2018-5383

There is apparently an issue with the data encryption process when data is transferred between two devices and this allows an attacker in near vicinity to capture and decrypt the data being shared via Bluetooth. “An unauthenticated, remote attacker within range may be able to utilize a man-in-the-middle network position to determine the cryptographic keys used by the device. 

The attacker can then intercept and decrypt and/or forge and inject device messages,” explains CERT.  As per the report, the bug is confirmed to affect Broadcom, Intel, Apple, and Qualcomm hardware, and some other Android-powered handsets. It affects Bluetooth's both, Bluetooth low energy (LE) implementations of Secure Connections Pairing in operating system software Pairing and LE Secure Connections. The problem arises because of a security weakness in key exchanges (Diffie-Hellman key exchanges) that happens when two devices establish a Bluetooth connection.  

The patch is said to be rolling out for devices and for Android, the issue is addressed with the June security patch. For macOS users, Apple has already released a patch for the vulnerability earlier this month. Microsoft is not affected by the bug. The Register’s reports that manufacturers like Lenovo and Dell are working on the patch for the issue and have posted updates in the past month and so. As Linux versions prior to 3.19 don't support Bluetooth LE Secure Connections, they are said to be unaffected by the vulnerability. The CERT article states that fixes are needed both in software and firmware. One should check if there is a software update available for their device to patch the issue.  

from Latest Technology News

MAXIT INTERNET

BLOGGER

CD DVD RW

DELL

DOWNLOAD

FTP Server Linux

HACK

HARD DRIVE

HOW TO WORKIN

HARDWAER

INTERNET

INTERNET CAFE

LAPTOP

LENOVO

LINUX

Additional configuration for Samba Server (Part 2)  

BSNL/Airtel/Idea using Huawei E156G 3g Wireless USB Linux 5   

Basic File Extensions    CHANGING AN ACCOUNT EXPIRATION DATE   

Configure Linux as a Router   

Configure SAMBA Server (Part-1)   

Configure VNC server   

Configure Yum Server (Part-1)   

Configure yum server for Client machine (Part 3)   

Configuring Samba as a Standalone Server (Part 3)  

Connecting ftp Server with Anonymous User Part 5  

Create ftp account with Shared directory Part 3  

DHCP Server Configuration Part 2  

DHCP Server Configuration Part-1  

DHCP Server Configuration Part-3  

Enabling FTP Services in Yum Server (Part 5)  

FTP Server Configuration Part 1  

FTP Server How to Change In Primary DNS Server Part 2  

HTTP Client side configuration (Part 4)  

How to Vsftpd conf files Parameter Part 6   

LINUX FILE SYSTEM STRUCTURE  

Linux User Administrtion  

Linux as a Router configuration for Client Machine   

Linux client machine FileZilla FTP Client Part 4  

Local Yum Server (Part 2)  

Modifying Existing User Information  

Primary DNS Server Configuration Part-1  

Primary DNS Server Configuration Part-2    

Primary DNS Server Configuration Part-3  

Remove Linux From Your Pc Safely and restoring your MBR  

Sharing & Accessing Samba Share (Part 4)   

Speeding up your internet connection under Linux and Windows   

THE ROOT FILE SYSTEM   

VNC Server Configuration

LINUX LAB

Linux as a Router

MOTHERBOARD

Mobile

NETWORKING

REDHAT 5

REGISTRY EDTOR

RESET BIOS PASSWORD

SAMBA Server Linux

SERVER

SERVER CONFIG

SOFTWAER

VNC server Linux

Window 10

Window XP