Leaving Bluetooth active on the mobile phone is something that most of us usually do: it is not a connection that consumes too much battery and, if it works constantly, we save ourselves from connection and disconnection problems. The problem is that such comfort comes with risks. And it has a cool name in English: Bluesnarfing.
On the smartphone we usually keep the wireless connections active, from the mobile network itself to NFC. This concerns WiFi but also Bluetooth, wireless functions that do not cost too much and make it easier to use compatible accessories when they are nearby. Even if there is an obvious disadvantage: leaving the door open on our mobile It’s an invitation for intruders to enter.. This is not the first time that the police have alerted on this subject.
Suffering from Bluetooth intrusion is difficult, but not impossible
Bluetooth is a wireless connection that is too vulnerable to attacks. And it doesn’t matter which version of Bluetooth the phone has, because there are security risks even in the newest ones. All with one maxim: the more up to date your phone is, and the higher the Bluetooth version of the modem, you will have greater security
Yes, Bluetooth is insecure, manufacturers don’t always update device drivers, and the operating system itself can make it easier for attackers; as happened with BlueBorne in 2017, a huge security breach that reached 5 billion devices. Other reported cases were BlueFrag, a vulnerability that affected Android 8 Oreo or Android 9 Pie. However…
Although we have already seen that it is not secure, since associated vulnerabilities are constantly being discovered, this does not mean that Bluetooth is easy to exploit as an entry point into a smartphone. Because:
- It is essential to maintain proximity
- The mobile must be vulnerable. Not all phones experience the same risk, as updates and new hardware have a decisive influence.
- High technical knowledge is required. It would take someone taking a special interest in us to fall for a Bluetooth vulnerability attack.
What circumstances could arise to trigger a Bluetooth attack? There are obviously always possibilities, even if they are very limited. And we must take this into account.
Bluesnarfing, a latent danger in our smartphones
We have already seen that there are vulnerabilities that affect Bluetooth connectivity and that they are usually caused by operating system errors, smartphone modem defects, or modem driver failures. These vulnerabilities can be exploited in the form of close range attacks. This is called Bluesnarfing.
Bluesnarfing is the unauthorized access to information on a device by exploiting vulnerabilities in its Bluetooth connection.
The risks are low, as we already mentioned in the previous section. Nevertheless, the experts’ recommendation is that let’s keep the wireless functions disconnected wherever possible: from the National Police to the National Cybersecurity Institute (Incibe).
Convenience is usually one of our biggest enemies when using a smartphone. Even when it comes to security, it is not for nothing that we get used too quickly to the fact that the phone does everything by itself. Yes, it can be complicated to only turn Bluetooth on when we’re listening to music and turn it off shortly after, but it will add a pinch of security to our routine. Not only that, we will also save battery.
Don’t you use smart watches or devices that require a constant Bluetooth connection? Better to disconnect it
Deleting an unused connection seems logical. But what happens if we have a smart watch connected to the mobile via Bluetooth? Or an activity bracelet, a ring, a medical device… In these cases, there is no other choice than to maintain the wireless connection if you want everything to work. For the rest the recipe is clear.
Although the risk of suffering a Bluesnarfing attack is low, If we turn off Bluetooth, we are sure that this risk will be zero.. It is a gesture that requires only one action: disconnect Bluetooth when we stop using it; in addition to keeping your mobile phone as up to date as possible and not accepting Bluetooth requests from strangers. Any precaution is too little.
Cover image | Ivan Linares
In Xataka Android | Instantly know if there is a power outage in your home: you can set up an SMS alert