top of page

Bluetooth Technology: Connecting the World with Convenience amid Security Challenges

What is Bluetooth?


Named after a 10th-century Danish king, King Harald "Bluetooth" Gormsson, who united Denmark and parts of Norway, Bluetooth technology was intended to unite devices and simplify data sharing. Bluetooth is a wireless communication technology that allows devices to connect and communicate with each other over short distances. It uses radio waves within the 2.4 GHz frequency band to establish connections between devices, enabling them to exchange data and information wirelessly. Like WiFi, it was developed as an IEEE specification (802.15), but rapidly diversified.


Two key matters when discussing Bluetooth are:

- the SIG (Special Interest Group) software specification (or version), with the latest and best version for both range and security being version 5.4.


Then we have the SIG class for the device. There are three, depending on power output, and therefore the range. The SIG is made up of 35000 companies. Bluetooth is owned by no-one.


Throughout the years, the Bluetooth technology has found its way into countless applications, enhancing convenience and efficiency in various domains (such as audio devices, hands-free communication, headphones, car systems, home automation, wearable technology and data sharing to name but a few). It has embedded itself into our daily lives both personal and professional.



First let's get into how Bluetooth works:


⦁ MAC Address (Media Access Control)


Every Bluetooth-enabled device is assigned a unique identifier called a MAC address. This hardware-based address is specific to the device's Bluetooth adapter. MAC addresses ensure that each device has a distinct identity within the Bluetooth network. When devices communicate, they use their respective MAC addresses to establish connections securely.


⦁ Pairing and Encryption


Bluetooth devices establish secure connections through a process called pairing. During pairing, devices exchange encryption keys to ensure that the communication between them is private and protected from unauthorized access. This helps prevent security breaches and eavesdropping.


⦁ Profiles and Services


Bluetooth devices use predefined profiles and services to determine how they interact with each other. Profiles outline the capabilities and functionalities of a device, such as audio streaming or file transfer. Services, on the other hand, are specific functions within those profiles.


⦁ Frequency Hopping Spread Spectrum (FHSS)


Bluetooth devices use FHSS to hop between different frequencies rapidly. This technique minimizes interference from other devices operating in the same frequency range, ensuring a stable and reliable connection.


It is surprising how many of the digital devices we use today implement Bluetooth in some way. The technology revolutionizes the way devices connect and communicate. Other technologies such as WiFi and InfraRed have also been used for some time, of course, but Bluetooth remains popular.


Classification of Bluetooth Devices


They are either class 1 (most powerful), class 2, or class 3 (least powerful).


The class of the device comes into play when dictating the range of Bluetooth connection achievable. Here is a short breakdown with some examples to give an idea (figures for range apply to the latest version of Bluetooth - version 5.4).


Class 1

⦁ Power Output: up to 800 meters in open spaces.


Examples:

⦁ Wireless speakers: High-powered Bluetooth speakers that can transmit digital signals representing audio over long distances.

⦁ Equipment in industrial settings for monitoring and control tasks over extended ranges.

⦁ Base transmitting stations: used to establish Bluetooth networks with tablets or mobile phones over larger areas, such as in warehouses or outdoors.


Class 2

⦁ Power Output: up to 240 meters in open spaces.


Examples:

⦁ Smartphones: Mobile devices that use Bluetooth for wireless communication, such as sharing files, connecting to peripherals, and using wireless headsets.

⦁ Laptops and tablets: Computers and tablets equipped with Bluetooth capabilities for connecting to wireless keyboards, mice, and other accessories.

⦁ Bluetooth headsets: Wireless headsets that allow hands-free calling and audio playback within a relatively close range.


Class 3

⦁ These have the lowest power output, with a range of up to 1 metre in open spaces.


Examples:

⦁ Wearable devices: Fitness trackers, smartwatches, and health monitors that communicate with smartphones or other devices when placed nearby.

⦁ Wireless earbuds: Compact Bluetooth earbuds that connect to smartphones or other audio sources for a cord-free listening experience.

⦁ Computer peripherals: Bluetooth keyboards, mice, and styluses that connect to computers close by.



Previous Versions

Bluetooth has developed over quite a number of years, with each new version bringing improvements in range, reliability, and/or security. It is important to remember the maximum range of Bluetooth is reduced by environmental factors, signal interference, antenna quality etc. As such, the maximum range quoted for a Bluetooth connection is only theoretical.


What follows is a breakdown of the versions that have become available to this day. I have given the range for Class 2 devices first as this is the “kit” that we are most likely to be using on an everyday basis.


Bluetooth 1.0 to 4.0: The maximum range of Bluetooth 1.0 to 4.0 is typically 10 meters (33 feet) for Class 2 devices, 100 meters (330 feet) for Class 1 devices, and less than 3 meters (10 feet) for Class 3 devices.


Bluetooth 5.0: The maximum range of Bluetooth 5.0 is typically 200 meters (660 feet) for Class 2 devices, 400 meters (1312 feet) for Class 1 devices, and less than 3 meters (10 feet) for Class 3 devices.


Bluetooth 5.4 was released in 2021. It offers several improvements over previous versions, including:


⦁ increased range and data transfer rate

⦁ improved security to make communications more resistant to hacking


Bluetooth 6 was supposed to be available in 2022, but there are no signs of that coming to fruition at the moment. Bluetooth 5.4 is therefore the most up-to-date and should therefore be the version to strive for. However, version 5.3 does also contain the most up-to-date security features. It’s worth checking your device for possible updates.


Security Issues with earlier versions


Like Wi-Fi, Bluetooth serves as the invisible bridge that facilitates seamless data exchange over short distances. Earlier versions were potentially vulnerable to hackers, but previous concerns had mostly been addressed by the time Bluetooth evolved to v5.4. Users with earlier versions are therefore advised to upgrade as soon as possible.


Even with this in mind, it is important to still be vigilant. Malicious individuals will take advantage of lack of user knowledge of Bluetooth security. If not implemented properly, Bluetooth can be susceptible to attacks which will be listed below alongside some recommended countermeasures.


1. Blue Snarfing: Unauthorized Data Access


Blue snarfing is a cyberattack in which an unauthorized individual gains access to sensitive data stored on a Bluetooth-enabled device. Attackers exploit vulnerabilities in older Bluetooth implementations to bypass security controls and retrieve personal information, including contacts, messages, emails, and more.


2. Blue Bugging: Covert Spying


Another is blue bugging which involves unauthorized remote access to a victim's Bluetooth device, enabling attackers to monitor conversations, read messages and access sensitive information. Attackers exploit vulnerabilities in the device's Bluetooth software to gain control without the user's knowledge.


3. Blue Jacking: Unwanted Interactions


Blue jacking is a relatively harmless yet frustrating attack where an attacker sends unsolicited messages or files to Bluetooth-enabled devices. While it doesn't typically compromise data security, it can lead to spam messages, and in some cases, it might be used to deliver malicious content. This form of interaction is mostly designed to intimidate but it can also be a real threat.


4. Denial of Service (DoS): Disrupting Connections


A DoS attack on Bluetooth devices involves overwhelming the device with connection requests, leading to a denial of service. This renders the device unable to function properly and can disrupt the user's experience.


5. Impersonation Attacks: Faking Identities


Last but not least on this list is impersonation attacks This is where attackers manipulate the Bluetooth pairing process to pretend to be a trusted device. This allows them to gain unauthorized access and potentially control the victim's device.


Preventive Measures against Security/Privacy Risk from Bluetooth


As you can see, the list above gives more than a little cause for concern.


However, by using the latest version of Bluetooth, you are going a long way towards staying safe. That’s not all though, here are some additional tips for staying secure:


- Regularly update device firmware, even with the latest version (please see my earlier articles on firmware) to fix security flaws.


- Use stronger authentication methods and unique passwords for Bluetooth connections.


- Disable auto-pairing to prevent unauthorized connections. Only use pairing if absolutely necessary and make sure you use the secure methods available that use strong encryption and user authentication (i.e. with long keys & passwords). Be PARTICULARLY cautious when pairing with devices in public places, as attackers could exploit the situation.


- Set devices to non-discoverable mode when not needed (in other words, set your Bluetooth to “off”)


- Avoid connecting to untrusted devices or networks

⦁ DISABLE automatic connection features like discovery mode when not actively connecting to other devices to prevent unauthorized access.


Please note that laptop and tablet firmware updates that include Bluetooth will be dependent on manufacturer, but mobile phone firmware updates happen via the network provider. Historically, network providers have taken longer to update versions of connectivity software like WiFi and Bluetooth than manufacturers of devices. This is something to bear in mind.


Conclusion


Bluetooth technology has revolutionized the way we connect and communicate with devices, offering convenience and efficiency across various aspects of our lives. The range of a Bluetooth device depends on both the version of Bluetooth and the class that the device belongs to. The latest version of Bluetooth (v5.4) boasts an impressive range and data rate, enabling seamless communication over longer distances and improved security features. This latest version has the best range and security for all three classes of device. If you are thinking about buying a device, make sure the Bluetooth software is upgradable to v5.4 if it is not there already.


Remember, use of BOTH authentication and encryption are required for good security. It is crucial to be aware of the security vulnerabilities and potential attacks that Bluetooth technology can be susceptible to. Regularly updating device firmware, using strong authentication methods, and practicing good Bluetooth security hygiene can go a long way to ensuring the safety of personal data and devices. By using the latest version and by staying vigilant, users can continue to enjoy the benefits of Bluetooth while minimizing the risks.



Useful Links:

How to enable Bluetooth on Android:

https://support.google.com/android/answer/9075925?hl=en-GB

How to enable Bluetooth on IOS:

https://support.apple.com/en-gb/guide/iphone/iph3c50f191/ios

How to enable Bluetooth on Windows:

https://support.microsoft.com/en-us/windows/turn-bluetooth-on-or-off-in-windows-9e92fddd-4e12-e32b-9132-5e36bdb2f75a

How to enable Bluetooth on macOS:

https://support.apple.com/en-gb/guide/mac-help/blth1008/mac#:~:text=On%20your%20Mac%2C%20choose%20Apple,may%20need%20to%20scroll%20down.)&text=Click%20to%20turn%20Bluetooth%20on%20or%20off.

Article on Blue snarfing:

https://www.techtarget.com/searchmobilecomputing/definition/bluesnarfing

Article on Blue Bugging:

https://www.techslang.com/definition/what-is-bluebugging/

Article on Blue Jacking:

https://www.techslang.com/definition/what-is-bluejacking/

Discoverable mode:

This is essentially the same as “Bluetooth on”. To turn Bluetooth off, click on “Settings”, and select Bluetooth. The on/off slider should be at the top of the screen. If you pair with a device and have finished whatever you are doing, try to remember to then slip Bluetooth off again. Some apps will push your Bluetooth on in order to function correctly. You can select the option “only when using the App” so that it automatically deactivates once your task is complete.

6 views0 comments

コメント


bottom of page