Bluetooth exploit makes it possible to track iOS and macOS devices

A new exploit tied to Bluetooth connectivity makes it possible to track some devices, including those from Apple and Microsoft.

According to ZDNet, there is a security vulnerability within the Bluetooth communication protocol that makes it possible to not only track some devices, but also identify device owners. The discovery was made by researchers at Boston University.

For Apple, this means the exploit can track and identify the iPhones, Macs, iPads, and even the Apple Watch. Meanwhile, on Microsoft’s side of things, it includes tablets and PCs. Which devices aren’t included? Google’s Android.

The initial report details how it all works, which starts with the fact that Bluetooth devices using public channels to present their presence to other devices. In an effort to prevent tracking based on this, most devices broadcast a random address that changes automatically at random intervals, which is different than a Media Access Control (MAC) address.

This is still happening on Apple and Microsoft devices. However, the report indicates that it’s possible to reveal identifying tokens that can allow some malicious individuals to misuse the address-carryover algorithm that dictates the change of address.

According to the research paper, Tracking Anonymized Bluetooth Devices (.PDF), many Bluetooth devices will use MAC addresses when advertising their presence to prevent long-term tracking, but the team found that it is possible to circumvent the randomization of these addresses to permanently monitor a specific device.

Identifying tokens are usually in place alongside MAC addresses and a new algorithm developed by Boston University, called an address-carryover algorithm, is able to “exploit the asynchronous nature of payload and address changes to achieve tracking beyond the address randomization of a device.”

As for Android, it does not use the same approach to advertising a Bluetooth device as Apple and Microsoft. As a result, Android is not in danger of this particular vulnerability.

The research paper itself does have suggestions on how to mitigate the vulnerability, and it’s possible that Apple will patch the issue in some way or another in the near future.