We don’t know about you, but we use Bluetooth all the time. Earbuds, keyboard, mouse, speakers, soundbar, even a connection to our car's audio system.
But did you know your phone’s Bluetooth signal can be ‘fingerprinted’ so you can be tracked while it’s in use?
We didn’t either, until recently.
A new paper from the University of California San Diego called "Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices" says there’s a "unique physical-layer fingerprint" to every phone that uses Bluetooth.
This fingerprint is apparently due to flaws in chipset hardware that enables each to be unique.
If someone has the right radio sniffer that can pull apart Bluetooth signals, it can fingerprint individual Bluetooth chips and follow it around wherever you go.
The fingerprinting happens thanks to carrier frequency offset and IQ imbalance created by combination WiFi and Bluetooth chips in most phones.
As each combination is unique for every chip, in theory at least, that uniqueness can be used to create a fingerprint and therefore, identify that individual chip wherever it appears.
According to the researchers:
Since BLE devices have temporarily stable identifiers in their packets (i.e., MAC address), we can identify a device based on the average over multiple packets, increasing identification accuracy.
Don’t ditch Bluetooth just yet though. The technique requires specialist equipment and knowledge.
That becomes almost impossible in areas where a lot of Bluetooth devices are operating at the same time, like in a mall, train station, airport, or college for example.
The tracker would need to capture, analyze and identify each individual chip, identify the carrier frequency offset and IQ imbalance, mark it and be able to trace it. That’s not something the average Joe could do.
It is a flaw in the system though and should make you think twice about leaving Bluetooth activated when not in use.
We will certainly be thinking twice about using it when we don’t need it anyway!