It Was Harder to Sniff Bluetooth Through My Mask During the Pandemic...

Xeno Kovah
August, 2023
Cite -=Kovah Cut=- (2h) Full Presentation Slides -=Kovah Cut=- (2h) Full Presentation Video Hack in the Box Slides (PDF) Hack in the Box Conference Presentation Video Hacktivity Slides (PDF) Hackfest Slides (PDF) SecTor Slides (PDF) Sniffing code

Abstract

During the pandemic I took up Bluetooth (BT) sniffing as a way to get out of the house. I didn’t know what was out there for BT devices, but it felt important to know what the implications were of the new over-the-air, no-auth, cross-device, firmware-level exploits on BT chips that my wife and others had started publishing. And because BT Low Energy specifically added anti-tracking functionality that didn’t exist in BT classic, I wanted to understand the in-the-wild state of privacy protection within the BT ecosystem.

Bluedriving left me with questions that are different from those you’d ask based on traditional WiFi wardriving. Is there a correlation between poverty, obesity, and BT sleep apnea medical devices? What are the implications of BT on police body cameras? Are BT sniffers going to be (/ already) used as alternatives to license plate cameras for tracking vehicles? Are fitness trackers still making it easy to track humans instead? Can someone steal heavy-construction equipment thanks to BT keyless ignition? Can hackers be tracked by their “portable multi-tool[s]”? Do hotels using BT door locks “open the door” to easier assassinations?

In this talk I will describe some of the most interesting observations from the past few years, and share some perhaps-surprising answer to those questions and more.

Type
Conference paper
Publication
In Hack in the Box Phuket 2023-08-24, Hacktivity 2023-10-06, HackFest.ca 2023-10-14, NoHat 2023-10-21, and SecTor 2023-10-26
Bluetooth Sniffing Tracking
Xeno Kovah
Xeno Kovah
Dark Mentor Level X

Hacking firmware like it’s no big deal.