Nemeski@lemm.ee to Cybersecurity@sh.itjust.worksEnglish · edit-21 day agoUndocumented backdoor found in Bluetooth chip used by a billion deviceswww.bleepingcomputer.comexternal-linkmessage-square32fedilinkarrow-up1183arrow-down12cross-posted to: technology@lemmy.worldhomeassistant@lemmy.worldprivacyguides@lemmy.onecybersecurity@infosec.pub
arrow-up1181arrow-down1external-linkUndocumented backdoor found in Bluetooth chip used by a billion deviceswww.bleepingcomputer.comNemeski@lemm.ee to Cybersecurity@sh.itjust.worksEnglish · edit-21 day agomessage-square32fedilinkcross-posted to: technology@lemmy.worldhomeassistant@lemmy.worldprivacyguides@lemmy.onecybersecurity@infosec.pub
minus-squareFermiverse@gehirneimer.delinkfedilinkarrow-up41·1 day agoThis is really bad as most cheap IOT devices using this chip will not receive an update all. Would like to see a smartphone app testing this out via bluetooth so we could do some damage control at least and take them offline.
minus-squareJustinTheGM@ttrpg.networklinkfedilinkEnglisharrow-up10arrow-down1·22 hours agoThe ‘S’ in IOT stands for Secure
minus-squarepimento64@sopuli.xyzlinkfedilinkEnglisharrow-up2·22 hours ago Have IOT device It’s not secure How could this have happened???
minus-squareSanctimoniousApe@lemmings.worldlinkfedilinkEnglisharrow-up4·1 day agoAm I misunderstanding the article? It seemed to imply remote intrusion required either Bluetooth proximity, or physical USB access.
minus-squareFermiverse@gehirneimer.delinkfedilinkarrow-up13·1 day agoCorrect, but as bluetooth is possible over a certain range, “drive by attacks” might be possible.
minus-squareThe_Decryptor@aussie.zonelinkfedilinkEnglisharrow-up2·20 hours agoThe “attack” is from the host side, any remote attack is theoretical and would depend on exploiting the software on the host first to then gain access to the BT chip.
This is really bad as most cheap IOT devices using this chip will not receive an update all.
Would like to see a smartphone app testing this out via bluetooth so we could do some damage control at least and take them offline.
The ‘S’ in IOT stands for Secure
How could this have happened???
Am I misunderstanding the article? It seemed to imply remote intrusion required either Bluetooth proximity, or physical USB access.
Correct, but as bluetooth is possible over a certain range, “drive by attacks” might be possible.
The “attack” is from the host side, any remote attack is theoretical and would depend on exploiting the software on the host first to then gain access to the BT chip.