Bluetooth flaw leaves everyone vulnerable to KNOB attack

Moltuae

Moltuae

Rest In Peace
Reaction score
3,671
Location
Lancs, UK
Article Link: https://www.trustedreviews.com/news...e-vulnerable-to-a-massive-knob-attack-3931162

The Bluetooth specification has been changed after security researchers discovered a vulnerability that enabled connections to be gatecrashed.

The Bluetooth SIG body acknowledged the possibility of Key Negotiation of Bluetooth, or KNOB, attacks, which could enable a bad actor to bypass the usual permissions protocol for pairing devices, which depends on both devices agreeing to the connection.
Click to expand...

Waiting for the knob jokes ...
 
I'm not sure how big of deal this is considering how short bluetooth range is. You'd have to be staring the attacker in the face.
 
@Diggs, I don't do that because I don't like disabling expected functionality. But, I do train users that own enabled gear on the risks attached to it. It's really not anymore more or less risky than wifi already is. But it's indeed far from "secure".
 
Vulnerabilities don't necessarily need bi-d communications.

Personally I always try to disable BT on mobile devices. Of course I discuss it with the EU so they understand the impact. Having BT always on will drain a battery since it's always polling. On old devices, especially smart devices this can make a difference.
 
Yep, there's a long range bluetooth hack device sold on the market. https://greatscottgadgets.com/hackrf/one/ and devices like the sena ud-100, ubertooth, nordic semiconductors nRF51-dk, and high end devices like the ellisys $17,500.00 usd bluetooth explorer...
PcTek9 puts a rainbow sticker on his knob vulnerability. LOL.
 
You must log in or register to reply here.

Similar threads

Moltuae
Over 485,000 Ubiquiti devices vulnerable to new attack
Replies
2
Views
798
YeOldeStonecat
YeOldeStonecat
Moltuae
HTTPS-crippling attack threatens tens of thousands of Web and mail servers
Replies
0
Views
755
Moltuae
Moltuae
Back
Top