According to some, it is said that if we are not using Bluetooth, we should turn it off. This is said to not only help improve battery life, but it also helps keep our devices more secure as it makes it undiscoverable by other devices. Turns out that there might be some merit to the latter claims, according to a recent research paper.
According to the paper titled “BIAS: Bluetooth Impersonation AttackS”, it seems that researchers have discovered that quite a number of Apple products are apparently vulnerable to short range Bluetooth attacks. How this works is that the attacker will attempt to impersonate a previously trusted Bluetooth device to make the user think they are connecting to it, when in reality they are not.
If you pull up your device’s Bluetooth settings, you might see a list of devices that you’ve connected to in the past, like Bluetooth speakers, headphones, smartwatches, and so on. You assume that those devices can be trusted because you explicitly paired them with your phone or laptop.
It also seems that it does not require particularly sophisticated technology to pull off this attack, where the hacker can use a cheap Raspberry Pi device. Thankfully, Apple’s more modern devices aren’t affected. This seems to affect devices like the iPhone 8 or older, the 2018 iPad or older, or the 2017 MacBook Pros or older. However, if you do own these devices, we suppose one way to protect yourself would be to disable Bluetooth when not in use.