Major Bluetooth Vulnerability
Bluetooth has a serious security vulnerability:
In some implementations, the elliptic curve parameters are not all validated by the cryptographic algorithm implementation, which may allow a remote attacker within wireless range to inject an invalid public key to determine the session key with high probability. Such an attacker can then passively intercept and decrypt all device messages, and/or forge and inject malicious messages.
Paper. Website. Three news articles.
This is serious. Update your software now, and try not to think about all of the Bluetooth applications that can’t be updated.
Not too concerned • July 25, 2018 2:31 PM
“Don’t Panic!” THe last time I paired a device was when I got a new vehicle. Before that… I don’t remember.
Sure you could be hacked, but the odds of someone being close enough WHILE you are performing an operation that takes maybe a minute seem awfully small.