Bluetooth's Complexity Has Become a Security Risk

Bluetooth's Complexity Has Become a Security Risk

Bluetooth is the invisible glue that binds devices together. Which means that when it has bugs, it affects everything from iPhones and Android devices, to scooters, and even physical authentication keys used to secure other accounts. The order of magnitude can be stunning: The BlueBorne flaw, first disclosed in September 2017, impacted five billion PCs, phones, and IoT units.


As with any computing standard, there's always the possibility of vulnerabilities in the actual code of the Bluetooth protocol itself, or in its lighter-weight sibling Bluetooth Low Energy. But security researchers say that the big reason Bluetooth bugs come up has more to do with sheer scale of the written standard, development of which is facilitated by the consortium known as the Bluetooth Special Interest Group. Bluetooth offers so many options for deployment that developers don't necessarily have full mastery of the available choices—which can result in faulty implementations.


"One major reason Bluetooth is involved in so many cases is just how complex this protocol is," says Ben Seri, one of the researchers who discovered BlueBorne and vice president of research at the embedded device security firm Armis. "When you look at the Bluetooth standard it’s like 3,000 pages long—if you compare that to other wireless protocols like Wi-Fi, for example, Bluetooth is like 10 times longer. The Bluetooth SIG tried to do something very comprehensive that fits to many various needs, but the complexity means it’s really hard to ..