Because you need to know what’s up and what to do about it.
We got to see something cool and terrible (yes, it’s possible to be both at the same time) earlier this week when Armis Security published the details of a new Bluetooth exploit. Called “Blueborne,” the exploit allows a person with the right tools and who is within Bluetooth range of your smart thing — laptop, phone, car, or anything else that runs Android (as well as most every other operating systems, including iOS and Windows) — to gain control over the device without any action from the user.
That’s because the exploit cleverly attacks portions of the software needed to establish a connection to hijack the Bluetooth stack itself, which is pretty much done in a universal way because of how complicated Bluetooth is and how the stack itself handles so many things the OS could be doing instead.
Interested yet? If not, you should be.
Before we go any further, here is the good(ish) news: Apple, Google, and Microsoft have all patched the exploit. On the Android side, we saw the fix in this month’s security patch released the same day the vulnerability was made public. This surely isn’t a coincidence and kudos to Armis for working with the companies who write the software we all use every day to get this fixed. Of course, almost every Android-powered device doesn’t yet have this patch and won’t for a while.
I’ll resist the temptation to make this all about Android’s update woes and the million-and-one different reasons that it happens. I’ll just say that if you value being protected against most vulnerabilities like this you currently have three options: an Android-powered device from BlackBerry, an Android-powered device direct from Google, or an iPhone. You decide what to do here.
Instead let’s talk