12-09-2017 10:25 PM
Evening all, can anyone let me know please when Samsung will release a patch for blueborne?
13-09-2017 08:19 AM
13-09-2017 08:53 AM
Can't find anything conclusive on this yet.
Still looking.
13-09-2017 09:01 AM
13-09-2017 09:07 AM
13-09-2017 10:02 AM
Blueborne, like any other virus/malware can be spread through many means. How the sw gets to the phone is academic. It could potentially come down over WiFi, on an sd card, or through being plugged into a PC. The difference here is that someone has found a vulnerability in the Bluetooth protocol (the transport medium) that allows a malicious payload to be delivered without user interaction. That Bluetooth protocol is largely vendor independent hence why the vulnerability exists on many billions of IOT devices.
Because Bluetooth isn't equipped with good authentication mechanisms and in addition it holds high privileges on devices, this allows sw to run without the user having to agree or click on a link etc.
Everyday users are generally not exposed to malware etc as they have some form of protection on their laptop or PC. I suspect that's where your hesitation comes from. This is a field I work and specialise in and hence are possibly a 'little' more aware of the risks. 👍
13-09-2017 10:20 AM
13-09-2017 11:10 AM
As was said before, a computer virus obviously can't just spread by air. What it can do is exploit a vulnerability in Bluetooth and use that to spread without a physical connection: http://thehackernews.com/2017/09/blueborne-bluetooth-hacking.html
It seems to be a newly discovered vulnerability too, so maybe you're confusing it with another article?
13-09-2017 01:16 PM
You're spot on. Given the severity, pen testers will ensure that vendors are informed and have a chance to test and patch before releasing it to the public. Releasing info like this without taking this step first would lead to more nefarious activity taking place.
13-09-2017 01:43 PM
It is very ignorant to tell "This is not a real threat".
Its a vulnerability which can be used to infect devices from 10m distance without physical access, even through walls.
You struggle to understand? Thats ok, but please stay quiet then. You dont worry? Thats also ok, just lean back.