Recently, at the IEEE Security and Privacy Conference in Oakland, California, on May 24, 2022, an article was presented on the monitoring of the Bluetooth signal entitled “Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices” .
Researchers at the University of California at San Diego have found that low-power Bluetooth (BLE) signals are constantly emitted by mobile devices, creating a unique fingerprint that attackers can use to track a person’s movements. This covers smartphones, smart watches, and fitness trackers, all of which transmit approximately 500 “Bluetooth beacons” per minute.
The unique fingerprint is the result of tiny manufacturing imperfections in the hardware of the device, which uniquely distorts the Bluetooth signal, allowing attackers to avoid anti-tracking techniques such as constantly changing network addresses. In their experiments, they found that between 40% and 47% of devices were uniquely identifiable and could track a volunteer as they left their residence.
“This is important because in today’s world Bluetooth poses a major threat as it is a frequent and constant wireless signal from all of our personal mobile devices,” said Nishant Bhaskar, Ph.D. student in the Department of Engineering and Computer Science at UC San Diego and one of the lead authors of the paper.
“As far as we know, the only thing that definitely stops the Bluetooth beacons is turning off the phone,” Bhaskar said.
You can read more about the study here.