Research in bluetooth fingerprinting defense

Spasiba

Researchers with Schulman and Bharadia showed that MAC randomization is not enough to hide Bluetooth fingerprint. Apparantly the same group has now developed a protocol to defend against this, implementable in firmware.

I am not sure if the Bluetooth-firmware on Pixels is updatable, but if so, possibly this research is interesting.

Publication: https://wcsng.ucsd.edu/phy-obf/

de0u

Spasiba This looks like solid work. Thanks!

horde

Direct link to the research paper https://wcsng.ucsd.edu/files/phy-obf.pdf

Spasiba

More discussion on Hackernews. I was possibly a bit too hopeful about the applicability of their firmware, as it seems for now to be limited to just one chipset.

Of course, maybe the algorithm is more widely applicable, but at least it is not easy to transfer.

Also their fix may be mitigating just some of the Bluetooth fingerprinting possibilities.

At least I learned that MAC randomization does not stop Bluetooth fingerprinting.

de0u

Spasiba At least I learned that MAC randomization does not stop Bluetooth fingerprinting.

Your local Wal-Mart, McDonald's, etc., is probably not deploying SDRs running software to undo BLE MAC randomization by tracking low-level radio behavioral eccentricities.

However, this is the sort of thing that well-resourced state actors may have known about for years. And, as pointed out in the paper, Wi-Fi radios very likely have similar behavioral eccentricities.

At present the most-practical defense for users is to turn Bluetooth off most of the time.