КЛК 'Владминес'
28 Март 2024, 15:47:32 *
Добро пожаловать, Гость. Пожалуйста, войдите или зарегистрируйтесь.
Войти
Лучшие фелинологические организации!
Добавье свою организацию! пока бесплатно!!!
Новости: Ждем всех в нашем каталоге Фелинологических организаций. Вас еще нет в нашем каталоге? Так добавьте скорее!!!
 
   Начало   Помощь Поиск Календарь Галерея  
Страниц: [1]
  Печать  
Автор Тема: New Bluetooth Bug Could Let Hackers Remotely Unlock Smart Locks  (Прочитано 1917 раз)
0 Пользователей и 1 Гость смотрят эту тему.
upamfva
Ветеран
********

Кошачьих сил: 134
upamfva is awe-inspiring!upamfva is awe-inspiring!upamfva is awe-inspiring!upamfva is awe-inspiring!upamfva is awe-inspiring!upamfva is awe-inspiring!upamfva is awe-inspiring!upamfva is awe-inspiring!upamfva is awe-inspiring!upamfva is awe-inspiring!upamfva is awe-inspiring!upamfva is awe-inspiring!
Offline Offline

Сообщений: 2289

Благодарности
-Выражено: 0
-Получено: 0


Просмотр профиля Email
« : 26 Сентябрь 2022, 04:11:11 »

New Bluetooth Bug Could Let Hackers Remotely Unlock Smart Locks



A vulnerability in the Bluetooth technology can be exploited to remotely unlock tens of millions of digital locks worldwide, including those on Tesla cars.To get more news about high security lock manufacturer, you can visit securamsys.com official website.

Sultan Qasim Khan, a researcher at the NCC Group successfully exploited the flaw to open and drive a Tesla Model 3 and Y model using a device attached to a laptop.
The relay device managed to bridge a large gap between the Tesla and the owner’s phone, making it possible for Khan to drive the car.

If any product is dependent on a trusted Bluetooth connection, then the product is vulnerable to intrusion, even if the attacker is from another continent.
Effect
Despite this vulnerability being of concern, it is primarily due to how inexpensive off-the-shelf hardware can easily be used to defeat proximity authentication mechanisms in Bluetooth devices.

It’s so easy to do so that one does not have to understand coding to be able to exploit it. Instead, a Bluetooth developer board is needed to do so, as well as ready-made programs.The same applies to all laptops, smartphones, as well as tablets that have Bluetooth proximity, and unlock features enabled. If you have upgraded your traditional lock to a smart lock, you may also be at risk for theft.

BLE-based authentication was not originally designed to be used in locking mechanisms, so this vulnerability was not like a typical bug that could be fixed by a software patch.

Recommendation
No claims are made regarding the resistance of Bluetooth to relay attacks in the Bluetooth Core Specification. In addition, Section 6 of the Proximity Profile expressly mentions that it is possible to launch a relay attack when using the profile (v1.0.1, updated in 2015).Developers should be encouraged to either implement a user-interaction-based security solution or use technology like UWB time-of-flight technology to secure the Bluetooth devices.

It is recommended that users should be educated about the risks associated with relay attacks for existing systems where hardware modification is not possible.

Moreover, it is also a smart idea to allow users to disable the inferred proximity-based passive entry feature.
Записан
Страниц: [1]
  Печать  
 
Перейти в:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006, Simple Machines LLC Valid XHTML 1.0! Valid CSS!