1. Tsepz_GP's Avatar
    If you are on Android 8 or Android 9 and not received the Feb Security patch, beware of using Bluetooth, especially in public areas...

    If you own an Android phone and use a Bluetooth accessory (like the wireless Samsung Galaxy Buds or the Google Pixel Buds), you might want to think twice about enabling Bluetooth on your handset. A vulnerability discovered in the Android Bluetooth subsystem by security firm ERNW allows anyone within Bluetooth range of your device to hack it without your knowledge.

    You can be pushing a shopping cart at Walmart, walking in Times Square or enjoying the haute cuisine at Micky D's while your Android handset is being attacked by a stranger. This is a serious problem because once the hacker is able to rummage through your phone, personal data can be taken and/or malware introduced to the device.

    Now there is some good news; the vulnerability doesn't affect those with Android 10 and the February security update patches the vulnerability. But Android's fragmentation issue means that even at this late date, there is a good chance that your Android phone is still running Android 8 Oreo or Android 9 Pie; those are the two Android versions affected by this issue while Bluetooth will simply crash on an Android 10 device if hacked. And you might not be able to count on the February security update since many Android phones won't receive it for months.

    The scary thing about this vulnerability is that no user interaction is required for the hacker to gain entry to your phone. If you can't update to Android 10 or install the February Android security update, ERNW says that there are some things you can do. First, the security firm suggests that if your handset is at-risk, enable Bluetooth only if you absolutely positively must have it on. And you should also keep your device non-discoverable by not opening the Bluetooth scanning menu. But the security firm notes that "some older phones might be discoverable permanently."

    Don't take this warning lightly. Unless your phone is running Android 10 or has the February security update installed, you might want to think twice about using those wireless Bluetooth earbuds if you're in an area where others are in close proximity to you.
    https://www.phonearena.com/news/andr...acked_id122092
    02-08-20 07:29 AM
  2. Grungni's Avatar
    If you are on Android 8 or Android 9 and not received the Feb Security patch, beware of using Bluetooth, especially in public areas...


    https://www.phonearena.com/news/andr...acked_id122092
    All KeyOne's will be susceptible to this then... What security patch do Key2's have? Hopefully Key2 users will be able to use their bluetooth headsets...
    02-08-20 07:39 AM
  3. Tsepz_GP's Avatar
    All KeyOne's will be susceptible to this then... What security patch do Key2's have? Hopefully Key2 users will be able to use their bluetooth headsets...
    I am not seeing anything newer than the Dec 2019 patch for the KEY 2. I could be totally wrong but yeah, as of writing this not seeing anything newer than Dec 2019.

    Someone please correct me if I am wrong.
    02-08-20 08:03 AM
  4. nevilleadaniels's Avatar
    I am not seeing anything newer than the Dec 2019 patch for the KEY 2. I could be totally wrong but yeah, as of writing this not seeing anything newer than Dec 2019.

    Someone please correct me if I am wrong.
    Should be 5th March 2020 now
    05-03-20 01:36 PM
  5. chrisdunn's Avatar
    I'm using my Samsung Galaxy Buds right now. I use them almost all day including when I'm at Walmart. Should I really stop using these headphones because of this warning? I guess it won't matter when I update to Android 10. I received it today on my AT&T Note 9.
    06-09-20 09:17 PM
  6. idssteve's Avatar
    Uh boy, two "smart guys" I worked with did terrifying things with bluetooth. Especially in motels and even parallel in traffic with nearby cars! These guys are honest as the day is long but never grew out of "toying" with things. I, personally, NEVER have bt enabled unnecessarily and always ensure that discoverable is off unless absolutely needed. Knowing what these guys are capable of, I wouldn't trust ANY patch or update... On ANY device. Also, inability to "see" other bt does NOT mean they cant "see" you. Hedzup. Ayor. Imo, fwiw.
    06-12-20 06:10 PM
  7. chain13's Avatar
    Glad mine rocks android10
    elfabio80 likes this.
    06-12-20 11:42 PM
  8. SalMan50's Avatar
    Uh boy, two "smart guys" I worked with did terrifying things with bluetooth. Especially in motels and even parallel in traffic with nearby cars! These guys are honest as the day is long but never grew out of "toying" with things. I, personally, NEVER have bt enabled unnecessarily and always ensure that discoverable is off unless absolutely needed. Knowing what these guys are capable of, I wouldn't trust ANY patch or update... On ANY device. Also, inability to "see" other bt does NOT mean they cant "see" you. Hedzup. Ayor. Imo, fwiw.
    Maaan, I know you may not have mentioned it on purpose, but if you can share. What can we do to try and STOP these hacks that your friend did. Would having it off and making it discoverable only when needed be enough?

    ........ Btw I'm dying to know atleast 1 of the things your friends could do lol
    06-22-20 02:59 AM
  9. idssteve's Avatar
    Maaan, I know you may not have mentioned it on purpose, but if you can share. What can we do to try and STOP these hacks that your friend did. Would having it off and making it discoverable only when needed be enough?

    ........ Btw I'm dying to know atleast 1 of the things your friends could do lol
    Well, I'm "retired" now but these guys still enjoy their career. Lol. I'll reiterate that they are both 1000% integrity to their last breath. We've shared jobsites with "other contractors" who were NOT so reputable, tho. My company still maintains some legacy industrial controls that utilize bluetooth. A situation under correction as time progresses. These two guys utilized bluetooth to enable an old 9930 as a remote wireless mouse & keyboard "PlayBook style" for PC and even on Android. I was quite excited about that till served a dose of reality... Lol.

    Let's just say that I, myself, personally, will never trust privacy of contact lists while BT is enabled on ANY device. No matter what sort of patch, update, upgrade etc. My contacts' info represent a sacred trust that I take seriously. Others might disagree and that's certainly their choice.

    Battery pull still represents the surest security measure, imo. Lol. I once participated in a brief series of meetings, early 2014, with all handsets placed on table beside removed battery. iPhones were locked in a faraday cabinet bonded to machine ground in a production room full of freq drives down the hall. Lol. Long story. Lol. Turning device into "soft off" might be second best. Sorta. Lol. "Soft off" BT, Wifi, NFC... Ayor. Imo. Fwiw. Fortunately BT's relatively short range limits exposure to casual encounters. Dedicated encounters are another story but... All depends on motives for dedication. Lol.
    06-22-20 08:10 AM

Similar Threads

  1. Will BlackBerry Hub for Android continue?
    By jgrobertson in forum General BlackBerry News, Discussion & Rumors
    Replies: 9
    Last Post: 04-07-20, 10:39 PM
  2. TCL and BlackBerry part ways. Any chance for BB CFW in 2020??
    By jace_ziii in forum General BlackBerry News, Discussion & Rumors
    Replies: 34
    Last Post: 02-08-20, 02:18 PM
  3. TCL connected with firm involved in Malware, Rogueware, and Unethical Practices
    By Tommy-boy in forum General BlackBerry News, Discussion & Rumors
    Replies: 3
    Last Post: 02-07-20, 05:52 PM
  4. BlackBerry maps not loading
    By mikael11 in forum BlackBerry P'9981
    Replies: 11
    Last Post: 02-07-20, 04:42 PM
  5. Removing icons and symbols from top screen
    By Trex27 in forum Ask a Question
    Replies: 1
    Last Post: 02-07-20, 06:32 AM
LINK TO POST COPIED TO CLIPBOARD