(no title)
aedron | 6 years ago
> with the privileges of the Bluetooth daemon
Which priviliges is that? Can it access user data? Snoop on input/output?
> For some devices, the Bluetooth MAC address can be deduced from the WiFi MAC address
So if wifi is off, I'm safe?
I have bluetooth on all the time, because it automatically pairs with my car for cellular and audio, and turning it on and off would be a hassle. I rarely, however, use wifi unless I have to download a very big amount of data, which is almost never.
e12e|6 years ago
This is somewhat addressed in a comment/reply by jorge:
https://insinuator.net/2020/02/critical-bluetooth-vulnerabil...
> Hi, the Bluetooth daemon is a process on the Android system that runs in the background (daemon) that is responsible for managing the Bluetooth controller and handling of various Bluetooth related protocols, such as HCI, L2CAP and GATT. As it has to process attacker-controlled input it is susceptible to attacks. In addition, it has to run with high privileges (not as ‘root’ like on Linux) to support features like: – file transfer => read files – share Internet connection => configure network and VPN – Human Interaction Devices => emulate keyboard and mouse
oauea|6 years ago
No, the connection packets can still be sniffed from the air once your device connects to your car. Then the attacker knows your mac address and can initiate the exploit.