Kwanakin baya, Masu binciken daga Makarantar Kwalejin Koli ta Tarayya ta Lausanne sun saki cewa sun gano rauni a cikin hanyoyin daidaita wasan na'urorin da suka dace da mizani Bluetooth Na zamani (Bluetooth BR / EDR).
An sanya raunin yanayin BIAS da matsalar yana ba maharin damar shirya haɗin haɗin na'urar sa ta karya maimakon na'urar daga mai amfani da baya shiga da kuma nasarar nasarar wucewar hanyar tabbatarwa ba tare da sanin maɓallin tashar (maɓallin haɗi) da aka kirkira yayin haɗin haɗin na'urori na farko da ba da izini ba tare da maimaita hanyar tabbatar da hannu akan kowane haɗi ba.
Jigon hanyar shine cewa lokacin da kake haɗawa zuwa na'urorin da ke tallafawa yanayin Haɗin Tsaro, da maƙiyi ya ba da sanarwar babu wannan yanayin kuma ya koma amfani da ingantaccen hanyar tantancewa (yanayin "gado"). A cikin yanayin "gado", maharin ya fara sauya canjin matsayin bawa-bawa, kuma ya gabatar da na'urar sa a matsayin "maigida", ya dauki tsarin tantancewa. Daga nan maharan za su aika da sanarwa game da nasarar kammala tantancewa, ba tare da ma mabuɗin tashar ba, kuma na'urar tana tabbatar da ta ɗaya gefen.
Bluetooth Spoofing Attack (BIAS) ana iya yin shi ta hanyoyi biyu daban-daban, ya danganta da wane Tsari Mai Sauƙin Haɗa kai (ko dai Legacy Secure Connections ko Secure Connections) a baya aka yi amfani dashi don kafa haɗin tsakanin na'urorin biyu. Idan an gama aikin haɗa hanya ta amfani da hanyar Sadarwa ta Tsaro, maharin zai iya da'awar cewa na'urar da aka haɗa ta baya ce wacce ba ta da goyan bayan haɗin haɗi, rage tsaro na tabbatarwa.
Bayan haka, maharin na iya yin nasara ta amfani da gajeren maɓallin ɓoyewa, dauke da 1 byte na entropy kawai da amfani da harin KNOB da aka haɓaka a baya masu binciken iri daya ne suka kirkiro hanyar Bluetooth wanda aka rufa ta da sunan wata hanyar da ta dace (idan na'urar tana da kariya daga hare-haren KNOB kuma ba za a iya rage girman mabuɗin ba, maharin ba zai iya kafa hanyar sadarwa ta ɓoye ba, amma za a ci gaba da kasancewa ingantacce ga mai masaukin).
Don cin nasarar cin nasara na rauni, na'urar maharan tana bukatar kasancewa cikin kewayon na'urar Bluetooth mai rauni da kuma maharan dole ne ka tantance adireshin na’urar nesa wacce a baya aka jona ta.
Masu binciken sun wallafa samfurin kayan aikin da ke aiwatar da dabarar kai harin kuma sun nuna yadda za a yi amfani da layin da aka hada guda biyu tare da kwamfutar tafi-da-gidanka ta Linux da katin CYW2 na Bluetooth.
Ana iya aiwatar da hanyar BIAS don dalilai masu zuwa: kafa amintaccen haɗin Bluetooth ba ɓoyayye bane kuma zaɓin hanyar haɗin haɗin haɗin haɗi ba ya amfani da haɗin haɗin da aka riga aka kafa, kafa amintaccen haɗi na Haɗin Haɗin Haɗin Legacy ba na buƙatar amincin juna, na'urar Bluetooth na iya yin canjin rawa a kowane lokaci bayan binciken ƙwallon baseband, kuma na'urori waɗanda aka haɗa su tare da Amintattun Haɗa na iya amfani da Haɗin Haɗin Haɗin tare da kafa amintaccen haɗi.
Matsalar ta samo asali ne daga matsalar ƙwaƙwalwar ajiya kuma tana bayyana kanta a cikin tarin Bluetooth da yawa da kuma firmware na kwakwalwan Bluetooth, ciki har da Intel, Broadcom, Cypress Semiconductor, Qualcomm, Apple da Samsung Tokens da aka yi amfani da su a wayoyin hannu, kwamfyutocin tafi-da-gidanka, kwamfyutocin kwamiti, da kayan haɗi daga masana'antun daban-daban
Masu binciken sun gwada na’urori 30 (Apple iPhone / iPad / MacBook, Samsung Galaxy, LG, Motorola, Philips, Google Pixel / Nexus, Nokia, Lenovo ThinkPad, HP ProBook, Rasberi Pi 3B +, da sauransu), waɗanda ke amfani da kwakwalwan kwamfuta daban-daban guda 28, kuma masu sanar da masana'antar rauni ga Disamba na ƙarshe. Ba a gama cikakken bayanin wane ne daga cikin masana'antun da suka saki sabunta firmware tare da maganin ba.
Ganin wannan, kungiyar Bluetooth SIG alhakin ci gaban matsayin Bluetooth ya sanar da ci gaban sabuntawa zuwa ƙayyadaddun bayanai na Bluetooth Core. Sabon bugun ya bayyana a bayyane kan batutuwan da aka ba da damar sauya matsayin bawa-bawa, akwai bukatar da ake bukata don tabbatar da juna yayin komawa zuwa 'gado', kuma ana ba da shawarar duba nau'in boye-boye don kauce wa raguwar matakin kariya dangane
Source: https://www.kb.cert.org