silversurfer

Level 50
Verified
Trusted
Content Creator
Malware Hunter
Security researchers say they can extract a user's phone number from the Bluetooth traffic coming from an iPhone smartphone during certain operations.

The attack works because, when Bluetooth is enabled on an Apple device, the device sends BLE (Bluetooth Low Energy) packets in all directions, broadcasting the device's position and various details.

This behavior is part of the Apple Wireless Direct Link (AWDL), a protocol that can work either via WiFi or BLE to interconnect and allow data transfers between nearby devices.

Previous academic research has revealed that AWDL BLE traffic contains device identification details such as the phone status, Wi-Fi status, OS version, buffer availability, and others.

However, in new research published last week, security researchers from Hexway said that during certain operations these BLE packets can also contain a SHA256 hash of the device's phone number.

"Only the first 3 bytes of the hashes are sent, but that's enough to identify your phone number," researchers said. Since phone numbers have pretty strict formatting, attackers can use pre-calculated hash tables to recover the rest of the phone number.
 
Would vpn stop this? Do apps like signal help?

Wow. I have called Apple a gazillion times complaining about bluetooth...I'm going to give them a call about this as well as that faceid.
 
  • Like
Reactions: venustus

Vasudev

Level 29
Verified
Why the frigging hell would BT or WiFi be broadcasting a phone number? That's just idiotic design.
Usually iPhones with BT are like Nokia feature phone and you can't do FTP eventhough hardware supports it and you can do A2DP and contact sharing through Apple certified BT headsets which rake in more cash as usual!
I turned it off on my mom's phone.
 
  • Like
Reactions: venustus

RejZoR

Level 11
Verified
I've
Usually iPhones with BT are like Nokia feature phone and you can't do FTP eventhough hardware supports it and you can do A2DP and contact sharing through Apple certified BT headsets which rake in more cash as usual!
I turned it off on my mom's phone.
I've done the same. I can't use BT with anything anyway since iPhone BT can't even communicate with any Android. And freaking everyone around me has Androids.
 

Vasudev

Level 29
Verified
I've


I've done the same. I can't use BT with anything anyway since iPhone BT can't even communicate with any Android. And freaking everyone around me has Androids.
I wasted 17 hrs to transfer contacts and photos through BT on iPhone and found it the hard way it doesn't support it, so switched to WP again. I really in a dilemma which Android phone to choose; By the time I choose/zero-in on a model, several newer models comes out deprecated the older phones in the process. Too many phones to choose from :cry: