Actually, Vice President Kamala Harris Right. Bluetooth is a risk

A report that Vice President Kamala Harris is like that”Bluetooth-phobicThat she avoids using wireless headphones sparked a controversy on social media on Monday, but digital security experts — and the US government — say the risks The potential risks of ubiquitous wireless connections are no joke.

The piece, published in Politico’s West Wing Playbook, explicitly describes Harris’s “feeling” that Bluetooth has security issues – “But still, does someone travel with football Shouldn’t the nun take the time to unplug her headphones? The American people deserve an answer!” – but Bluetooth security issues have been well documented and known for many years. According to people familiar with digital security, it is indeed prudent that Harris may be reluctant to rely on Bluetooth because the technology is notoriously insecure and cell phones determine a user’s location via combination of GPS, Bluetooth and wireless signals.

According to guidance from the defensive cybersecurity arm of the US National Security Agency, the US government recommended last year that if users wanted to avoid the risk of data being exposed to unwanted eavesdroppers, want, they should turn off Bluetooth completely, according to a agency documents.

Members of the State Department’s current list of candidates, ranging from those to be assistant secretaries to potential ambassadors, have also been warned of Bluetooth’s potential mismatch from a security. During briefings conducted by security engineering officials with the U.S. State Department, nominees were told that an open Bluetooth connection — like the one used for headsets — was not open. wire — can be a “cracked window” for digital entry into their device, allowing for physical tracking of the device as well as access to its data, according to people who have Join meetings.

Even when a user turns off cellular service — read again — Bluetooth can still be used to determine a user’s location, the NSA warns.

It can also be used to track a user’s every movement, or even understand a movement pattern and their daily habits to predict future movements. Bad guys can also use devices called “sniffs” to calculate a user’s location via Bluetooth and Wi-Fi, even when cellular service is turned off, according to the agency.

In 2019, cybersecurity researchers perform an attack on a communication protocol that allows an attacker to weaken the encryption used in Bluetooth and “intercept keystrokes, address books, and other sensitive data” follow UK’s National Cyber ​​Security Centre.

In another particularly alarming case, cybersecurity researchers last year discovered that the exploit was vulnerable Bluetooth protocols that allow attackers to steal a target’s contacts, call logs, and messages, and can also allow them to send fake text messages from the target’s phone. In another case, a researcher at TU Darmstadt, a university in Germany, found that if Hacker nearby, they can use mining software to break in and take advantage of a special protocol used for music streaming.

For most, it is less likely that they will be targeted, and it may not be practical to turn off Bluetooth. But given Harris’s threat model – meaning the possibility of her being a target for surveillance or attack – as Vice President of the United States, or even in her past life as a senator. serving on the Senate Intelligence Committee, which regularly receives secret meetings, it makes sense.

“It’s a good protocol for most people, even with vulnerabilities because it requires reasonably tight access,” said Sergio Caltagirone, a former NSA threat intelligence analyst. to exploit it together with an actor that has both the ability and intention to do so. “That means there are only a few thousand of the billions of people on earth that need to worry about this. The Vice President of the United States and other USG executives are among them. ”

Some government employees, especially those engaged in counterintelligence, have been warned to avoid carrying unprotected personal electronic devices through some international airports, especially in countries which the State Department is said to be willing to work with Chinese or Russian intelligence agencies.

A person familiar with the meetings noted that while security for government-supplied devices is handled by security officers, security for personal devices is at the discretion of the people themselves. guard. In turn, some potential principals have started wearing wired headphones and turning off their Bluetooth connections in public spaces.

Harris’s famous run last November, where she used wired headphones – which she found out she and Joe Biden won the election – doesn’t seem so silly now, does it? ?