Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Wireless Networking Iphone

iPhone Bluetooth Traffic Leaks Phone Numbers -- in Certain Scenarios (zdnet.com) 51

Security researchers say they can extract a user's phone number from the Bluetooth traffic coming from an iPhone smartphone during certain operations. From a report: The attack works because, when Bluetooth is enabled on an Apple device, the device sends BLE (Bluetooth Low Energy) packets in all directions, broadcasting the device's position and various details. This behavior is part of the Apple Wireless Direct Link (AWDL), a protocol that can work either via WiFi or BLE to interconnect and allow data transfers between nearby devices. Previous academic research has revealed that AWDL BLE traffic contains device identification details such as the phone status, Wi-Fi status, OS version, buffer availability, and others. However, in new research published last week, security researchers from Hexway said that during certain operations these BLE packets can also contain a SHA256 hash of the device's phone number.
This discussion has been archived. No new comments can be posted.

iPhone Bluetooth Traffic Leaks Phone Numbers -- in Certain Scenarios

Comments Filter:
  • by Dog-Cow ( 21281 ) on Wednesday July 31, 2019 @10:33AM (#59017686)

    Which is it? Does it leak a cryptographically-secure hash of some not-so-private data, or does it leak the device's phone number?

    • by omnichad ( 1198475 ) on Wednesday July 31, 2019 @10:56AM (#59017850) Homepage

      Next up, HTTPS leaks encrypted web traffic.

    • by Anonymous Coward

      Not sure, but it wouldn't really be difficult to have a table of prehashed values for every possible phone number. Phone number is a pretty small search space and thus hashing doesn't really provide a lot of protection if the attacker knows that it is a phone number that is hashed

      • by guruevi ( 827432 )

        SHA256 always produces a large hash, you're still looking at a 256-bit number. Also, phone numbers come in all sorts of variations +1 212 555 0002 or (212) 555 0002 or 212-555-0002 and that's only for US. Apple sends whatever version is in your address book, not formatted in a specific format (although you can make an educated guess) .

        • by EvilSS ( 557649 )
          According to the author it uses a fixed format. Even if you had to go through all the variations, it wouldn't be a monumental task. They even posted a script you can use to create the hash tables: https://github.com/hexway/appl... [github.com]
        • by Anonymous Coward

          I think you misunderstood, or you're really stupid. Just because it outputs a large/long hash, doesn't mean you can't brute force all possibilities if your unique inputs are only a few hundred thousand combinations.

    • by EvilSS ( 557649 )
      It's the hash. But there are only so many phone numbers and they are in a fixed format. Since they don't appear to be salting the hash, it's trivial to create a program to write a hash table for, say, all US phone numbers if you know the hash algorithm.
  • tl;dr:

    It MIGHT leak a SHA256 hash of the user's phone number. Quiiiiiite a bit different than what the headline would have you believe. What the fuck has happened to journalism...
    • They are hungry, and cannot pay bills, so all the good ones are fleeing away.
    • It MIGHT leak a SHA256 hash of the user's phone number. Quiiiiiite a bit different than what the headline would have you believe. What the fuck has happened to journalism...

      From TFA

      "Only the first 3 bytes of the hashes are sent, but that's enough to identify your phone number," researchers said.

      Since phone numbers have pretty strict formatting, attackers can use pre-calculated hash tables to recover the rest of the phone number.

      It sounds like the hash is generated the same way every time, allowing the

  • The first 3 bytes of a 32-byte hash is not quite the same thing as "leaking the phone number". It's leaking information that narrows down the phone number to a set of possible phone numbers, and maybe you can figure out what the actual phone number is using some contextual information like probably area codes.

    • It's leaking information that narrows down the phone number to a set of possible phone numbers

      That is not how cryptographic hashes work.

      • It is if it's two devices with the same list of phone numbers that are trying to tell each other which number to use in their list.

      • by Guspaz ( 556486 )

        Yes, it is how partial cryptographic hashes of unsalted constrained input works. If you constrain the potential dataset to North American telephone numbers, you only need to compute around 10 billion hashes, which is a fast real-time operation. It takes a GTX 1080 slightly more than three seconds to calculate 10 billion SHA-256 hashes. Since you only have the first 24-bits of the 256-bit hash (per TFA), that will give you a set of possible telephone numbers. If you have some additional context (such as "the

        • by guruevi ( 827432 )

          If you're in BLE range of a person, just snap a picture and use Facebook Graph Search to find the person, their friends and thus likely contacts. You could also just use a GSM/CDMA sniffer to not just sniff out the phone number but the entire conversation.

          Cell phones leak information about us all the time, the question is how important is the information vs the convenience of having a cell phone.

      • by Voltara ( 6334 )

        It's leaking information that narrows down the phone number to a set of possible phone numbers

        That is not how cryptographic hashes work.

        Except that it is precisely how cryptographic hashes work. If you don't believe it, I invite you to play a game. Choose a random phone number in the 213 area code, give me the first 6 hex digits of the sha256 hash, and I will reply with a list of around 1-3 possible phone numbers (with a very rare worst case of 8 possibilities.)

        Here is an example Linux command line that you can use to get the hash:

        $ echo -n +12138675309 | sha256sum | cut -c 1-6
        4b7da2

        This is an example of a known plaintext attack. Knowing

  • security researchers from Hexway said that during certain operations these BLE packets can also contain a SHA256 hash of the device's phone number.

    Since when has SHA256 been broken? Why hasn't anyone told me?

    • by sconeu ( 64226 )

      Two words: Rainbow Tables

    • by Guspaz ( 556486 )

      Any unsalted cryptographic hash is effectively broken if you have a very limited set of possible inputs. GPUs can calculate billions of hashes per second, and there are only so many valid telephone numbers in the world to check.

      • by guruevi ( 827432 )

        Unless it's a telemarketer, then you get 20-digit phone numbers or even 2 digit phone numbers. Likewise, your address book could contain the phone numbers without area code or in different formats with country codes. The space is virtually endless and having certainty in court about it is an entirely different thing.

        • by EvilSS ( 557649 )
          In what way would any of what you just said apply here? It's the phone number of the device itself, not some random number from your contacts or a telemarketer on a VOIP line. Looking at the gihub code, iOS uses a fixed format when creating the hash.
  • I just want to know how the OSX driver manages to alter the speed of the sound from the video source, requiring a reboot to correct! THAT takes some special skills. People with skills like that would have no problem leaking phone numbers.

Some people claim that the UNIX learning curve is steep, but at least you only have to climb it once.

Working...