Hello and welcome to the Wednesday, February 8, 2023 edition of the Sandcent Storm Center's Stormcast. My name is Johannes Ulrich and I'm recording from Jacksonville, Florida.

It's probably hard to find a device these days mobile or not mobile that doesn't have some kind of Bluetooth functionality.

Mobile phones, cars, PCs, pretty much any computing device and non-computing device

has Bluetooth in some variation evolved. Also, the standard itself is still evolving.

Yi Ching, who is our handler in Singapore and also part of a research group that looks into

Bluetooth flaws, has now looked at some of the historic trends as far as vulnerabilities go

in Bluetooth devices.

And well, the trend doesn't look good for the last four years

we pretty much had around a hundred new vulnerabilities each year as far as Bluetooth is concerned

and this is significantly up from prior years luckily it seems to have leveled out like

these last four years so it doesn't seem to

be really going up anymore, but still, Bluetooth is one of those protocols that probably

will keep on giving as far as vulnerabilities are concerned.

The classic dangerous pattern here is that we have a fairly complex protocol and a very

power limited implementation. Bluetooth implementations are typically created based on that they are using

as little power as possible, which of course means that you don't really have a lot of overhead

to do additional

input validation and the like. And we got an update for OpenSSL. Now, this affects OpenSL

3-0-111 as well as 102, and it fixes two vulnerabilities. One is side channel vulnerability.

This is timing based,

so by essentially observing how long it takes to decrypt something,

an attacker may be able to recover plain text.

...