Bluetooth is a communication standard that can be connected easily with, a smartwatch, earphone microphone, mouse on the keyboard, so you may not mind turning on/off every time.
Armis a cybersecurity company recently issued a warning about vulnerabilities surrounding "BlueBorne" discovered in the Bluetooth communication standard. On the Google Pixel smartphone equipped with Android 7.1.2, I just demonstrated the actual state of hacking that Bluetooth is on only by connecting to a smartphone without permission.
Even though the user has not touched it, the picture is taken without permission by the Google Pixel camera, and it has been successful to send the picture to the hacker's computer as it is.
There is no responsibility for the user side, there is no need to be in the state of searching for a device that can be connected by Bluetooth. Just because Bluetooth on the device is turned on, get hacked.
Armis Chief Technology Officer, warns us this way. Although it is unlikely that BlueBorne will spread extensive risk immediately as hackers must combine several vulnerabilities and hackers need to be located close to the connected device, the number of devices that can be targeted is around the world It is said to be over 5.3 billion units.
In addition, Armis already informed Microsoft, Google, Apple about the dangers of BlueBorne in advance. Since updates of OSs patched by each company are also being delivered, It is "If you have updated to the latest version of iOS, Windows, Android, Linux, there is no need to worry about BlueBorne attacks."
However, since not all users are updating to the latest version of the operating system, it is warned that there is something immeasurable about the diversity of hacking methods. As for now, hacking with BlueBorne is not a highly accurate attack, because you realize that something abnormal operation is being done when the user is looking at the screen, but the risk of being evolved and exploited cannot be denied....
In any case, if you are using Bluetooth, it is better to keep always turned off. There is a danger that other unknown vulnerabilities can be confronted.
