Operating system security

Bluetooth security in Windows 10

Preetam Kaushik
March 9, 2020 by
Preetam Kaushik

For a wireless technology standard formally established in the 1990s, Bluetooth has shown remarkable resilience and longevity. More than two decades later, we now have more Bluetooth-enabled devices in our homes than ever before.

PCs, mobile phones, speakers, earphones, TVs, keyboards, mice, controllers, fitness trackers, watches — all these devices and peripherals use this standard for communicating with each other. And with the rising popularity of the Internet of Things (IoT) and more smart devices, Bluetooth looks to be in for the long haul.

Learn Windows 10 Host Security

Learn Windows 10 Host Security

Build your Windows skills with 13 courses covering Windows registry, services, processes, toolset and more.

Why does it still exist?

For such a popular and crucial communications standard, Bluetooth is surprisingly full of flaws, both from the perspective of user experience and device security. Connections are notoriously unreliable and prone to sudden breaks, signal speeds are slow and recent research has unearthed several important security flaws.

The only reason why Bluetooth still exists is that it is relatively easy to implement, easy to use and cheap to manufacture. That last part is mainly due to its use of 2.4 GHz frequency, or the ISM band (Industrial, Scientific and Medical devices). ISM frequency devices do not require an FCC license, which makes them incredibly attractive for manufacturers.

Despite being around for 20 years, Bluetooth is still rather poorly understood by general tech protocol standards. A lot of this is down to how its communications standard was developed in the 1980s and ‘90s by multiple expert committees and groups.

So in truth, there is no single Bluetooth protocol, but rather a collection of different protocols compiled into a single, long, rambling standard. At nearly 3,000 pages, it is ten times as long as other comparable standards like Wi-Fi. 

Bluetooth security issues

Due to such complexity, in-depth security analysis of the entire length and breadth of Bluetooth protocols has not occurred yet. But in a way, this situation has also dissuaded hackers from taking a serious look at Bluetooth due to its convoluted and messy specifications. 

But this is certain to change as the number of Bluetooth-enabled devices increase, particularly at the enterprise and industrial level. Researchers have unearthed several critical security vulnerabilities across Bluetooth implementations in recent years. These include:

  • The BlueBorne flaw, which affected over five million PCs and other devices
  • The iPhone Bluetooth flaw on Airdrop
  • The Key Negotiation of Bluetooth (KNOB) flaw

While most of these are related to faulty implementations of Bluetooth protocols by individual manufacturers and vendors, some, like the KNOB flaw, are due to fundamental vulnerabilities found across all implementations.

Due to its unique mode of action and limitations related to signal strength and range, any potential security threat to Bluetooth devices require a combination of the following conditions for success:

  • The devices are turned on and visible
  • The devices are pairing, or connected
  • The connection is using a weak encryption
  • The attacker is within range
  • The device is not updated to the latest security patches/firmware

Steps to maximize Bluetooth security in Windows 10

Based on the above checklist, it is easy to deduce some basic measures which can help maintain security on Windows 10 PCs with Bluetooth connectivity.

Updates/patches

Microsoft has issued several security updates in recent times which addressed Bluetooth security issues. The most recent of these was the June 11, 2019 update. While the timely installation of updates like these can ensure maximum safety on the PC, it is equally important to seek out and update/patch the firmware located on the connecting peripheral or slave device.

Many users overlook this critical aspect, which can give rise to potential security flaws when the Windows PC connects to such devices. In fact, the June 11 patch disabled Windows access to certain categories of Bluetooth devices, requiring users to either update the firmware of those affected devices or use alternate devices in some cases.

Avoid connecting to older versions

Throughout its lifetime, there have been several versions of Bluetooth implementations, like 2.0, 4.1 and so on. The latest version is Bluetooth 4.2, which supports advanced security encryptions, including SSP and AES-CCM. While these still have numerous vulnerabilities, they are still better than older versions which were backed by just SSP (starting with 2.1).

If possible, check the version of Bluetooth used in a device before connecting it to a Windows PC. Avoid 2.0 and older devices as they have no encryption features whatsoever. Even those with SSP come with no guarantees of safety and should be kept at bay. Stick to version 4.2 and above for maximum safety.

Disable Bluetooth when not in use

Many users think that setting their PC or device Bluetooth visibility setting to “invisible” is enough to protect them from attacks. This is patently false. Using special tools like Blue Hydra, it is possible to sniff out nearby Bluetooth device connections, even when they are not set as visible.

The safest possible thing to do would be to switch off Bluetooth on a Windows 10 PC whenever it is not in use. The easiest way to do this is by clicking on the chat balloon icon on the extreme right side of the taskbar. It will open up a control panel with buttons to toggle several connections and features, including Bluetooth.

Manage Bluetooth connections and paired devices

Given the surfeit of Bluetooth-enabled devices in a modern home, it is very easy to lose track of the devices which have been paired to a Windows PC over time. This is why it is a good idea to frequently purge devices which no longer connect to your PC from the list.

Head to Settings → Devices → Bluetooth for a full list of paired devices. Click on a particular device to get the option to remove it. Some other best practices to follow include:

  • Choosing a secure PIN or passkey for all connections/devices that support this feature
  • Never use the default PIN that comes with the device
  • Disable unused Bluetooth services when connecting to devices like mobile phones
  • At all costs, do not allow other devices to find the PC whenever Bluetooth is turned on

Learn Windows 10 Host Security

Learn Windows 10 Host Security

Build your Windows skills with 13 courses covering Windows registry, services, processes, toolset and more.

Key takeaways

Despite its several weaknesses and security flaws, for want of a better alternative, Bluetooth is here to stay. To maintain security on Bluetooth connections involving a Windows 10 PC, always keep the PC and Bluetooth-powered device updated to the latest security patch/firmware. Keep Bluetooth disabled the moment it is no longer in use and follow best practices while managing paired connections on the PC.

Sources

Preetam Kaushik
Preetam Kaushik