Bluetooth Vulnerability Could Allow iOS and macOS Devices Be Tracked and Identified

by

A security vulnerability in the Bluetooth communication protocol has the potential to allow malicious actors to track and identify devices from Apple and Microsoft, according to new research from Boston University that was highlighted by ZDNet.

Apple devices including Macs, iPhones, iPads, and the Apple Watch are impacted, as are Microsoft tablets and laptops. Android devices are not affected.

appledevicesbluetooth
As outlined in the research paper [PDF], Bluetooth devices use public channels to announce their presence to other devices.

To prevent tracking, most devices broadcast a randomized address that periodically changes rather than a Media Access Control (MAC) address, but the researchers have found that it is possible to extract identifying tokens that allow a device to be tracked even when this randomized address changes by exploiting the address-carryover algorithm.

We present an online algorithm called the address-carryover algorithm, which exploits the fact that identifying tokens and the random address do not change in sync, to continuously track a device despite implementing anonymization measures. To our knowledge, this approach affects all Windows 10, iOS, and macOS devices.

The algorithm does not require message decryption or breaking Bluetooth security in any way, as it is based entirely on public, unencrypted advertising traffic.

The tracking method explained in the research paper has the potential to allow for an identity-exposing attack that allows for "permanent, non-continuous tracking," plus an iOS side-channel that "allows insights into user activity."

iOS or macOS devices have two identifying tokens (nearby, handoff) which change in different intervals. In many cases, the values of the identifying tokens change in sync with the address. However, in some cases the token change does not happen in the same moment, which allows the carry-over algorithm to identify the next random address.

Android devices do not use the same advertising approach as Microsoft and Apple, and are immune to the data tracking methods used by the researchers.

It's not clear if the method described has been used by any bad actors for the purpose of tracking Apple devices using Bluetooth, but it would be undetectable as it does not require breaking Bluetooth security. The research paper contains several recommendations on how to mitigate the tracking vulnerability, and Apple is often quick to patch any security issues that come up, so we could see a fix for this problem in the near future.

Tag: Bluetooth

Popular Stories

iPhone 17 Pro Dark Blue and Orange

iPhone 17 Release Date, Pre-Orders, and What to Expect

Thursday August 28, 2025 4:08 am PDT by
An iPhone 17 announcement is a dead cert for September 2025 – Apple has already sent out invites for an "Awe dropping" event on Tuesday, September 9 at the Apple Park campus in Cupertino, California. The timing follows Apple's trend of introducing new iPhone models annually in the fall. At the event, Apple is expected to unveil its new-generation iPhone 17, an all-new ultra-thin iPhone 17...
Read Full Article61 comments
iPhone 17 Pro Iridescent Feature 2

iPhone 17 Pro Clear Case Leak Reveals Three Key Changes

Sunday August 31, 2025 1:26 pm PDT by
Apple is expected to unveil the iPhone 17 series on Tuesday, September 9, and last-minute rumors about the devices continue to surface. The latest info comes from a leaker known as Majin Bu, who has shared alleged images of Apple's Clear Case for the iPhone 17 Pro and Pro Max, or at least replicas. Image Credit: @MajinBuOfficial The images show three alleged changes compared to Apple's iP...
Read Full Article78 comments
iphone 16 pro ghost hand

iPhone 17 Pro: 5 Reasons Not to Upgrade This Year

Monday September 1, 2025 4:35 am PDT by
Apple will launch its new iPhone 17 series this month, and the iPhone 17 Pro models are expected to get a new design for the rear casing and the camera area. But more significant changes to the lineup are not expected until next year, when the iPhone 18 models arrive. If you're thinking of trading in your iPhone for this year's latest, consider the following features rumored to be coming to...
Read Full Article114 comments
xiaomi apple ad india

Apple and Samsung Push Back Against Xiaomi's Bold India Ads

Friday August 29, 2025 4:54 am PDT by
Apple and Samsung have reportedly issued cease-and-desist notices to Xiaomi in India for an ad campaign that directly compares the rivals' devices to Xiaomi's products. The two companies have threatened the Chinese vendor with legal action, calling the ads "disparaging." Ads have appeared in local print media and on social media that take pot shots at the competitors' premium offerings. One...
Read Full Article210 comments
iOS 18 on iPhone Arrow Down

Apple Preparing iOS 18.7 for iPhones as iOS 26 Release Date Nears

Sunday August 31, 2025 4:35 pm PDT by
Apple is preparing to release iOS 18.7 for compatible iPhone models, according to evidence of the update in the MacRumors visitor logs. We expect iOS 18.7 to be released in September, alongside iOS 26. The update will likely include fixes for security vulnerabilities, but little else. iOS 18.7 will be one of the final updates ever released for the iPhone XS, iPhone XS Max, and iPhone XR,...
Read Full Article47 comments

Top Rated Comments

Dirtfarmer Avatar
Dirtfarmer
80 months ago
if the software is of such demonstrably low quality, it should be easy for you to prove it. let's hear your proof.

BTW: Nothing like Windows not loading on its own surface laptops, or Excel crashing while running on Windows, or...., or myriad android bugs allowing replacement of software. Fact: Bugs do exist
[LIST=1]
* Super ('https://apple.slashdot.org/story/19/07/11/151241/apple-disables-walkie-talkie-app-due-to-vulnerability-that-could-allow-iphone-eavesdropping')
* easy ('https://it.slashdot.org/story/19/07/11/0423244/apple-pushes-a-silent-mac-update-to-remove-hidden-zoom-web-serverhttps://it.slashdot.org/story/19/07/09/0521212/serious-zoom-security-flaw-could-let-websites-hijack-mac-cameras')
* to ('https://it.slashdot.org/story/19/06/29/0651212/new-mac-malware-abuses-recently-disclosed-gatekeeper-zero-day')
* prove ('https://apple.slashdot.org/story/19/06/15/0450239/cellebrite-says-it-can-unlock-any-iphone-for-cops'):
* How ('https://apple.slashdot.org/story/19/06/03/1957213/apple-finally-kills-itunes')
* many ('https://apple.slashdot.org/story/19/05/14/1938252/its-almost-impossible-to-tell-if-your-iphone-has-been-hacked')
* more ('https://it.slashdot.org/story/19/04/08/221253/exodus-spyware-found-targeting-apple-ios-users')
* do ('https://apple.slashdot.org/story/19/03/29/173216/macos-10144-mail-client-has-broken-gmail-access-for-some-users')
* you ('https://apple.slashdot.org/story/19/02/19/1722240/apples-newest-macs-seem-to-have-a-serious-audio-bug')
* want ('https://apple.slashdot.org/story/19/02/07/2046203/apple-releases-iphone-update-to-fix-group-facetime-eavesdropping-bug')?


That's just from a few months; not the most major clusters from, say, the last year or two.

The world outside of your echo chamber noticed a long time ago:

MacRumors content image
Score: 17 Votes (Like | Disagree)
matt_and_187_like_this Avatar
matt_and_187_like_this
80 months ago
What's so difficult to long press/3d touch the settings icon and then choose WiFi or bluetooth and turn it off?
Not difficult, but annoying that it doesn't work in control center that way anymore. When I turn Wifi off I want to turn it off not "disconnect but still on".
Score: 11 Votes (Like | Disagree)
bbeagle Avatar
bbeagle
80 months ago
I am a little confused. Does this mean that if someone is following you and within bluetooth range (100 ft?), they can track you?
Non-continuous tracking.

For example, if you're in a Starbucks, you can find the 5 people (who have an iOS/MacOS device) that are sitting there's bluetooth ID .... now tape your device under a table tracking all these ids, you'll know when those 5 people return. Therefore you can 'track people' and their comings and goings by their devices. Of course, you don't know who those 5 people are, you'd have to monitor it in person, and then watch as they leave/enter to name these IDs to track person by person. (i.e. ID #1 is 'cute freckled girl', #2 is 'fat balding guy', etc)

It has been possible to track people via cell phone towers for a long time for iOS and Android devices.
Score: 10 Votes (Like | Disagree)
laz232 Avatar
laz232
80 months ago
What's so difficult to long press/3d touch the settings icon and then choose WiFi or bluetooth and turn it off?
Except that doesn't turn it off Apple changed that in iOS 11(?) - now it's in a disconnected-but-still-on mode. very annoying. Same problem when I travel. I use a VPN, but turn it, and wifi, off when I go to bed. If I turn Wifi "off" via control centre then it turns back on at 5am (without the VPN).

Great management on that one, Tim Cook and co...
Score: 8 Votes (Like | Disagree)
matt_and_187_like_this Avatar
matt_and_187_like_this
80 months ago
iOS 13 reveals how many apps want to access Bluetooth. Really appreciate the new controls, but I wish Apple hadn't made turning off Bluetooth and Wifi so difficult in general. Never seems to turn off completely.
Score: 8 Votes (Like | Disagree)
MauiPa Avatar
MauiPa
80 months ago
Demonstrably low-quality software and decreasing-quality hardware.

Meaning increased margins and increased stock price!

Karaoke web series, watch bands, Doctor Dre headsets.

The sky's the limit!

#FIRETHEACCOUNTANT
if the software is of such demonstrably low quality, it should be easy for you to prove it. let's hear your proof.

BTW: Nothing like Windows not loading on its own surface laptops, or Excel crashing while running on Windows, or...., or myriad android bugs allowing replacement of software. Fact: Bugs do exist
Score: 8 Votes (Like | Disagree)
Read All Comments