this post was submitted on 16 Feb 2026
92 points (95.1% liked)

Technology

81286 readers
4455 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
92
What Your Bluetooth Devices Reveal About You: Building Bluehood, a Bluetooth scanner that reveals what information we leak just by having Bluetooth enabled on our devices. (blog.dmcc.io)
submitted 22 hours ago by Beep@lemmus.org to c/technology@lemmy.world
12 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] tal@lemmy.today 15 points 8 hours ago* (last edited 1 hour ago) (2 children)

From my home office, running Bluehood in passive mode (just listening, never connecting), I could detect:

  • When delivery vehicles arrived, and whether it was the same driver each time
  • The daily patterns of my neighbours based on their phones and wearables
  • Which devices consistently appeared together (someone’s phone and smartwatch, for instance)
  • The exact times certain people were home, at work, or elsewhere

I mean, forget just locally monitoring around you. Google and Apple's Location Services, used by iOS and Android devices, phone home with the MAC addresses and signal strengths of nearby Bluetooth devices, so they know when all those devices were active and where. Unless it makes use of MAC randomization, they can track it. You can identify a device's manufacturer by its OUI, the first 24 bits of the MAC.

Google knows where people with Bluetooth headphones have gone, even if those people have never used Google products, just as long as they've been near someone with an Android phone using Location Services. They can probably identify where many people have met each other, by correlating locations of devices. They know, say, when and where Bluetooth-enabled Lovense sex toys were active.

https://www.youtube.com/watch?v=IRELLH86Edo

[–] tal@lemmy.today 1 points 2 minutes ago

Unless it makes use of MAC randomization, they can track it.

I'd also add that I'd be far from sure that even devices that are randomizing them are using a cryptographically-secure PRNG and reliable source of entropy. Even much-more-expensive and capable-of-obtaining-entropy personal computers with software that can be more-readily-inspected have had a spotty record here. I'd give pretty good odds that there are devices out there using a fixed seed and non-cryptographically-secure PRNG for MAC randomization, and that someone like Google, with a vast database of MAC/time/location data and a bunch of smart computer scientists on staff, could probably break the randomization if it wanted on at least some devices.

But you gotta crawl before you can walk, and today, we know that we aren't even crawling.