Track people via Bluetooth on their phones


We’ve always known that phones – and the people wearing them – can be uniquely identified from their Bluetooth signatures, and that we need security techniques to prevent this. This new research shows that this is not enough.

Computer scientists from the University of California, San Diego have proven in a study published May 24 that tiny imperfections in phones caused during manufacturing create a unique Bluetooth beacon, which establishes a digital signature or fingerprint distinct from any other device. Although the Bluetooth of phones uses cryptographic technology which limits traceability, using a radio receiver these distortions of the Bluetooth signal can be discerned to track individual devices.


Study scientists conducted tests to show whether having multiple phones in the same location could interfere with their ability to track individual signals. The results of a first experiment showed that they succeeded in discerning the individual signals for 40% of the 162 devices in public. Another larger-scale experiment showed they could discern 47% of 647 devices in a public hallway over two days.

The tracking range depends on the device and the environment, and it can be several hundred feet, but in a crowded place, it can only be about 10 feet. Scientists were able to track a volunteer’s signal as they walked back and forth from their home. Certain environmental factors can disrupt a Bluetooth signal, including changes in ambient temperature, and some devices send signals with greater strength and range than others.

You could say “well, I’m just going to keep Bluetooth off when not in use”, but researchers say they’ve found that some devices, especially iPhones, don’t actually turn off Bluetooth unless a user don’t go directly into the settings to disable the signal. Most people may not even realize that their Bluetooth is constantly being broadcast by many smart devices.

*** This is a syndicated security blog from Schneier’s Security Bloggers Network written by Bruce Schneier. Read the original post at:


About Author

Comments are closed.