Stop Leaving Your Smartphone’s Bluetooth On

Stop Leaving Your Smartphone’s Bluetooth On

If you always leave Bluetooth on your phone on, you might want to rethink things.

A vulnerability known as BlueBorne was discovered this week by security research firm Armis. With it, researchers were able to infiltrate Samsung Galaxy Phones and the Google Pixel as well as an LG Sports Watch and a car audio system, all by exploiting the Bluetooth connection.

Other devices are also vulnerable. Specifically, iPhones and iPads that haven’t been upgraded to iOS 10, as well as a number of other Android, Microsoft and Linux products. A BlueBorne attack reportedly only takes 10 seconds to do and can give a hacker control of your Bluetooth-enabled device, even if it isn’t connected to anything when the attack begins.

Google and Microsoft put out security patches to get rid of the vulnerability this week. If you haven’t updated your phone in the past few days, you should go ahead and do that right now. No really, do it now.

The issue brings up a much bigger problem: you shouldn’t be leaving your Bluetooth on in the first place.

Wired notes that when you leave Bluetooth on, it’s constantly open to and waiting for other devices to connect to. That’s great when you want to sync your Fitbit or listen to some jams on your wireless headphones, but that also means that your device is constantly available for nefarious things to try and connect to it as well.

Sure, use it to connect to your headphones or car. But if you’re not using it, you should power the feature off.

The way BlueBorne works, it constantly scans for devices that have Bluetooth on, and when it finds one that has relevant vulnerabilities, it can hack into the device exceptionally quickly. Once connected, hackers can take control of the device and even steal data from it.

The attack can also spread from device to device. So, while attackers would technically need to be in Bluetooth range of your phone (10.06m) to pull something like this off, they can get some extra distance when there are other infected devices around as well.

Even though this specific vulnerability has been patched, it’s only a matter of time before something similar pops up.

The easiest line of defence? Don’t leave your Bluetooth on. Wired compares leaving Bluetooth on to leaving a door to your home unlocked. Yes, it will be easier to get in when you get home if you just don’t lock it, but you’re also making it much easier for robbers to come in and steal everything you have while you’re away.


  • I’m good, I like that it automatically pairs with my car, and with my headset at work, and my speakers at home.

    worth the risk, and it’s been patched already.

    • Exactly. They make it sound like it’s just on because we’re too stupid to turn it off. It’s on because that’s how it works with other devices we use. So what? just don’t use them?

      • Reminds me of those idiot baby boomer types who insist on routinely deleting their missed/dialled/received call lists

  • may as well turn of wifi cause WEP’s been hacked before and while we’re at it shut down every online account and maybe even technology in general 😉

Show more comments

Comments are closed.

Log in to comment on this story!