The Rolling Proximity Identifier used in the Apple/Google Exposure Notification API beta through 2020-05-29 enables malicious users to circumvent Bluetooth Smart Privacy because there is a secondary temporary UID. An attacker with access to Beacon or IoT networks can seamlessly track individual device movement via a Bluetooth LE discovery mechanism.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
the rolling proximity identifier project the rolling proximity identifier |