Xiaomi MIUI Official Forum

Gold Member

Rank: 3Rank: 3

Credits
345
Device
Mi 5
MIUI Version
7.9.22
Online time
1 Hours
Send PM

Mi HomeSuper WednesdayThanksgiving DayDie-hard MIUI FanMIUI FollowerMi Lover Medal

[Others] What Is BlueBorne?

[ Promote]
2196 11 |
15:57, Sep-13-2017 | From PC
|
|
Go to reply no.
Hi there. Near some copypaste about Bluetooth security problems. What do you think about it?

General Overview
Armis Labs revealed a new attack vector endangering major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them. The new vector is dubbed “BlueBorne”, as it spread through the air (airborne) and attacks devices via Bluetooth. Armis has also disclosed eight related zero-day vulnerabilities, four of which are classified as critical. BlueBorne allows attackers to take control of devices, access corporate data and networks, penetrate secure “air-gapped” networks, and spread malware laterally to adjacent devices. Armis reported these vulnerabilities to the responsible actors, and is working with them as patches are being identified and released.

What Is BlueBorne?
BlueBorne is an attack vector by which hackers can leverage Bluetooth connections to penetrate and take complete control over targeted devices. BlueBorne affects ordinary computers, mobile phones, and the expanding realm of IoT devices. The attack does not require the targeted device to be paired to the attacker’s device, or even to be set on discoverable mode. Armis Labs has identified eight zero-day vulnerabilities so far, which indicate the existence and potential of the attack vector. Armis believes many more vulnerabilities await discovery in the various platforms using Bluetooth. These vulnerabilities are fully operational, and can be successfully exploited, as demonstrated in our research. The BlueBorne attack vector can be used to conduct a large range of offenses, including remote code execution as well as Man-in-The-Middle attacks.

more info you can find here
https://www.armis.com/blueborne/#/general
Favorite1 Share

Rated by 1 person   Experience Reason  

OnkelPony + 1 Great!

Experience +1  View Rating Log

Senior Member

Rank: 2

Credits
57
Device
0
MIUI Version
0
Online time
0 Hours
Send PM
21:48, Sep-13-2017 | From APP
|
Si, how to fix it?

Gold Member

Rank: 3Rank: 3

Credits
345
Device
Mi 5
MIUI Version
7.9.22
Online time
1 Hours
Send PM

Mi HomeSuper WednesdayThanksgiving DayDie-hard MIUI FanMIUI FollowerMi Lover Medal

 Author| 21:51, Sep-13-2017 | From Mi 5
|
elrafaargentino replied at 2017-9-13 16:48
Si, how to fix it?

google already prepare patch for 6 and 7 android, as i know. But when xiaomi developer team implement this patch nobody know.

Senior Member

Rank: 2

Credits
154
Device
Redmi Note 3
MIUI Version
7.10.12
Online time
0 Hours
Send PM
16:25, Sep-14-2017 | From APP
|
Any response from Xiaomi?

Senior Member

Rank: 2

Credits
84
Device
0
MIUI Version
V8.2.10.0.MCFMIDL
Online time
0 Hours
Send PM
17:52, Sep-14-2017 | From PC
|
Yes, it is very serious problem, we mustn't stay vulnerable. I switched BT off before we get fix.

Senior Member

Rank: 2

Credits
56
Device
0
MIUI Version
V8.5.1.0.NCAMIEG
Online time
2 Hours
Send PM
01:54, Sep-15-2017 | From Mi 6
|
😫😫
Screenshot_2017-09-15-02-52-55-470_com.armis.blueborne_detector.png

Senior Member

Rank: 2

Credits
157
Device
0
MIUI Version
0
Online time
0 Hours
Send PM
17:11, Sep-15-2017 | From Redmi Note 4X
|
Yes Xiaomi provide the blueborne patch form Google i am a redmi note 4 user

Senior Member

Rank: 2

Credits
142
Device
Redmi Note 4 MTK
MIUI Version
V8.1.9.0.MBFCNDI
Online time
29 Hours
Send PM
18:10, Sep-18-2017 | From PC
|
AndyRaman replied at 2017-9-15 17:11
Yes Xiaomi provide the blueborne patch form Google i am a redmi note 4 user

Same device as me, but I have MTK variant. I hope Xiaomi / Mediatek will release a patched firmware soon - I depend on BT and will have to risk it!
Regards, CosmicDan

Diamond Member

Rank: 5Rank: 5

Credits
1645
Device
Mi 5s
MIUI Version
V8.5.4.0.MAGMIED
Online time
43 Hours
Send PM

Mi Band 2Xiaomi 6 LaunchMi HeadphonesMi Power Bank 10000MAH Mi VR HeadsetMi VRMi HomeMijia Story TellerMi  BunnyXiaomi 7th AnniversaryFantastic!I Love MIUIMIUI 2016MIUI 8MIUI Devices ContestMi NoteHappy New YearMerry ChristmasRocket to FutureFan Of MIUI ItalyMIUI Drawing Talent1 Million Forum App InstallsMIUI 2017I Love 2016MIUI Lucky Friday3 Million Forum MembersFan Of MIUI RussiaSuper MondayMIUI 9MIUI Forum App300K Forum MembersSurge S1Pokemon Master Medal10 Million Forum Posts3500K Forum MembersPuzzle MasterMiPopAndroid ElfDie-hard MIUI FanMaster Of TechnologyForum Contest LoverMi TalentScroll Of WisdomMi Bunny Game Master Youth PledgeMi Lover MedalDebate MasterAndroid GuruTechnology GuruMIUI FollowerStar Of Technology

13:15, Sep-20-2017 | From PC
|
I checked my very dubious Bluboo Dual and it is better protected with only a medium vulnerability to BlueBorne than any Xiaomi phone today.

One more thing to consider. My LG Flex 2 with Security Patch 2016-09-01 is 100% protected against BlueBorne. These are examples of older phones that do not get (Bluboo Dual) or do not need (LG Flex 2) a BlueBorne security patch.

I urge Xiaomi to work with the highest priority to fix the BlueBoo exploit ASAP on all Xiaomi phones with Global Stable ROMs and not to wait until Miui 9 is available as Global Stable (what could take another 3 to 4 months) for a fix

We need BlueBorne fixes now on all Xiaomi phones.

Diamond Member

Rank: 5Rank: 5

Credits
1645
Device
Mi 5s
MIUI Version
V8.5.4.0.MAGMIED
Online time
43 Hours
Send PM

Mi Band 2Xiaomi 6 LaunchMi HeadphonesMi Power Bank 10000MAH Mi VR HeadsetMi VRMi HomeMijia Story TellerMi  BunnyXiaomi 7th AnniversaryFantastic!I Love MIUIMIUI 2016MIUI 8MIUI Devices ContestMi NoteHappy New YearMerry ChristmasRocket to FutureFan Of MIUI ItalyMIUI Drawing Talent1 Million Forum App InstallsMIUI 2017I Love 2016MIUI Lucky Friday3 Million Forum MembersFan Of MIUI RussiaSuper MondayMIUI 9MIUI Forum App300K Forum MembersSurge S1Pokemon Master Medal10 Million Forum Posts3500K Forum MembersPuzzle MasterMiPopAndroid ElfDie-hard MIUI FanMaster Of TechnologyForum Contest LoverMi TalentScroll Of WisdomMi Bunny Game Master Youth PledgeMi Lover MedalDebate MasterAndroid GuruTechnology GuruMIUI FollowerStar Of Technology

13:47, Sep-22-2017 | From Mi Pad 2
|
Correction, my LG Flex 2 is not protected, the scanning app version 1.04 was faulty. Version 1.05 shows my LG device as vulnerable.

It is quite amazing that Xiaomi obviously does not care at all to warn about and fix the BlueBorne  Vurnelability.

Even Samsung is advising customers to switch off Bluetooth.

Credits Management

Quick Reply Top Return to the list