How secure is Windows Bluetooth pairing request?


Into_Oblivion1

New member
Local time
6:44 AM
Posts
27
OS
Windows 11
Dear all

I use Windows 11.

When a Bluetooth device wants to pair with to my laptop, a message pops up on my screen asking if I want to allow the pairing.

1.
How secure is this?

2.
Could a hacker bypass this, and still get access to my data without my knowledge through Bluetooth?

Thank you

Best regards
 
Windows Build/Version
Windows 11

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
Nothing is 100 Percent secure and bluetooth has been known to be attacked.

However, in general, bluetooth is quite safe to use with a modern pc. Just keep your phone and system up to date.

There are much bigger issues with security than bluetooth.

The main thing to watch out for is when pairing devices, ensure you are pairing the correct device, and never pair new devices in public places.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Dell G15 5525
    CPU
    Ryzen 7 6800H
    Memory
    32 GB DDR5 4800mhz
    Graphics Card(s)
    RTX 3050 Mobile 4GB Vram
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Screen Resolution
    Internal laptop screen: 1920 x 1080 @ 120hz
    Hard Drives
    2TB Solidigm™ P41 Plus nvme
    Internet Speed
    800mbps down, 20 up
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
Bluetooth has a very limited distance, usually only up to 30 - 60 feet
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell
Nothing is 100 Percent secure and bluetooth has been known to be attacked.

However, in general, bluetooth is quite safe to use with a modern pc. Just keep your phone and system up to date.

There are much bigger issues with security than bluetooth.

The main thing to watch out for is when pairing devices, ensure you are pairing the correct device, and never pair new devices in public places.

Could a hacker bypass the paiaring request, and still get access to my data without my knowledge through Bluetooth?
Or would you say it is around NSA-level skill?

Thank you
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
Could a hacker bypass the paiaring request, and still get access to my data without my knowledge through Bluetooth?
Or would you say it is around NSA-level skill?

Thank you
More than likely a hacker can. Only thing to do is make sure your settings is secure as possible. Go to settings, Bluetooth and Devices, Devices, scroll down to 'More Bluetooth settings, and adjust to what you want. These are mine:

1720004760832.png
 

My Computers

System One System Two

  • OS
    Win 11 Home & 🐥.
    Computer type
    Laptop
    Manufacturer/Model
    ACER Nitro AN16-41
    CPU
    AMD Ryzen™ 7 7735HS Processor 3.2Ghz
    Motherboard
    RB Sierra_PEH (FP7)
    Memory
    32 GB DDR5 4800MHz
    Graphics Card(s)
    NVIDIA GeForce RTX 4060 8GB GDDR6
    Monitor(s) Displays
    16" QHD+ 165Hz 16:10 IPS Technology
    Screen Resolution
    1920 X 1200
    Hard Drives
    Samsung 990 PRO 2TB
    PSU
    330 Watts
    Mouse
    Lenovo Bluetooth.
    Internet Speed
    500 Mbps
    Browser
    Edge
    Antivirus
    Defender
  • Operating System
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    ACER NITRO
    CPU
    AMD Ryzen 7 5800H / 3.2 GHz
    Motherboard
    CZ Scala_CAS (FP6)
    Memory
    32 GB DDR4 SDRAM 3200 MHz
    Graphics card(s)
    NVIDIA GeForce RTX 3060 6 GB GDDR6 SDRAM
    Sound Card
    Realtek Audio. NVIDIA High Definition Audio
    Monitor(s) Displays
    15.6" LED backlight 1920 x 1080 (Full HD) 144 Hz
    Screen Resolution
    1920 x 1080 (Full HD)
    Hard Drives
    Samsung 970 Evo Plus 2TB NVMe M.2
    PSU
    180 Watt, 19.5 V
    Mouse
    Lenovo Bluetooth
    Internet Speed
    500 Mbps
    Browser
    Edge
    Antivirus
    Defender
Could a hacker bypass the paiaring request, and still get access to my data without my knowledge through Bluetooth?
Or would you say it is around NSA-level skill?

Thank you
Anything is possible.

But I currently don't know of any way where modern bluetooth can be connected to a device without the pairing process being in effect. Usually it is all about tricking a person to pair to the wrong device.

There are bluetooth scanners that scan around public places looking for targets and to know if someone has been in that location before, and can be used for tracking.

This is why it is important to have your bluetooth device name be something unique that you would know, but without any personal information in it. Sort of like the ssid for your wifi.

For example. don't name your bluetooth device as Andrew's Iphone.

Name it something like Phone from outer space or something like that. You recognize it, but it doesn't have your name or personal info in it.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Dell G15 5525
    CPU
    Ryzen 7 6800H
    Memory
    32 GB DDR5 4800mhz
    Graphics Card(s)
    RTX 3050 Mobile 4GB Vram
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Screen Resolution
    Internal laptop screen: 1920 x 1080 @ 120hz
    Hard Drives
    2TB Solidigm™ P41 Plus nvme
    Internet Speed
    800mbps down, 20 up
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
I have a latop, that I use as a backup for my own important data.

The laptop is offline from the internet aswell.

I have turned bluetooth off and disabled bluetooth in device manager - but bluetooth was turned on for some minutes before this.
I just want to make sure, that nothing malicious got through in those minutes.

My OS i fully updated.
I did a deep scan after with Microsoft Defender - it found nothing
-
Would you trust, that my laptop is clean from malware etc.?

Thank you
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
I have turned bluetooth off and disabled bluetooth in device manager - but bluetooth was turned on for some minutes before this.
Bluetooth and wifi can toggle themselves on to help with location services to get an accurate reading of where you are, such as the maps app or the weather app or anything using location.

Would you trust, that my laptop is clean from malware etc.?
More than likely you are fine. A scan with windows defender and malwarebytes could not hurt though. I highly doubt you were attacked via bluetooth.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Dell G15 5525
    CPU
    Ryzen 7 6800H
    Memory
    32 GB DDR5 4800mhz
    Graphics Card(s)
    RTX 3050 Mobile 4GB Vram
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Screen Resolution
    Internal laptop screen: 1920 x 1080 @ 120hz
    Hard Drives
    2TB Solidigm™ P41 Plus nvme
    Internet Speed
    800mbps down, 20 up
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
Bluetooth and wifi can toggle themselves on to help with location services to get an accurate reading of where you are, such as the maps app or the weather app or anything using location.
Are you saying, that Wifi and Bluetooth could get turned on, without my knowledge?
Also if they are disabled in Device Manager?
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
Are you saying, that Wifi and Bluetooth could get turned on, without my knowledge?
Yes, this happens on your phone as well. Even when wifi is off or bluetooth they do turn themselves on to help with location services from time to time.

On android, this is called wifi scanning and bluetooth scanning.

Also if they are disabled in Device Manager?
If they are disabled in device manager, they should not be able to turn themselves on. However, if a driver update is applied (say though windows update) this can re-enable them and turn them back on.

If you want to block them fully, turn them off in the systems bios. But keep in mind that the bios could be updated and revert back to system defaults.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Dell G15 5525
    CPU
    Ryzen 7 6800H
    Memory
    32 GB DDR5 4800mhz
    Graphics Card(s)
    RTX 3050 Mobile 4GB Vram
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Screen Resolution
    Internal laptop screen: 1920 x 1080 @ 120hz
    Hard Drives
    2TB Solidigm™ P41 Plus nvme
    Internet Speed
    800mbps down, 20 up
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
If they are disabled in device manager, they should not be able to turn themselves on. However, if a driver update is applied (say though windows update) this can re-enable them and turn them back on.
"However, if a driver update is applied (say though windows update) this can re-enable them and turn them back on."
I am not worried about this, since it would require the laptop to have internet access.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
How is the computer offline, is the Wireless/Wi-Fi adapter in it turned off in Device Manager? I use Bluetooth mice and if like all of mine, turning off the adapter also turns off the Bluetooth function.
 

My Computers

System One System Two

  • OS
    Win11 Pro RTM
    Computer type
    Laptop
    Manufacturer/Model
    Dell Vostro 3400
    CPU
    Intel Core i5 11th Gen. 2.40GHz
    Memory
    12GB
    Hard Drives
    256GB SSD NVMe M.2 and 2TB SATA HDD
  • Operating System
    Windows 11 Pro RTM x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Vostro 5890
    CPU
    Intel Core i5 10th Gen. 2.90GHz
    Memory
    16GB
    Graphics card(s)
    Onboard, no VGA, using a DisplayPort-to-VGA adapter
    Monitor(s) Displays
    24" Dell
    Hard Drives
    512GB SSD NVMe, 2TB WDC HDD
    Browser
    Firefox, Edge
    Antivirus
    Windows Defender/Microsoft Security
Bluetooth has had many flaws over the years that have allowed threat actors to gain access to systems without user consent or knowledge. It does, as many stated have limited range and unless you are being targeted is okay to run from your home. As a precautionary measure it is a good idea to disable Bluetooth if you are out in public and not actively using it. Having Bluetooth on at DefCon as an example will often result in you ending up on their wall of sheep often with some personal info leaked due to Bluetooth being enabled or often connecting to the "free & public" wifi APs setup.
 

My Computer

System One

  • OS
    Windows 11
How is the computer offline, is the Wireless/Wi-Fi adapter in it turned off in Device Manager? I use Bluetooth mice and if like all of mine, turning off the adapter also turns off the Bluetooth function.
1.
Disconnected from network
Wifi turned off
Disabled network adapters / network cards in device manager

2.
Bluetooth turned off
Disabled Bluetooth in device manager
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
Bluetooth has had many flaws over the years that have allowed threat actors to gain access to systems without user consent or knowledge.
Like bypassing the pariring request?

What could be signs, that they have connected to my Bluetooth adapter unauthorized?
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
Like bypassing the pariring request?

What could be signs, that they have connected to my Bluetooth adapter unauthorized?
Show connected devices !!!

If travelling I'd always use wired headphones rather than blu tooth -- iPhones and Samsungs can use a USBC->audio connector to connect to wired phones. Blu tooth while OK in a home is as leaky as a sieve when in public.

Cheers
jimbo
 

My Computer

System One

  • OS
    Windows XP,7,10,11 Linux Arch Linux
    Computer type
    PC/Desktop
    CPU
    2 X Intel i7
Show connected devices !!!
If the hacker has skill to bypass the pairing request, I assume, that the hacker would also have skill to hide the connected malicious device in "Connected devices" aswell?
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
If the hacker has skill to bypass the pairing request, I assume, that the hacker would also have skill to hide the connected malicious device in "Connected devices" aswell?
Maybe -- but worth a check. Perhaps the hacker is just interested in getting connected. I'd still not use blutooth in public -- you can easily use tiny wired phones without a problem. Just get the adapter.

Cheers
jimbo
 

My Computer

System One

  • OS
    Windows XP,7,10,11 Linux Arch Linux
    Computer type
    PC/Desktop
    CPU
    2 X Intel i7
Some types of attacks don't even show up as a connected device or they can simply spoof an existing device you connected already. This is why it's simply a good idea to disable Bluetooth when not in use and especially in public. Bluesnarf attacks are the most common and an attacker can simply download files from your system unauthenticated.
 

My Computer

System One

  • OS
    Windows 11
It's a point to point pairing. You wanna make sure you know the device name you are pairing it with. If you are really concerned, turn it off when you are in public places.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    CPU
    AMD Ryzen 9 3900X
    Motherboard
    MSI MPG Gaming Edge Wifi (X570)
    Memory
    32GB Adata XPG DDR4
    Graphics Card(s)
    ASUS GTX 1070 8GB ROG
    Monitor(s) Displays
    LG Ultrawide 34"
    Screen Resolution
    3440x1440
    Hard Drives
    Main Boot Drive : 512GB Adata XPG RGB Gen3x4 NVMe M.2 SSD
    PSU
    EVGA 600 Watts Gold
    Case
    Deepcool Genome II
    Cooling
    Deepcool Fryzen
    Internet Speed
    1Gbps
    Browser
    Chrome
    Antivirus
    "Moderna"
  • Operating System
    Windows 11 Pro
    Computer type
    PC/Desktop
    CPU
    i7-4790K
    Motherboard
    ASRock Xtreme6 Z97
    Memory
    16GB Corsair Vengeance Pro
    Graphics card(s)
    MSI R9 290
    Monitor(s) Displays
    LG Ultrawide 34"
    Screen Resolution
    3440x1440
    Hard Drives
    Samsung M.2
    PSU
    Thermaltake 475 Watts 80 Bronze
    Case
    Thermaltake Commander I Snow Edition
    Cooling
    Deep Cool Archer Air Cooler
    Mouse
    Logitech G402
    Keyboard
    Armageddon MKA-5R RGB-Hornet
    Internet Speed
    1Gbps
    Browser
    Chrome
    Antivirus
    Moderna :)

Latest Support Threads

Back
Top Bottom