Bluetooth Low Energy Flaw
Researchers Johannes K. Becker and David Starobinski wrote a paper [PDF] called Tracking Anonymized Bluetooth Devices. They presented it yesterday at the 19th Privacy Enhancing Technologies Symposium in Stockholm, Sweden.
The flaw lets an attacker track a device and extract information like device type or other data. BLE pairs devices by using non-encrypted public channels to ping nearby devices. Although BLE lets device manufacturers use a randomized address that changes constantly, the researchers were still able to find a way around it.
We present an address-carryover algorithm which exploits the asynchronous nature of payload and address changes to achieve tracking beyond the address randomization of a device. We furthermore identify an identity-exposing attack via a device accessory that allows permanent, non-continuous tracking, as well as an iOS side-channel which allows insights into user activity.
Their technique works on Apple devices and Windows 10 devices, but not Android. It sounds like it works on all iOS and macOS devices regardless of OS version.