Worklet: Disabling Bluetooth on MacOS Endpoints IF No Connected Devices or Peripherals

  • 8 October 2019
  • 0 replies

Userlevel 5

Bluetooth is a short-range, low-power wireless technology commonly integrated into portable computing and communication devices and peripherals. Bluetooth is best used in a secure environment where unauthorized users have no physical access near the Mac. If Bluetooth is used, it should be secured properly.

Bluetooth is particularly susceptible to a diverse set of security vulnerabilities involving identity detection, location tracking, denial of service, unintended control and access of data and voice channels, and unauthorized device control and data access. It is recommended by the Center of Internet Security to disable bluetooth when connectable but not is use.

This Worklet is designed to disable bluetooth if the following criteria is met on end endpoint:

  1. Bluetooth is enabled and connectable

  2. No Peripheral are connected



brt=$(system_profiler SPBluetoothDataType 2>/tmp/log.txt | grep "Bluetooth:" -A 20 | grep Connectable | tr -d "[:space:]")

defaults read /Library/Preferences/ ControllerPowerState > /dev/null

if [[ $? -eq 0 && "$brt" == *"$brtmatch"* && $( cat /tmp/log.txt | wc -l ) -eq 0 ]]; then

exit 1
exit 0



sudo defaults write /Library/Preferences/ ControllerPowerState -int 0

killall -9 "bluetoothd"

Your MacOS endpoints that have bluetooth on and connectable with no connected peripherals will be disabled increasing the endpoints security hardening!

As always, let me know if you have any question.

0 replies

Be the first to reply!