Results 1 to 5 of 5

Thread: Bluetooth "flaws" cause data disclosure

  1. #1
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Beverwijk Netherlands

    Bluetooth "flaws" cause data disclosure

    Didnt' see this here yet, so here goes..

    There are serious flaws in the authentication and/or data transfer mechanisms on some bluetooth enabled devices. Specifically, two vulnerabilities have been found:

    Firstly, confidential data can be obtained, anonymously, and without the owner's knowledge or consent, from some bluetooth enabled mobile phones. This data includes, at least, the entire phonebook and calendar.

    Secondly, it has been found that the complete memory contents of some mobile phones can be accessed by a previously trusted ("paired") device that has since been removed from the trusted list. This data includes not only the phonebook and calendar, but media files such as pictures and text messages. In essence, the entire device can be "backed up" to an attacker's own system.

    Finally, the current trend for "Bluejacking" is promoting an environment which puts consumer devices at greater risk from the above attacks.




    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  2. #2
    AO French Antique News Whore
    Join Date
    Aug 2001
    oh boy! BlueTooth flaw! The Standart was just starting to lift up!!
    -Simon \"SDK\"

  3. #3
    BIOS Bomber
    Join Date
    Jul 2003
    looks like blue tooth is turning into a blue screen
    "When in doubt, use Brute Force."

    Never argue with an idiot. They'll drag you down to their level, then beat you with experience.

  4. #4
    Join Date
    Nov 2003
    Bluetooth is bullcrap. It works like China. in theory it will work but in reality it as cheap as what it costs. I'm waiting for something better instead of using bluetooth. And you should too.

    p. s. I like mandraketux's signature, but I don't applaud the vulgar language.

  5. #5
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Last week we reported on preliminary research from security firm A.L. Digital which suggested a number of security problems with Bluetooth-enabled mobile phones from Nokia and Ericsson. The paper argued that digital pickpockets could swipe address books and data from mobile phones because of security shortcomings in the implementation of Bluetooth by the manufacturers.

    Not so, says Nick Hunn, who in addition to his day job at TDK Systems is a long-standing proponent of and expert on Bluetooth. Nick reckons A.L. Digital's research gives little cause for concern. The easiest way to get data off a mobile phone is to steal it, according to Nick:


    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts