Results 1 to 9 of 9
  1. #1
    jren57
    Guest
    It seems there is something more sinister to bluejacking after all.

    The Register
    http://212.100.234.54/content/55/34007.html

    White Paper on SNARF and BACKDOOR attacks
    http://www.bluestumbler.org/






    See More: Bluetooth Security flaws




  2. #2
    G
    Guest

    Re: Bluetooth Security flaws

    "jren57" <[email protected]> wrote in message
    news:[email protected]
    > It seems there is something more sinister to bluejacking after all.
    >
    > The Register
    > http://212.100.234.54/content/55/34007.html
    >
    > White Paper on SNARF and BACKDOOR attacks
    > http://www.bluestumbler.org/
    >


    Nice link, very interesting. Seems even my relatively archaic 6310i is
    susceptible to attack (which is sooo unfair, seems I should have at least
    *one* advantage by not having a fancy new series 60 phone), although there's
    not much on there that'd be useful to them!

    It'll be interesting to see if there're many "hackers" that'd take much of
    an interest in this above the proof-of-concept phase, 'cause if I'm lucky to
    get bluetooth working when the devices are 6-8m apart with legit pairing,
    they'd more or less have to be sat on my knee to get anything useful when
    I'm out and about!





  3. #3
    Q
    Guest

    Re: Bluetooth Security flaws

    G - typed:
    > "jren57" <[email protected]> wrote in message
    > news:[email protected]
    >> It seems there is something more sinister to bluejacking after all.
    >>
    >> The Register
    >> http://212.100.234.54/content/55/34007.html
    >>
    >> White Paper on SNARF and BACKDOOR attacks
    >> http://www.bluestumbler.org/
    >>

    >
    > Nice link, very interesting. Seems even my relatively archaic 6310i is
    > susceptible to attack (which is sooo unfair, seems I should have at
    > least *one* advantage by not having a fancy new series 60 phone),
    > although there's not much on there that'd be useful to them!
    >
    > It'll be interesting to see if there're many "hackers" that'd take
    > much of an interest in this above the proof-of-concept phase, 'cause
    > if I'm lucky to get bluetooth working when the devices are 6-8m apart
    > with legit pairing, they'd more or less have to be sat on my knee to
    > get anything useful when I'm out and about!


    Security to me is keeping ahead of hackers & seems to be a continuous
    battle. There are flaws with GSM encryption, the new 802.11x protocols
    have weaknesses etc, etc but allowing 248 characters in the pairing
    field is a bit silly, all the more reason to not leave devices in a
    discoverable state.





  4. #4
    Clive
    Guest

    Re: Bluetooth Security flaws


    "G" <[email protected]*-nospamthanks_*yahoo.com> wrote in message
    news:[email protected]
    > "jren57" <[email protected]> wrote in message
    > news:[email protected]
    > > It seems there is something more sinister to bluejacking after all.
    > >
    > > The Register
    > > http://212.100.234.54/content/55/34007.html
    > >
    > > White Paper on SNARF and BACKDOOR attacks
    > > http://www.bluestumbler.org/
    > >

    >
    > Nice link, very interesting. Seems even my relatively archaic 6310i is
    > susceptible to attack (which is sooo unfair, seems I should have at least
    > *one* advantage by not having a fancy new series 60 phone), although

    there's
    > not much on there that'd be useful to them!
    >
    > It'll be interesting to see if there're many "hackers" that'd take much of
    > an interest in this above the proof-of-concept phase, 'cause if I'm lucky

    to
    > get bluetooth working when the devices are 6-8m apart with legit pairing,
    > they'd more or less have to be sat on my knee to get anything useful when
    > I'm out and about!
    >

    It looks like the only phone that can be attacked when NO VISIBLE is the
    Nokia 6310.

    But anyone (and I know several) who leaves their BT phone 'visible' is just
    asking for trouble. After all, being able to detect other BT devices was one
    of the great selling points of BT.

    I always pair devices and ALWAYS make sure none of my phones are visible

    Clive





  5. #5
    tHatDudeUK
    Guest

    Re: Bluetooth Security flaws


    "Clive" <[email protected]> wrote in message
    news:[email protected]
    > I always pair devices and ALWAYS make sure none of my phones are visible


    The paper mentions the problem occurs after they have been paired and the
    paired device has been deleted although it does mention the need to be
    "visible"





  6. #6
    Gloster Meteor
    Guest

    Re: Bluetooth Security flaws

    The Sony Ericcson T610 is also vulnerable, I've tried it. Every single 6310i
    and T610 I've tried to bluejack were easy and successful prey.

    "Clive" <[email protected]> wrote in message
    news:[email protected]
    >
    > "G" <[email protected]*-nospamthanks_*yahoo.com> wrote in message
    > news:[email protected]
    > > "jren57" <[email protected]> wrote in message
    > > news:[email protected]
    > > > It seems there is something more sinister to bluejacking after all.
    > > >
    > > > The Register
    > > > http://212.100.234.54/content/55/34007.html
    > > >
    > > > White Paper on SNARF and BACKDOOR attacks
    > > > http://www.bluestumbler.org/
    > > >

    > >
    > > Nice link, very interesting. Seems even my relatively archaic 6310i is
    > > susceptible to attack (which is sooo unfair, seems I should have at

    least
    > > *one* advantage by not having a fancy new series 60 phone), although

    > there's
    > > not much on there that'd be useful to them!
    > >
    > > It'll be interesting to see if there're many "hackers" that'd take much

    of
    > > an interest in this above the proof-of-concept phase, 'cause if I'm

    lucky
    > to
    > > get bluetooth working when the devices are 6-8m apart with legit

    pairing,
    > > they'd more or less have to be sat on my knee to get anything useful

    when
    > > I'm out and about!
    > >

    > It looks like the only phone that can be attacked when NO VISIBLE is the
    > Nokia 6310.
    >
    > But anyone (and I know several) who leaves their BT phone 'visible' is

    just
    > asking for trouble. After all, being able to detect other BT devices was

    one
    > of the great selling points of BT.
    >
    > I always pair devices and ALWAYS make sure none of my phones are visible
    >
    > Clive
    >
    >






  7. #7
    Lenny
    Guest

    Re: Bluetooth Security flaws


    > The Sony Ericcson T610 is also vulnerable, I've tried it. Every single

    6310i
    > and T610 I've tried to bluejack were easy and successful prey.


    Bluejacking isn't exactly exploiting a vulnerability though, more like a
    fairly pointless, rather geeky trick.





  8. #8
    Mauricio Freitas
    Guest

    Re: Bluetooth Security flaws

    "Lenny" <[email protected]> wrote in message
    news:[email protected]
    >
    > > The Sony Ericcson T610 is also vulnerable, I've tried it. Every single

    > 6310i
    > > and T610 I've tried to bluejack were easy and successful prey.

    >
    > Bluejacking isn't exactly exploiting a vulnerability though, more like a
    > fairly pointless, rather geeky trick.
    >


    Lenny is correct. Have a look on this article for more info:
    http://www.geekzone.co.nz/content.asp?contentid=1900

    --
    Mauricio Freitas
    Handhelds, mobile: http://www.geekzone.co.nz
    Bluetooth guides: http://www.geekzone.co.nz/content.asp?contentid=449





  9. #9
    Kolicha \(vinnieza\)
    Guest

    Re: Bluetooth Security flaws


    "Gloster Meteor" <[email protected]> wrote in message
    news:[email protected]
    > The Sony Ericcson T610 is also vulnerable, I've tried it. Every single

    6310i
    > and T610 I've tried to bluejack were easy and successful prey.
    >
    > "Clive" <[email protected]> wrote in message
    > news:[email protected]
    > >
    > > "G" <[email protected]*-nospamthanks_*yahoo.com> wrote in message
    > > news:[email protected]
    > > > "jren57" <[email protected]> wrote in message
    > > > news:[email protected]
    > > > > It seems there is something more sinister to bluejacking after all.
    > > > >
    > > > > The Register
    > > > > http://212.100.234.54/content/55/34007.html
    > > > >
    > > > > White Paper on SNARF and BACKDOOR attacks
    > > > > http://www.bluestumbler.org/
    > > > >
    > > >
    > > > Nice link, very interesting. Seems even my relatively archaic 6310i is
    > > > susceptible to attack (which is sooo unfair, seems I should have at

    > least
    > > > *one* advantage by not having a fancy new series 60 phone), although

    > > there's
    > > > not much on there that'd be useful to them!
    > > >
    > > > It'll be interesting to see if there're many "hackers" that'd take

    much
    > of
    > > > an interest in this above the proof-of-concept phase, 'cause if I'm

    > lucky
    > > to
    > > > get bluetooth working when the devices are 6-8m apart with legit

    > pairing,
    > > > they'd more or less have to be sat on my knee to get anything useful

    > when
    > > > I'm out and about!
    > > >

    > > It looks like the only phone that can be attacked when NO VISIBLE is the
    > > Nokia 6310.
    > >
    > > But anyone (and I know several) who leaves their BT phone 'visible' is

    > just
    > > asking for trouble. After all, being able to detect other BT devices was

    > one
    > > of the great selling points of BT.
    > >
    > > I always pair devices and ALWAYS make sure none of my phones are visible
    > >
    > > Clive
    > >
    > >

    >
    >


    hummm, bluejacking, www.bluejackq.com

    http://news.bbc.co.uk/1/hi/technology/3237755.stm