Bluetooth Security flaws

jren57 · 11-17-2003, 04:22 AM

It seems there is something more sinister to bluejacking after all.

The Register
http://212.100.234.54/content/55/34007.html

White Paper on SNARF and BACKDOOR attacks
http://www.bluestumbler.org/

› See More: Bluetooth Security flaws

G · 11-17-2003, 05:17 AM

"jren57" <[email protected]> wrote in message
news:[email protected]...
> It seems there is something more sinister to bluejacking after all.
>
> The Register
> http://212.100.234.54/content/55/34007.html
>
> White Paper on SNARF and BACKDOOR attacks
> http://www.bluestumbler.org/
>

Nice link, very interesting. Seems even my relatively archaic 6310i is
susceptible to attack (which is sooo unfair, seems I should have at least
*one* advantage by not having a fancy new series 60 phone), although there's
not much on there that'd be useful to them!

It'll be interesting to see if there're many "hackers" that'd take much of
an interest in this above the proof-of-concept phase, 'cause if I'm lucky to
get bluetooth working when the devices are 6-8m apart with legit pairing,
they'd more or less have to be sat on my knee to get anything useful when
I'm out and about!

Q · 11-17-2003, 05:41 AM

G - typed:
> "jren57" <[email protected]> wrote in message
> news:[email protected]...
>> It seems there is something more sinister to bluejacking after all.
>>
>> The Register
>> http://212.100.234.54/content/55/34007.html
>>
>> White Paper on SNARF and BACKDOOR attacks
>> http://www.bluestumbler.org/
>>
>
> Nice link, very interesting. Seems even my relatively archaic 6310i is
> susceptible to attack (which is sooo unfair, seems I should have at
> least *one* advantage by not having a fancy new series 60 phone),
> although there's not much on there that'd be useful to them!
>
> It'll be interesting to see if there're many "hackers" that'd take
> much of an interest in this above the proof-of-concept phase, 'cause
> if I'm lucky to get bluetooth working when the devices are 6-8m apart
> with legit pairing, they'd more or less have to be sat on my knee to
> get anything useful when I'm out and about!

Security to me is keeping ahead of hackers & seems to be a continuous
battle. There are flaws with GSM encryption, the new 802.11x protocols
have weaknesses etc, etc but allowing 248 characters in the pairing
field is a bit silly, all the more reason to not leave devices in a
discoverable state.

Clive · 11-17-2003, 05:44 AM

"G" <cool_and_funky@*-nospamthanks_*yahoo.com> wrote in message
news:[email protected]...
> "jren57" <[email protected]> wrote in message
> news:[email protected]...
> > It seems there is something more sinister to bluejacking after all.
> >
> > The Register
> > http://212.100.234.54/content/55/34007.html
> >
> > White Paper on SNARF and BACKDOOR attacks
> > http://www.bluestumbler.org/
> >
>
> Nice link, very interesting. Seems even my relatively archaic 6310i is
> susceptible to attack (which is sooo unfair, seems I should have at least
> *one* advantage by not having a fancy new series 60 phone), although
there's
> not much on there that'd be useful to them!
>
> It'll be interesting to see if there're many "hackers" that'd take much of
> an interest in this above the proof-of-concept phase, 'cause if I'm lucky
to
> get bluetooth working when the devices are 6-8m apart with legit pairing,
> they'd more or less have to be sat on my knee to get anything useful when
> I'm out and about!
>
It looks like the only phone that can be attacked when NO VISIBLE is the
Nokia 6310.

But anyone (and I know several) who leaves their BT phone 'visible' is just
asking for trouble. After all, being able to detect other BT devices was one
of the great selling points of BT.

I always pair devices and ALWAYS make sure none of my phones are visible

Clive

tHatDudeUK · 11-17-2003, 10:01 AM

"Clive" <[email protected]> wrote in message
news:[email protected]...
> I always pair devices and ALWAYS make sure none of my phones are visible

The paper mentions the problem occurs after they have been paired and the
paired device has been deleted although it does mention the need to be
"visible"

Gloster Meteor · 12-14-2003, 05:25 PM

The Sony Ericcson T610 is also vulnerable, I've tried it. Every single 6310i
and T610 I've tried to bluejack were easy and successful prey.

"Clive" <[email protected]> wrote in message
news:[email protected]...
>
> "G" <cool_and_funky@*-nospamthanks_*yahoo.com> wrote in message
> news:[email protected]...
> > "jren57" <[email protected]> wrote in message
> > news:[email protected]...
> > > It seems there is something more sinister to bluejacking after all.
> > >
> > > The Register
> > > http://212.100.234.54/content/55/34007.html
> > >
> > > White Paper on SNARF and BACKDOOR attacks
> > > http://www.bluestumbler.org/
> > >
> >
> > Nice link, very interesting. Seems even my relatively archaic 6310i is
> > susceptible to attack (which is sooo unfair, seems I should have at
least
> > *one* advantage by not having a fancy new series 60 phone), although
> there's
> > not much on there that'd be useful to them!
> >
> > It'll be interesting to see if there're many "hackers" that'd take much
of
> > an interest in this above the proof-of-concept phase, 'cause if I'm
lucky
> to
> > get bluetooth working when the devices are 6-8m apart with legit
pairing,
> > they'd more or less have to be sat on my knee to get anything useful
when
> > I'm out and about!
> >
> It looks like the only phone that can be attacked when NO VISIBLE is the
> Nokia 6310.
>
> But anyone (and I know several) who leaves their BT phone 'visible' is
just
> asking for trouble. After all, being able to detect other BT devices was
one
> of the great selling points of BT.
>
> I always pair devices and ALWAYS make sure none of my phones are visible
>
> Clive
>
>

Lenny · 12-14-2003, 06:25 PM

> The Sony Ericcson T610 is also vulnerable, I've tried it. Every single
6310i
> and T610 I've tried to bluejack were easy and successful prey.

Bluejacking isn't exactly exploiting a vulnerability though, more like a
fairly pointless, rather geeky trick.

Mauricio Freitas · 12-14-2003, 10:12 PM

"Lenny" <[email protected]> wrote in message
news:[email protected]...
>
> > The Sony Ericcson T610 is also vulnerable, I've tried it. Every single
> 6310i
> > and T610 I've tried to bluejack were easy and successful prey.
>
> Bluejacking isn't exactly exploiting a vulnerability though, more like a
> fairly pointless, rather geeky trick.
>

Lenny is correct. Have a look on this article for more info:
http://www.geekzone.co.nz/content.asp?contentid=1900

--
Mauricio Freitas
Handhelds, mobile: http://www.geekzone.co.nz
Bluetooth guides: http://www.geekzone.co.nz/content.asp?contentid=449

Kolicha \(vinnieza\) · 12-15-2003, 12:11 PM

"Gloster Meteor" <[email protected]> wrote in message
news:[email protected]...
> The Sony Ericcson T610 is also vulnerable, I've tried it. Every single
6310i
> and T610 I've tried to bluejack were easy and successful prey.
>
> "Clive" <[email protected]> wrote in message
> news:[email protected]...
> >
> > "G" <cool_and_funky@*-nospamthanks_*yahoo.com> wrote in message
> > news:[email protected]...
> > > "jren57" <[email protected]> wrote in message
> > > news:[email protected]...
> > > > It seems there is something more sinister to bluejacking after all.
> > > >
> > > > The Register
> > > > http://212.100.234.54/content/55/34007.html
> > > >
> > > > White Paper on SNARF and BACKDOOR attacks
> > > > http://www.bluestumbler.org/
> > > >
> > >
> > > Nice link, very interesting. Seems even my relatively archaic 6310i is
> > > susceptible to attack (which is sooo unfair, seems I should have at
> least
> > > *one* advantage by not having a fancy new series 60 phone), although
> > there's
> > > not much on there that'd be useful to them!
> > >
> > > It'll be interesting to see if there're many "hackers" that'd take
much
> of
> > > an interest in this above the proof-of-concept phase, 'cause if I'm
> lucky
> > to
> > > get bluetooth working when the devices are 6-8m apart with legit
> pairing,
> > > they'd more or less have to be sat on my knee to get anything useful
> when
> > > I'm out and about!
> > >
> > It looks like the only phone that can be attacked when NO VISIBLE is the
> > Nokia 6310.
> >
> > But anyone (and I know several) who leaves their BT phone 'visible' is
> just
> > asking for trouble. After all, being able to detect other BT devices was
> one
> > of the great selling points of BT.
> >
> > I always pair devices and ALWAYS make sure none of my phones are visible
> >
> > Clive
> >
> >
>
>

hummm, bluejacking, www.bluejackq.com

http://news.bbc.co.uk/1/hi/technology/3237755.stm

Thread Tools

Search Thread

Re: Bluetooth Security flaws

Re: Bluetooth Security flaws

Re: Bluetooth Security flaws

Re: Bluetooth Security flaws

Re: Bluetooth Security flaws

Re: Bluetooth Security flaws

Re: Bluetooth Security flaws

Re: Bluetooth Security flaws

Can you provide an overview of the registration process for GG.BET?

Xtrade Broker

What is the Best AI Videos Software for Laptop?

does electric cars use in car racing?

Which company electric car is best?

View More...

Can you provide an overview of the...

Can you provide an overview of the...

Loan in Georgia

Xtrade Broker

What is the Best AI Videos...

For Sale New Smart TV, Sony BRAVIA XR A90K / Samsung QN90B / LG OLED B2...

What are best institute to learn Medical Coding ?

Can Funds Lost In A Crypto Investment Scam Be Recovered? Yes: Visit iBolt...

Entrümpelungsfirma vor Umzug

Buy Samsung Galaxy S24 Ultra 512GB Only $559 from gizsale.com

View More...

game

Hello

Best blackjack websites

cream for achy joints?

workout tracker

View More...