Bluetooth Can Be Cracked!
Nothing is completely safe today. Adobe has recently released a patch for a security hole in different graphical software, so why should Bluetooth be safe?
... and Bluetooth isn't safe off course! ;)
Two researchers of the Tel Aviv University School of Electrical Engineering Systems say they have discovered a technique for taking control of Bluetooth-enabled mobile phones. After you've established a connection with an other cell phone, the attacker can easily make calls with your phone. If there is a Bluetooth connection with a PC, the hacker can even transfer data between his Bluetooth device / cell phone and the hacked computer. Bluetooth can be very dangerous as you can see! Even when the handsets have security features switched on, your cell phone isn't save at all!
Avishai Wool, senior lecturer and Yaniv Shaked, graduate student and both researchers of the Tel Aviv University School of Electrical Engineering Systems have published recently a paper about three methods for forcing a repeat of the pairing process, "Cracking the Bluetooth PIN" ( http://www.eng.tau.ac.il/~yash/shaked-wool-mobisys05/ ). In this paper, a passive attack is described, in which an attacker can find the PIN used during the pairing process. The eye-opening conclusion of these two researchers: "Our results show that using algebraic optimizations, the most common Bluetooth PIN can be cracked within less than 0.06-0.3 seconds. If two Bluetooth devices perform pairing in a hostile area, they are vulnerable to this attack."
A Belgian Master student is making a fresh attempt to keep a list with Bluetooth security links on http://student.vub.ac.be/~sijansse/2e%20lic/BT/welcome.html.
Ollie Whitehousen security researcher of @stake, a digital security consulting firm ( http://www.atstake.com ) has written in October 2003 a paper that "examines methods of assessing the security of Bluetooth devices in relation to the protocol's design and implementation flaws" ( http://www.atstake.com/research/reports/acrobat/atstake_war_nibbling.pdf ).
In general, the most critical point is the 'pairing' - connection procedure of two Bluetooth devices. When a Bluetooth device asks you to re-enter the PIN number for re-pairing, once the two devices are re-connected, the hacker can now easily crack the PIN code.
Links:
- http://www.atstake.com/research/reports/acrobat/atstake_war_nibbling.pdf
- http://student.vub.ac.be/~sijansse/2e%20lic/BT/
- http://www.eng.tau.ac.il/~yash/shaked-wool-mobisys05/
For feedback on this article, please visit http://wallies.info/blog/item/145/index.html
Walter V. is a self-employed internet entrepreneur and founder-webmaster of several websites, including
wallies.info :: A snappy blog about snappy blue things :: blog | wiki | forum | links - http://wallies.info
mblo.gs :: A snappy moblog community - http://mblo.gs
Latest News
Fitch: US Consumer Products Sector To Face Challenges in 2009 MarketWatch - Appliances, Home, Hardware and Tools: Credit protection metrics for this sector are trending negative. 2009 will be extremely difficult with expected ... Fitch Enhances US RMBS Surveillance with Launch of 'RMBS Loss Metrics' |
More Reliable X360 Hardware Launches Gamespy.com, CA - 1, 2008 Venture Beat's Dean Takahashi has written an article which suggests Microsoft has finally released its new Xbox 360 "Jasper" hardware. ... Xbox 360 Jasper Revision Caught in the Wild Getting a new Xbox 360? Make sure it answers to "Jasper" |
3FN Ups Hardware Swap Capability Web Host Industry Review - Partner with DataPipe – Improve your ROI - Extend your IT resources "Hardware monitoring and replacement services can be the key criteria for successful web ... HostNine Re-Launches New Website |
East Longmeadow Hardware Store Robbed WSHM-TV, MA - By Liz Tufts Employees at the Rocky's Hardware store on North Main Street in East Longmeadow were closing up for the night on Sunday, when they got the ... • Police probe East Longmeadow hardware store robbery East Longmeadow Store Robbed |
Sales of carbon monoxide detectors are on the rise Aspen Times, CO - Ace assistant store manager Mark Janda explains how to install carbon monoxide alarms to Brian Guilander on Monday afternoon at Alpine Ace Hardware. ... Carbon monoxide detectors can save lives Carbon monoxide a threat Detectors key to saving lives |
Research and Markets: The IT Market in Malaysia Report Can Help IT ... MarketWatch - Further, the overall IT market is segmented into software, hardware, services and communication for the years 2007, 2008, 2009 and 2010. ... |
StudioDave Does A Hardware Review And Meets Ubuntu 8.10 Linux Journal - That machine's audio capabilities were negligible even with external hardware, but it had been serviceable for writing articles and as a portable MIDI ... |
Apple adds DMCA charge to Psystar suit ZDNet - Adrian Kingsley-Hughes, in a Hardware 2.0 blog entry, posts excerpts of Apple’s amended complaint, highlighting Psystar’s inclusion of an OS X “restore ... Apple adds DMCA charge to lawsuit against Psystar Apple adds DMCA charge to complaint against Psystar Feds Considering DMCA Anti-Circumvention Exemptions |
 Los Angeles Times | On Black Friday, the treasures were found off the beaten path Sky Hi Daily News, CO - I needed some hardware to repair my daughter’s Christmas tree. I avoided to big-name store and found a hardware store that had no lines and a store owner ... Stores lure shoppers with Black Friday deals Early-Morning Crowds Fill Stores For Bargains |
 SlashGear | Are you ready for Linux? San Jose Mercury News, USA - Some versions, like DSL Linux, are compact and fast, and thus able to run on minimal hardware, including that old 486 PC or Mac you've got stashed in the ... Browser swallows OS gOS Cloud: browser-based OS for Netbooks Good OS Announces Cloud |
Resources
-
All Computer Wholesale, PC Wholesale, Reseller, Wholesaler
Buy computers, software, Hardware, games and accessories from real wholesale companies, be a computer reseller!