Re: [liberationtech] How secure is Bluetooth?
On Sun, 2012-01-29 at 14:47 -0800, Brian Conley wrote:
Thanks Jacob,
I expected you'd reply thusly. The implementation I'm talking about doesn't appear to be compromised based on what I've read in the links you've provided. The first link, from usenix, seems to be most damning, however doesn't appear to suggest that the packets from a voice call can be put back together in such a way they can be listened to. Even if that is true, it appears based on what I'm reading that, at most, current tools as of that paper, would only enable yo to listen to, at most, 2.4 seconds of audio from a one minute call.
Ok, so two academics in '07 get 90% of the way to a fully-working attack, but are stymied by a silly timing limitation in the software-defined radio they had on hand. They could trivially fix it by dropping another $1k on a second USRP for leapfrogging to the next channel, given that they _have exposed the hopping pattern_. And you conclude... "not compromised". Huh. I conclude "compromised for all practical purposes": I could take their paper and $2000 and build a fully-working attack if I had the motivation. As could any motivated interception capability vendor. Odds that this capability already exists: rapidly approaching unity. Also note that recording the traffic on all 79 3Mbit/s channels is trivially within the capabilities of any organization that designs its own hardware. This IC has programmable hop parameters and is < $5: www.atmel.com/atmel/acrobat/doc1612.pdf Slapping 79 of those on a board with a high-gain antenna and a USB interface left as an exercise for the reader. -- Mathematics is the supreme nostalgia of our time. _______________________________________________ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
participants (1)
-
Matt Mackall