Bluetooth Security Cavities
Sunder
sunder at sunder.net
Fri Aug 6 06:17:07 PDT 2004
http://www.wired.com/news/print/0,1294,64463,00.html
Security Cavities Ail Bluetooth
By Kim Zetter
Story location: http://www.wired.com/news/privacy/0,1848,64463,00.html
02:00 AM Aug. 06, 2004 PT
Serious flaws discovered in Bluetooth technology used in mobile phones can
let an attacker remotely download contact information from victims'
address books, read their calendar appointments or peruse text messages on
their phones to conduct corporate espionage.
An attacker could even plant phony text messages in a phone's memory, or
turn the phone sitting in a victim's pocket or on a restaurant table top
into a listening device to pick up private conversations in the phone's
vicinity. Most types of attacks could be conducted without leaving a
trace.
Security professionals Adam Laurie and Martin Herfurt demonstrated the
attacks last week at the Black Hat and DefCon security and hacker
conferences in Las Vegas. Phone companies say the risk of this kind of
attack is small, since the amount of time a victim would be vulnerable is
minimal, and the attacker would have to be in proximity to the victim. But
experiments, one using a common laptop and another using a prototype
Bluetooth "rifle" that captured data from a mobile phone a mile away, have
demonstrated that such attacks aren't so far-fetched.
<SNIP>
----------------------Kaos-Keraunos-Kybernetos---------------------------
+ ^ + :"Our enemies are innovative and resourceful, and so are we. /|\
\|/ :They never stop thinking about new ways to harm our country /\|/\
<--*-->:and our people, and neither do we." -G. W. Bush, 2004.08.05 \/|\/
/|\ : \|/
+ v + : War is Peace, freedom is slavery, Bush is President.
-------------------------------------------------------------------------
More information about the cypherpunks-legacy
mailing list