Announcement

Collapse
No announcement yet.

Have Bluetooth threats been properly addressed?

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Have Bluetooth threats been properly addressed?

    Hi all, I'm new to this site and new to wireless hacking..however my interest in the area has led me to strat writing a research paper.

    I know about certain types of attack that have been shown possible on Bluetooth devices (lets say mobile phones):

    Bluejacking

    A device which was once trusted but subsequently removed from the trusted list can still pair

    It is possible to view and log information about phones even if they are in 'undiscoverable' mode

    It is possible to creat a backdoor that will allow you to access at the very least the entire phonebook of your target without them noticing

    It is posssible to tun your victims device into a roaming bug and force their phone to make calls, for example to a premium rate number (called snarfing???)

    What I'd like to hear your opinion on is whether each of these atacks has been addressed adequately. I.E. wil there be imminent hardware or software fixes for them by either the Bluetooth SIG (e.g. in the next version of the protocol), or by the phone manufacters?

    The reason I ask is so that I can pick the attack which is least likely to be fixed in the near future, and then try to fix it myself!! This will be the basis of my research paper.

    Also any opinions on which is the most dangerous attack, and if there are any other types of attack I havent listed would be great

    Your responses will be very much appreciated :)

    -Alex
    Tags: None
  • #2
    Search these Forums on "bluetooth" and you'll get at least 27 threads, most of which discuss BT vunerablities and varying detail. Opinions are given in several of them about the various vunerablities and which are the most dangerous.

    Then hit Google, and start with these terms:

    bluejack (ing)
    bluejaq (ing)
    bluesnarf (ing)
    bluedriving
    toothing
    redfang
    shmoo group
    Thorn
    "If you can't be a good example, then you'll just have to be a horrible warning." - Catherine Aird

    Comment

    • #3
      No they have not even attempted to fix any of the bluetooth cellphone vaunerabilities. Verison refuses to even acknowledge it.
      "I wash my hands of those who imagine chattering to be knowledge, silence to be ignorance, and affection to be art." -Kahlil Gibran

      "Half the world is composed of idiots, the other half of people clever enough to take indecent advantage of them." -Walter Kerr

      Comment

      • #4
        Originally posted by xanderd
        Hi all, I'm new to this site and new to wireless hacking..however my interest in the area has led me to strat writing a research paper.

        I know about certain types of attack that have been shown possible on Bluetooth devices (lets say mobile phones):

        Bluejacking

        A device which was once trusted but subsequently removed from the trusted list can still pair

        It is possible to view and log information about phones even if they are in 'undiscoverable' mode

        It is possible to creat a backdoor that will allow you to access at the very least the entire phonebook of your target without them noticing

        It is posssible to tun your victims device into a roaming bug and force their phone to make calls, for example to a premium rate number (called snarfing???)

        What I'd like to hear your opinion on is whether each of these atacks has been addressed adequately. I.E. wil there be imminent hardware or software fixes for them by either the Bluetooth SIG (e.g. in the next version of the protocol), or by the phone manufacters?

        The reason I ask is so that I can pick the attack which is least likely to be fixed in the near future, and then try to fix it myself!! This will be the basis of my research paper.

        Also any opinions on which is the most dangerous attack, and if there are any other types of attack I havent listed would be great

        Your responses will be very much appreciated :)

        -Alex
        What is with you and the posts and threads with bluetooth, dear god is it some sort of fetish with you. Their is no such things as safe in this fucked up world so why the fuck do you persist in asking relative questions. Tell you what go work for on of the cellular companies specifically with their bluetooth implementation and in 10 years come back and tells us whether or not you have fixed all the problems but until then, Google is your friend.
        Did Everquest teach you that?

        Comment

        • #5
          Originally posted by allentrace
          What is with you and the posts and threads with bluetooth, dear god is it some sort of fetish with you. Their is no such things as safe in this fucked up world so why the fuck do you persist in asking relative questions. Tell you what go work for on of the cellular companies specifically with their bluetooth implementation and in 10 years come back and tells us whether or not you have fixed all the problems but until then, Google is your friend.

          I think I was very polite in asking a pertinent question in an appropriate place. However, I think your answer was rude, grammatically poor, and defeatistic in nature.

          I a researcher in Bluetooth security so asking these sorts of questions is a necessary part of research.

          The world will never become any safer if we dont continually strive to keep up to date and defend against the latest attacks.

          Comment

          • #6
            Originally posted by xanderd
            I think I was very polite in asking a pertinent question in an appropriate place. However, I think your answer was rude, grammatically poor, and defeatistic in nature.
            Yes your question was very polite; and my answer was very rude. Have a nice day.
            Did Everquest teach you that?

            Comment

            Previous template Next
            Working...
            X