Bluesnarfing: Latest Bluetooth Vulnerability

Seems Nokia phones are more likely to be susectible, but there are plenty of Sony Ericsson phones in the list as well.

While the hype over “bluejacking” via Bluetooth connections was quite overblown compared to what could be done with it, now security folks are warning about “bluesnarfing”. Apparently, there’s a security flaw that would let someone connect to your Bluetooth enabled device, download all your contact info and leave no trace. This attack apparently will even work on a number of devices when they’re in invisible mode – at which point they shouldn’t be reachable at all. Consider it digital pick-pocketing, where the victim will have no idea they’ve been taken. The guy who discovered this flaw says that the handset makers have been telling him it isn’t possible, so it should be interesting to see how they respond now that he’s gone public with the info. [Techdirt Corporate Intelligence: Techdirt Wireless]

1 comment for “Bluesnarfing: Latest Bluetooth Vulnerability

  1. Peggy Berk
    2/12/2004 at 3:54 pm

    This is like complaining that your airport has a major security flaw when you didn’t bother to change the default password… all bluetoth devices enable you to change the default pairing password of “0000” and additionally to limit services…. it takes a bit of effort – and will be a little less convenient when you want to tranfer info yourself between two devices as you will have to manually reenable transfer and enter the password, but you can set your devices to be much more secure than they are in their default states….

Leave a Reply

%d bloggers like this: