bluetooth and security

Archived from groups: alt.cellular.bluetooth (More info?)

Hi all!

Lately I've heard a lot about security leaks in bluetooth phones like
the SonyEricsson T610 e.g.. I've been told that without obvious pairing
people can use your phone for making calls or sending SMS or "download"
your addressbook. Of course I use "hidden mode" for BT, but that just
makes it more difficult yet not impossible.
What do you guys think about that? Do you switch of BT?


Thanks in advance
Daniel
4 answers Last reply
More about bluetooth security
  1. Archived from groups: alt.cellular.bluetooth (More info?)

    Hi Daniel,

    Daniel Brose schrieb:

    > Hi all!
    >
    > Lately I've heard a lot about security leaks in bluetooth phones like
    > the SonyEricsson T610 e.g.. I've been told that without obvious pairing
    > people can use your phone for making calls or sending SMS or "download"
    > your addressbook. Of course I use "hidden mode" for BT, but that just
    > makes it more difficult yet not impossible.
    > What do you guys think about that? Do you switch of BT?

    From my understanding, running your BT phone in "non-discoverable mode"
    (this is probably what you call "hidden mode") is sufficient. Guessing
    the BT address (with "Redfang" or sth. comparable") takes (based on my
    tests) about 20 secs per probed address. However, there is an address
    space of (at least) 256 ^ 3 addresses (given the manufacturer of your
    phone is known to the attacker). So you averagely need 256 ^ 3 * 20 secs
    / 2 = 5 years to find the address of a non-discoverable phone. This is
    totally unrealistic.

    I'm wondering whether anybody here has made other experiences with
    "Redfang" that would make this tool appear more realistic.

    Without knowing your device address an attacker is not able to attack
    your non-discoverable BT phone.


    Michael

    --
    Michael Schmidt
    University of Siegen, Germany
    http: www.nue.et-inf.uni-siegen.de/~schmidt/
    e-mail: schmidt _at_ nue.et-inf.uni-siegen.de
  2. Archived from groups: alt.cellular.bluetooth (More info?)

    Hello,

    > From my understanding, running your BT phone in "non-discoverable
    > mode"
    > (this is probably what you call "hidden mode") is sufficient. Guessing

    yes, "hidden mode" should be ok.

    > I'm wondering whether anybody here has made other experiences with
    > "Redfang" that would make this tool appear more realistic.

    not really

    > Without knowing your device address an attacker is not able to attack
    > your non-discoverable BT phone.

    exactly!


    .... Collin

    --
    Collin R. Mulliner <collin@betaversion.net>
    bluetooth device security database - http://betaversion.net/btdsd/
  3. Archived from groups: alt.cellular.bluetooth (More info?)

    Hi all,

    Collin R. Mulliner schrieb:
    >>Without knowing your device address an attacker is not able to attack
    >>your non-discoverable BT phone.
    >
    > exactly!

    thanks a lot for your answers! I feel relieved now... :-)


    Regards
    Daniel
  4. Archived from groups: alt.cellular.bluetooth (More info?)

    There is a firmware version that correct the t610 behaviour, since the
    weakness is in the implementation anche not intrinsic in the bluetooth
    protocols.

    In italy formware update is free under warranty
    Regards.


    "Daniel Brose" <Daniel.Brose@bur-kg.de> ha scritto nel messaggio
    news:2gs64vF652t0U1@uni-berlin.de...
    > Hi all!
    >
    > Lately I've heard a lot about security leaks in bluetooth phones like
    > the SonyEricsson T610 e.g.. I've been told that without obvious pairing
    > people can use your phone for making calls or sending SMS or "download"
    > your addressbook. Of course I use "hidden mode" for BT, but that just
    > makes it more difficult yet not impossible.
    > What do you guys think about that? Do you switch of BT?
    >
    >
    > Thanks in advance
    > Daniel
    >
Ask a new question

Read More

Bluetooth Phones Security