Bluetooth Can Be Cracked!
Nothing is completely safe today. Adobe has recently released a
patch for a security hole in different graphical software, so why
should Bluetooth be safe?
... and Bluetooth isn't safe off course! ;)
Two researchers of the Tel Aviv University School of Electrical
Engineering Systems say they have discovered a technique for taking
control of Bluetooth-enabled mobile phones. After you've established
a connection with an other cell phone, the attacker can easily make
calls with your phone. If there is a Bluetooth connection with a
PC, the hacker can even transfer data between his Bluetooth device
/ cell phone and the hacked computer. Bluetooth can be very dangerous
as you can see! Even when the handsets have security features switched
on, your cell phone isn't save at all!
Avishai Wool, senior lecturer and Yaniv Shaked, graduate student
and both researchers of the Tel Aviv University School of Electrical
Engineering Systems have published recently a paper about three
methods for forcing a repeat of the pairing process, "Cracking the
Bluetooth PIN" ( http://www.eng.tau.ac.il/~yash/shaked-wool-mobisys05/
). In this paper, a passive attack is described, in which an attacker
can find the PIN used during the pairing process. The eye-opening
conclusion of these two researchers: "Our results show that using
algebraic optimizations, the most common Bluetooth PIN can be cracked
within less than 0.06-0.3 seconds. If two Bluetooth devices perform
pairing in a hostile area, they are vulnerable to this attack."
A Belgian Master student is making a fresh attempt to keep a list
with Bluetooth security links on http://student.vub.ac.be/~sijansse/2e%20lic/BT/welcome.html.
Ollie Whitehousen security researcher of @stake, a digital security
consulting firm ( http://www.atstake.com ) has written in October
2003 a paper that "examines methods of assessing the security of
Bluetooth devices in relation to the protocol's design and implementation
flaws" ( http://www.atstake.com/research/reports/acrobat/atstake_war_nibbling.pdf
In general, the most critical point is the 'pairing' - connection
procedure of two Bluetooth devices. When a Bluetooth device asks
you to re-enter the PIN number for re-pairing, once the two devices
are re-connected, the hacker can now easily crack the PIN code.
For feedback on this article, please visit http://wallies.info/blog/item/145/index.html
Walter V. is a self-employed internet entrepreneur and founder-webmaster
of several websites, including wallies.info :: A snappy blog about
snappy Blue things :: blog | wiki | forum | links - http://wallies.info
mblo.gs :: A snappy moblog community - http://mblo.gs