Matt Crawford <[EMAIL PROTECTED]> writes: > On Jun 3, 2005, at 11:55, Perry E. Metzger wrote: >> 2) They also have a way of forcing pairing to happen, by impersonating >> one of the devices and saying "oops! I need to pair again!" to the >> other. > > Do the devices then pair again without user intervention, re-using the > PIN that paired them initially?
That is my understanding. Ugly, isn't it? > I always imagined I could use a lame PIN if I was far from any > eavesdroppers... Given the nature of this new attack, it probably doesn't matter. Perry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]