"T. Joseph CARTER" wrote: > > On Tue, Oct 05, 2004 at 09:46:27AM -0700, Allen Brown wrote: > > > > It is also a pipeline into your phone for pirates. > > > > Roughly half of the phones out there are insecure. > > > > And even tho the system is designed for short distance, > > > > someone who wants to break in can do so from up to a mile > > > > away with the appropriate hardware. > > > > I mis-spoke. Only half a mile. > > http://www.mikeslist.com/2004_08_01_archive.html > > > > > Discoverable: no. > > > > What do you mean? > > Exploits on BT devices have been of a nature that you can > somehow pair two devices without the owner of one device > knowing it. That's hard to do if the device isn't discoverable, > since non-discoverable devices don't respond to "Anybody out > there?" requests not directed to them by paired devices.
If two folks want to share addresses they then make their phones discoverable? That was probably the weakness that I heard about. Folks naturally forget to take the phone out of that mode afterwards. (And in any case, they are vulnerable during the transfer.) > > > Kinda useful, that. Patched firmwares exist for every phone > > > that has a known exploit. People just don't apply them. =p > > > > To me, this has the flavor of Microshaft. The protocol was > > designed for convenience and not for security. Same as windoze. > > Every time somebody breaks in the eventually patch the hole. > > But don't accept that the concept is inherently insecure. > > Same as Microshaft. > > Implementations of the protocol have flaws. There is no flaw > in my T616 firmware (the one was patched before my phone was > packaged, so it has the update already), and my PDA has never > had the flaw. Also, while my Macs all have had several > Bluetooth updates, none of them have been to fix a security > problem that I know of. > > The protocol was designed for convenience. However, it is a > wireless protocol like 802.11[abg], and these are inherently > less secure than protocols used over wires. > > > But for Bluetooth, the "fixes" I've seen were to leave the > > phone in a particular mode. And if you used Bluetooth to > > actually communicate with someone, it wasn't in that mode. > > Off or undiscoverable, yes. Most mobiles have flashable > firmware. If your mobile maker doesn't patch the firmware > and make it available to customers, I suggest you find a > better mobile manufacturer, because yours can't be trusted. > (Nokia..) I don't own a cellphone. Or a wireless phone. And my PDA doesn't have bluetooth. > > It would be interesting to hear your perspective on this. It > > sounded to me like Bluetooth was only in a secure mode when > > it was disabled. Wireless protocols are too promiscuous for > > my taste. > > They are somewhat. An interesting difference between wifi and > bluetooth is that bluetooth networks are always closed. Also, > a wifi key can be cracked. The cool thing about bluetooh is > that you assign a numeric PIN when you pair two devices, and > both must have the same PIN entered. You do this once, and > the two devices will set up a pair of values in its known or > trusted device list. These values are a key (not the PIN you > entered, but one the two devices agreed to after you provided > the initial PIN number) and the bluetooth equivalent of a > network card's MAC address. Always closed? Bluetooth networks are only as secure as the weakest node on the network. How secure are Bluetooth headphones. Notice that they have no keyboard to enter a PIN. I remember reading a Bluetooth white paper several years ago (before the protocol hit the streets) that talked about linked Bluetooth networks. If any products implemented that feature then you pretty much have to assume you are on the open WWW net at all times. > An undiscoverable device doesn't tell you its address, and > there's no way to get the PIN. All bluetooth exploits to date > involve bypassing the PIN to pair two devices, and the exploits > are device-specific rather than protocol-specific. Because > bluetooth devices are meant to be paired by one person with > both devices in their personal posession, this is a reasonable > approach. It also allows for more security, provided that the > owner of a device does not leave it broadcasting its presence > to any other devices someone else might be carrying. Security > of course depends on a good implementation though. And good habits. But the implementation can require more discipline or less. Seems like Bluetooth requires more. More than most people have. -- Allen Brown work: Agilent Technologies non-work: http://www.peak.org/~abrown/ [EMAIL PROTECTED] [EMAIL PROTECTED] The early bird gets the worm, but the *second* mouse gets the cheese. _______________________________________________ EUGLUG mailing list [EMAIL PROTECTED] http://www.euglug.org/mailman/listinfo/euglug
