Re: Bluetooth cracked further

2005-06-04 Thread Dan Riley
Matt Crawford [EMAIL PROTECTED] writes: On Jun 3, 2005, at 11:55, Perry E. Metzger wrote: 2) They also have a way of forcing pairing to happen, by impersonating one of the devices and saying oops! I need to pair again! to the other. Do the devices then pair again without user

Re: Bluetooth cracked further

2005-06-04 Thread Thomas Lakofski
Perry E. Metzger wrote: Matt Crawford [EMAIL PROTECTED] writes: On Jun 3, 2005, at 11:55, Perry E. Metzger wrote: 2) They also have a way of forcing pairing to happen, by impersonating one of the devices and saying oops! I need to pair again! to the other. Do the devices then pair again

Re: Bluetooth cracked further

2005-06-04 Thread Olle Mulmo
On Jun 4, 2005, at 14:12, Thomas Lakofski wrote: Finally, the PIN length ranges from 8 to 128 bits. Most manufacturers use a 4 digit PIN and supply it with the device. Obviously, customers should demand the ability to use longer PINs. Correction: Most manufacturers hardcode the 4-digit PIN

Re: Bluetooth cracked further

2005-06-04 Thread Thomas Lakofski
Olle Mulmo wrote: On Jun 4, 2005, at 14:12, Thomas Lakofski wrote: Wrote? Well, quoted... Finally, the PIN length ranges from 8 to 128 bits. Most manufacturers use a 4 digit PIN and supply it with the device. Obviously, customers should demand the ability to use longer PINs. Correction:

Bluetooth cracked further

2005-06-03 Thread Perry E. Metzger
Cracking the Bluetooth PIN http://www.eng.tau.ac.il/~yash/shaked-wool-mobisys05/index.html Abstract: This paper describes the implementation of an attack on the Bluetooth security mechanism. Specifically, we describe a passive attack, in which an attacker can find the PIN used during the

Re: Bluetooth cracked further

2005-06-03 Thread Matt Crawford
On Jun 3, 2005, at 11:55, Perry E. Metzger wrote: 2) They also have a way of forcing pairing to happen, by impersonating one of the devices and saying oops! I need to pair again! to the other. Do the devices then pair again without user intervention, re-using the PIN that paired them

Re: Bluetooth cracked further

2005-06-03 Thread Edgar Danielyan
If you have a pair of bluetooth devices that are paired, best to keep them in a faraday cage at all times. Buy a Bluetooth phone and get a matching colour Faraday cage for FREE! * * Faraday not included. ... - The

Re: Bluetooth cracked further

2005-06-03 Thread Perry E. Metzger
Matt Crawford [EMAIL PROTECTED] writes: On Jun 3, 2005, at 11:55, Perry E. Metzger wrote: 2) They also have a way of forcing pairing to happen, by impersonating one of the devices and saying oops! I need to pair again! to the other. Do the devices then pair again without user