Matt Crawford [EMAIL PROTECTED] writes:
On Jun 3, 2005, at 11:55, Perry E. Metzger wrote:
2) They also have a way of forcing pairing to happen, by impersonating
one of the devices and saying oops! I need to pair again! to the
other.
Do the devices then pair again without user
Perry E. Metzger wrote:
Matt Crawford [EMAIL PROTECTED] writes:
On Jun 3, 2005, at 11:55, Perry E. Metzger wrote:
2) They also have a way of forcing pairing to happen, by impersonating
one of the devices and saying oops! I need to pair again! to the
other.
Do the devices then pair again
On Jun 4, 2005, at 14:12, Thomas Lakofski wrote:
Finally, the PIN length ranges from 8 to 128 bits. Most manufacturers
use a 4 digit PIN and supply it with the device. Obviously, customers
should demand the ability to use longer PINs.
Correction: Most manufacturers hardcode the 4-digit PIN
Olle Mulmo wrote:
On Jun 4, 2005, at 14:12, Thomas Lakofski wrote:
Wrote? Well, quoted...
Finally, the PIN length ranges from 8 to 128 bits. Most manufacturers
use a 4 digit PIN and supply it with the device. Obviously, customers
should demand the ability to use longer PINs.
Correction:
Cracking the Bluetooth PIN
http://www.eng.tau.ac.il/~yash/shaked-wool-mobisys05/index.html
Abstract:
This paper describes the implementation of an attack on the Bluetooth
security mechanism. Specifically, we describe a passive attack, in
which an attacker can find the PIN used during the
On Jun 3, 2005, at 11:55, Perry E. Metzger wrote:
2) They also have a way of forcing pairing to happen, by impersonating
one of the devices and saying oops! I need to pair again! to the
other.
Do the devices then pair again without user intervention, re-using the
PIN that paired them
If you have a pair of bluetooth devices that are paired, best to keep
them in a faraday cage at all times.
Buy a Bluetooth phone and get a matching colour Faraday cage for FREE! *
* Faraday not included.
...
-
The
Matt Crawford [EMAIL PROTECTED] writes:
On Jun 3, 2005, at 11:55, Perry E. Metzger wrote:
2) They also have a way of forcing pairing to happen, by impersonating
one of the devices and saying oops! I need to pair again! to the
other.
Do the devices then pair again without user