| Author |
bluejacking and now bluesnarfing |
energetic
Joined: Jan 13, 2003
Posts: > 500
From: Athens, Greece, Europe, Earth,
PM, WWW
|
For the moment no problem but later... who knows!
|
|
|
jazzmeister
Joined: Jan 12, 2004
Posts: 49
From: Malacca, Malaysia
PM |
man! talk about perpetual paranoia... 
Life is a journey we all must make... |
Vlammetje
Joined: Mar 01, 2003
Posts: > 500
From: Den Haag
PM, WWW
|
Well.... just can't be bothered to switch it on and off all the time.....
and would it really be worth developping a 'virus' that works on only 'certain phones os'?
it's not like a windows computer you know? 
|
energetic
Joined: Jan 13, 2003
Posts: > 500
From: Athens, Greece, Europe, Earth,
PM, WWW
|
@Vlammetje
This is what we were thinking before in the past regarding computer virus and now am feeling the history is repeated but am not concerned about that. Am concerned about the possibility someone accessing our mobile roms and removing files from there which are vital for our mobile phones. Many people are just having fun bluejacking us already. What about if the same people extend this to another level!
I believe all mobile manufacturers should take some measurements and protect our phones.
|
mixin
Joined: Jan 26, 2002
Posts: > 500
From: Notts, UK
PM, WWW
|
rule number no1: dont trust people who have bluetooth laptops in public.
|
Carlsb3rg
Joined: Jun 07, 2003
Posts: 400
From: Kuwait
PM, WWW
|
The question is not if your phone is vurnable, the question is HOW to do it ?  I understand that this can be done only with a computer? |
rdnymllnsktr
Joined: Feb 04, 2004
Posts: > 500
From: California, but now in Plano,
PM, WWW
|
But how do you tell if a laptop has built-in bluetooth?
MyPhoneExplorer is the new FMA!  http://www.fjsoft.at/en/downloads.php |
mixin
Joined: Jan 26, 2002
Posts: > 500
From: Notts, UK
PM, WWW
|
Carlsb3rg > just modify the bluetooth stack on a bluetooth enabled laptop. I highly doubt it would be possible on a normal mobile
rdnymllnsktr > If the user has a devious look on his face, hes probably upto no good...
|
MikLSP
Joined: Sep 21, 2003
Posts: > 500
From: se-nse.com
PM |
Quote:
|
On 2004-02-10 10:40:18, energetic wrote:
Am concerned about the possibility someone accessing our mobile roms and removing files from there which are vital for our mobile phones.
|
|
You can't even modify the.ROMs using the phone itself so I doubt anyone can do it externally through a vague BT connection, which are unstable enough at the best of times. (always failed sending, not finding devices etc.)
Also who said this, isn't the issue with contacts, calendar & other user info?
I'm leavin my BT on, I've yet to be Bluejacked never mind snarfed by some computer geek on a laptop!
|
Krubach
Joined: Dec 05, 2002
Posts: > 500
From: Sunny Portugal! :)
PM |
I think the only way to open a bluetooth serial port to a victims phone with no acceptance, is when the phone is paired with it.
Why the hell would anyone pair the phone with an attacker, by accepting the pairing in the first place!?!??!
_________________
David Bradley (IBM engineer), inventor of Ctrl+Alt+Del:
"I may have invented it, but Bill made it famous".
[ This Message was edited by: Krubach on 2004-02-10 10:47 ] |
laffen
Joined: Aug 07, 2001
Posts: > 500
From: Oslo, Norway
PM |
This has been discussed before. See http://www.esato.com/board/viewtopic.php?topic=43767
Also take a look at the comments by a Bluetooth expert from TDK on the theregister.co.uk web site when this was first discussed.
He ends his open letter like this:
...As a Bluetooth manufacturer we've not been approached by A.L. Digital. I've asked them for details of this and look forward to receiving them and putting them to the test. If there is an issue then the Bluetooth industry needs to address it. The people I talk to in the SIG understand the need to get security right and be honest about it - they all saw what the consequence is if you don't - look at the IEEE and 802.11. I suspect that what A.L. Digital have seen is a facet of having previously paired devices and then correlating the subsequent behaviour to that of a pristine, unpaired device. It would not be the first time that mistake has been made.
At the end of the day all security has to come down to the question of what is adequate for the application. In the case of Bluetooth on a mobile phone my interpretation is that the easiest way to get data off the phone is still to nick it. You can't blame Bluetooth for that.
Nick Hunn
Managing Director
TDK Systems Europe Ltd
[ This Message was edited by: laffen on 2004-02-10 12:25 ] |
Krubach
Joined: Dec 05, 2002
Posts: > 500
From: Sunny Portugal! :)
PM |
So I was right then...
[addsig] |
andhar
Joined: Feb 03, 2004
Posts: 3
From: Stockholm, Sweden
PM |
This has been mentioned before, though no one's posted a reply:
Can we assume that the Z600 is vulnerable if the T610 is? |
Babyface
Joined: Nov 14, 2003
Posts: 14
From: South Africa
PM |
Is there anything that could happen to my phone if the Bluetooth is on (i.e on but not discoverable?)
|
vinnieza
Joined: Sep 25, 2003
Posts: > 500
From: UK or was it Pluto?
PM, WWW
|
some more links:
http://bluestumbler.org/
http://news.com.com/2100-1009_3-5155927.html?tag=cnetfd.buzz
Hope this helps 
* No questions asked * |
|
|
Posted: 2004-02-10 09:53
ink p800:: 
urple t630:: 
