Zone-H.org - Unrestricted Information - Do you trust your Bluetooth?

Do you trust your Bluetooth?

Wednesday, 08 November 2006

Imagine such scenario: airport in XYZ (enter here your favourite airport name).There are travellers queuing for check-in, travellers already checked, travellers waiting for boarding: a lot of people who spend the time left before leaving by reading, wandering around, shopping at “Duty Free” or working, using their technological equipments...

This could seem to be the picture of a normal working day in an airport, but for crackers... ... it represents a sort of Paradise where enabled Wi-Fi and Bluetooth devices work as entry point to corporate and private data : What could a cracker ask more ?

The dangers and threats of Wi-Fi connections are commonly known but hardly anyone of those people in the airport would think they are likely to be potential targets for cyber criminals.

What if they knew which kind of nasty problems could be conveyed by Bluetooth devices?

On this proposal, Thierry Zoller and Kevin Finiste, two security experts who collaborated with Apple, Symantec, IBM, McAfee and many other companies, presented a Bluetooth live hacking session during Hack.Lu 2006, an international conference held in Luxemburg from October 19th to 21st.
The results of 1 hour Bluetooth wardriving session aren’t so surprising to us:295 unique discoverable devices and lots of vulnerable ones that can be attacked through various methods and hacked provoking huge data exposures. It would be possible, for example, to read phonebooks and SMS messages, dial numbers, redirect calls and also carry out wire(less)-tapping of BT headsets(!).

Of course we know that Bluetooth has a small range, but we know also (and crackers know it even better) that a specific antenna would allow the attacker to reach BT devices placed hundreds of meters away, as testified by Mr.Zoller and Mr.Finistere who reported to have achieved a device 2.6km far from the antenna: a new world record.

On this proposal, some 0days for BT vulnerabilities have been already published: for example you can compromise Mac OS X 10.3 or 10.4 over Obex . Then, some Windows vulnerabilities are also available.

Moreover, we have to point out that not only Windows OS are at risk, but Macs are vulnerable as well.Indeed even if the related flaw for Macs is now patched , we should not forget that it is possible to own internal networks over Bluetooth, in spite of which kind of computer is included in the network.

Comments Index (Total Messages: 2)

distance Written by Guest on 2006-11-09 15:20:10

Wow! Written by Guest on 2006-11-09 16:10:38

Powered by a Zone-H(ified) version of AkoComment 3.0!

DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice.

< Prev		Next >

[ Back ]