Nokia Admits Multiple Bluetooth Security Holes 136
An anonymous reader writes "Nokia has admitted that four of its handsets (6310, 6310i, 8910 and 8910i) have multiple security vulnerabilities that can allow an attacker to read, edit and copy the contacts and calendar entries using Bluetooth. This admission comes after a ZDNet UK article published earlier today. the spokesperson advises customers to switch off Bluetooth in public places!" For more information, see the bluesnarfing site pointed out by reader profet.
Re:bluejacking (Score:5, Informative)
Re:Great ! (Score:4, Informative)
Re:bluejacking (Score:2, Informative)
Ingornace? (Score:4, Informative)
Re:K.I.S.S (Score:3, Informative)
Application platform, misc. servers & UI apps (UIQ, Series 60, ...)
Symbian OS (kernel, middleware)
Some sort of Manufacturer RTOS for running a GSM stack, for which Symbian doesn't quite cut it.
;)
These devices are far from simple. Given what you can do on this size of device, I wonder why someone doesn't make a solid state PC, with a few seconds boot time, and no noise. Wireless keyboard, monitor, mouse and LAN. (I don't mean a laptop).
I think the thing you mentioned (running up someones bill, on 0900 numbers, or otherwise) has already happened long ago, but by faking the SIM. I think the original GSMs had a fairly large security flaw related to the encryption key.
Or you could just steal someones phone
Re:No big deal (Score:5, Informative)
It isn't like this hasn't come up before, Schneier predicted that Bluetooth would be a security nightmare three and a half years ago [schneier.com] ! Quoting:
What amazes me is the dearth of information about the security of this protocol. I'm sure someone has thought about it, a team designed some security into Bluetooth, and that those designers believe it to be secure. But has anyone reputable examined the protocol? Is the implementation known to be correct? Are there any programming errors? If Bluetooth is secure, it will be the first time ever that a major protocol has been released without any security flaws. I'm not optimistic.
And what about privacy? Bluetooth devices regularly broadcast a unique ID. Can that be used to track someone's movements?
The stampede towards Bluetooth continues unawares. Expect all sorts of vulnerabilities, patches, workarounds, spin control, and the like. And treat Bluetooth as a broadcast protocol, because that's what it is.
Both ZDNET and Nokia wrong (Score:4, Informative)
Nokia is vunerabile to both having the device detect on and off in the hacks..
according to the bleustumbler.org site..
Re:Big Woop. (Score:3, Informative)
Re:Big Woop. (Score:3, Informative)
It's bad implementation, not specification (Score:4, Informative)
This means that you have to have given the attacker access to privileged services at one point in time, and then deleted him.
If you had not deleted him, he would obviously still have access.
But it is the missing deletion that is the problem.
You should not pair your device with any devices except your own. Your PDA requires to be paired with your Phone, Laptop, and access point, so it can dial up, synch, and have LAN access etc. But you don't have to pair it to send your business card to somebody else. There is no reason to pair with Joe Hackers device. So for most of the cases described by AL Digital it is just a bad implementation which does not affect the majority of users.
For the rest of the cases it is also a bad implementation by Nokia and "possibly other manufacturers", it is not a vulnerability in the protocol.
Re:Great ! (Score:3, Informative)
It's a shame - this is something the Sony/Ericsson phones do very well, but I still prefer Nokias overall (mainly because of their interface.)
Re:No big deal (Score:2, Informative)
What's important, though, is that a shared key is negotiated without being sent over the wire. It may be possible to brute-force the pin with data captured from the initial authentication run, or there might be an attack against the key generation or encryption, but the "physical connection" you claim is required is only one way of ensuring that authentication data isn't sent over the radio channel.
From the article... (Score:2, Informative)
Well that is just about all of the bluetooth phones out there then?
Re:Is Bluetooth upgradeable? (Score:2, Informative)
Try this (Score:3, Informative)