| Author |
Message |
Bjoern
Posts: 3615
Phone Model:
Nokia E61
Service Provider:
o2 Germany |
 
Fri May 14, 2004 4:21 am |
The german security company Integralis has testet some cellphone for there security if accessed by bluetooth. The following phones have lack of security:
Nokia 6230
Nokia 6310
Nokia 6310i
Nokia 6650
Nokia 6810
Nokia 6820
Nokia 7600
Panasonic X70
Siemens S55
Sony Ericsson T610
Sony Ericsson T630
Sony Ericsson T68i
Sony Ericsson Z600
For the complete list of tested phones:
http://www.integralis.de/media/press_releases/2004/120504OM.html
I know, it's not a big list, but 13 of 23 phones are vulnerable, more than 50%.
This is very disturbing.
Informations about what DoS (Denial of Service) attacks do:
http://www.integralis.de/media/press_releases/2004/120504SA.html
Snarf attacks
With Snarf attacks hacker can manipulate via bluetooth the settings of the phone without permission of the owner of the phone
Chaos attacks
With this one, the hacker can make calls, read and send sms, edit the phonebook via bluetooth and without the knowledge of the owner.
DoS attacks
The same as with computers: the phone will receive so many requests so fast, that it hang up it self.
Please disable always your bluetooth when you are in a area which is not "safe" [with many poeople (airport, trainstation, disco, etc.)].
|
 |
Advertisement
|
|
|
|
|
abhishta
Posts: 995
Phone Model:
Moto Mpx220, Nokia 6800(backup)
Service Provider:
T-mobile |
Fri May 14, 2004 10:22 am |
whoa!!!
That sounds bad.
Neways, does any1 know how u can do those attacks?? 
|
|
zTechno
Posts: 243 |
Sun May 16, 2004 5:15 am |
I've read on another site that bluetooth phones could reach another phone..! without the knowledge of the owner..!
They'd mentioned about sending in Massages to the phones..! via bluetooth..!
Send Contact-> then type in what ever you want.! -> SEND VIA BLue TOoth
BYe..!
This was under jokes section on a site..!
|
|
Bjoern
Posts: 3615
Phone Model:
Nokia E61
Service Provider:
o2 Germany |
Sun May 16, 2004 5:45 am |
| wrote: | I've read on another site that bluetooth phones could reach another phone..! without the knowledge of the owner..!
They'd mentioned about sending in Massages to the phones..! via bluetooth..!
Send Contact-> then type in what ever you want.! -> SEND VIA BLue TOoth
BYe..!
This was under jokes section on a site..! |
That's old, called "Bluejacking" and is nothing to worry about. It's nothing more than a joke.
|
|
Bjoern
Posts: 3615
Phone Model:
Nokia E61
Service Provider:
o2 Germany |
Fri Jul 02, 2004 10:47 am |
This bluetooth weakness has achieved new areas... especially in Germany, but could be a weakness in other countries too.
As I wrote, you can send and receive SMS via chaos attacks...
This weakness now some clever (?) guys use to gain access to WLAN HotSpots.
How?
Easy...
In Germany T-Mobile and Vodafone offer the WLAN HotSpots (T-Mobile offers them in the USA too). To gain access to a HotSpot, you've got to send a SMS to a special number T-Mobile (or Vodafone) and you will receive via SMS your login... it's an unlimited account for this HotSpot.
Payment? Via your cellphone bill.
So they send a SMS from your phone and have unlimited access to the HotSpot and you've got to pay in the end.
!!! Keep your bluetooth alway disabled if you're not in a safe enviroment !!!
Nokia 6310i users: update your firmware! The newest firmware (v5.52) disables the bluetooth security hole!
|
|
Marco_AUS
Posts: 9
Phone Model:
T610
Service Provider:
Telstra |
Tue Feb 01, 2005 9:02 am |
Something's been annoying me in relation to Bluetooth "Hackers" for some time now, I've gotta get this off my chest, so all newbies listen up - SENDING A MESSAGE FROM YOUR PHONE BOOK IS NOT HACKING. YOU HAVE NO DISCOVERED A SECURITY HOLE. YOU ARE NOT A "BLUE JACKER" AND SENDING A CONTACT NAMED "YOU HAVE BEEN BLUEJACKED" IS DAMN LAME!!!
Now that I've gotten past that... I was having a discussion the other day that, considering that mobile phones can 1. Run Software and 2. Have settings ie, Bluetooth Authorized List of devices that are allowed to connect to them, then - perhaps it would be possible for someone to write a Bluetooth Application say J2ME to mask an Bluetooth ADDRESS, I'm not too sure how that would work from the recieving end, but lets say DEVICE A, has address 555.AXO.772.41, DEVICE B allows a connection from DEVICE C; DEVICE C has Bluetooth address 666.ABO.882.41, DEVICE A runs an application and masks its address to the same as DEVICE C (555.AXO.772.41) and attempts a connection to DEVICE A; DEVICE A thinks DEVICE B is actually DEVICE C and acts accordingly via allowing authorized access.
Is it possible?
Has anyone actually ever hacked into a Bluetooth device?
|
