Injecting Audio Into Insecure Bluetooth Handsets - Slashdot

Become a fan of Slashdot on Facebook

×

Injecting Audio Into Insecure Bluetooth Handsets 222

Posted by CmdrTaco on Wednesday August 03, 2005 @10:29AM from the thats-just-scary-stuff dept.

vandon writes "Linux hackers have demonstrated a way to inject or record audio signals from passing cars running insecure Bluetooth hands-free units. The Trifinite group showed how hackers could eavesdrop on passing motorists using a directional antenna and a Linux Laptop running a tool it has developed called Car Whisperer."

This discussion has been archived. No new comments can be posted.

Injecting Audio Into Insecure Bluetooth Handsets

Search 222 Comments Log In/Create an Account

Comments Filter:

Re:Top secret info (Score:3, Interesting)

by stecoop ( 759508 ) * writes: on Wednesday August 03, 2005 @10:38AM (#13230357) Journal

Zero.

Your title Top Secret info, then anyone that has that kind of clearance know that you cant talk on an unsecured line in an unsecured environment. If you mean getting caught talking nasty to your intern on a cell phone then all bets are off.

Parent Share
twitter facebook
Broadcast Ping (Score:2, Interesting)

by woodsrunner ( 746751 ) writes: on Wednesday August 03, 2005 @11:09AM (#13230591) Journal

That would be fun! I am sure WalMart would like that power to direct their shoppers to the latest thing they are trying to flog.

I have always wanted a way to do a broadcast ping of all the local cellphones to get them all to ring at once. I bet theatres would like a device that could do this in order to get patrons to turn off their ringers before shows start.

Parent Share
twitter facebook
Re:Device must be in paring mode (Score:2, Interesting)

by GodGell ( 897123 ) writes: on Wednesday August 03, 2005 @11:55AM (#13231027) Homepage

i have a jabra bt200 and will do some experiments with it someday.
anyway. yesterday as i was sitting on a bus on the way home from drumming school, i disconnected my phone from the bt200 so that i can do a scan for other devices and i found another phone (named "Hayat", no idea what that stands for). i tried to connect to it loads of times with passkey 0000, and most of the time it just said bluetooth connection error. once though it was passkey mismatch, so i guess the phone asked the guy the passkey. when i changed my phone's name to "passkey_is_0000" just to see what happens, the unknown phone disappeared. see, there's a new form of wardriving - warwalking - with bluetooth! :D
the whole thing took about 16 minutes, and all that time my bt200 was on my ear in search mode. yet nothing happened.

Parent Share
twitter facebook
Re:List of which kits are susceptable (Score:4, Interesting)

by ezzzD55J ( 697465 ) writes: <slashdot5@scum.org> on Wednesday August 03, 2005 @01:28PM (#13231966) Homepage

These guys seem to be pretending to be doing it for the good of the industry, but their site seems to list a lot of Bluetooth Hacks & Attacks. And they didn't seem to have made any effort to contact vendors to get the problem corrected, either.
Don't be too tough on them. I saw their demo at WhatTheHack [whatthehack.org] last weekend. After the session I asked which brand to buy for security, and the reply was that Nokia had done a good job of making up for their mess. Also their story at the time was that they test a lot of bluetooth stuff for the industry, working with the industry to find holes before phones go to market (not quite sure of the timing, but I am sure that they cooperate).

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

613 commentsIs the Obsession with EV Range All Wrong?
463 commentsElon Musk Predicts Electricity Shortage in Two Years
438 commentsIs 8GB of RAM Enough For a Mac?
426 commentsWhat's the Solution to Gridlocked EV Chargers?
418 commentsWhy EVs Won't Crash the Electric Grid

Say "twenty-three-skiddoo" to logout.