[ISN] Pickpockets turn to technology

From: InfoSec News (isn@private)
Date: Tue Nov 18 2003 - 04:10:16 PST

  • Next message: InfoSec News: "[ISN] December 9th NB Privacy & Security Day"

    http://news.bbc.co.uk/2/hi/technology/3276315.stm
    
    By Mark Ward 
    BBC News Online technology correspondent 
    17 November, 2003
    
    A potential loophole in security for Bluetooth phones, which could see 
    strangers hacking into your address books, has been uncovered. 
    We all know that the type of mobile phone that you own says a lot 
    about you. In some circles having anything but the latest gadget can 
    send all the wrong signals to your peers. 
    
    But if you are not careful your handset could be revealing much more 
    about you than you would like, such as your entire address book. And 
    you may know nothing about it. 
    
    Security experts are warning that the Bluetooth short-range radio 
    technology can leave people vulnerable to the hi-tech equivalent of 
    pickpockets. 
    
    In laboratory tests researchers have managed to steal information 
    including address books and images from handsets by exploiting 
    shortcomings in Bluetooth security. 
    
    Radio risk 
    
    The technology, named after 10th Century king who united Denmark and 
    Norway, is supposed to bring devices together and make it easy to swap 
    data between gadgets, be they handsets, printers, PCs, headsets, MP3 
    players or robot dogs. 
    
    Now more than a million Bluetooth equipped devices are being produced 
    every week. 
    
    Some people use Bluetooth to do away with the need for wires to 
    connect their handset to a headset. Others are discovering the 
    delights of "bluejacking" which involves sending an anonymous message 
    to another Bluetooth-equipped phone. 
    
    But Adam Laurie of security firm AL Digital is worried that 
    vulnerabilities in Bluetooth might be put to more malicious ends. 
    
    Mr Laurie got interested in Bluetooth when he bought a headset for his 
    mobile phone. 
    
    "I was concerned about the security of my data so I investigated and 
    was not pleased at what I found," he said. 
    
    Drawing on the work of other security researchers, he created programs 
    that run on a laptop which scan for Bluetooth handsets and exploit two 
    vulnerabilities to suck down data from phones. 
    
    Ordinarily swapping anything more than minimal data between phones 
    should be impossible unless the phones are "paired" and their 
    respective owners have agreed a passcode. 
    
    "What we found was that we can take it one step further and bypass the 
    pairing requirement and go straight for some of the contacts on the 
    telephone," he said. 
    
    This vulnerability has been found on the SonyEricsson T68i and T610 
    phones and the Nokia 6310 and 7650 handsets. 
    
    Security lapse 
    
    Mr Laurie has dubbed the practice of scanning for vulnerable phones 
    "bluestumbling" after a popular program that many hackers have used to 
    find wi-fi networks. 
    
    On bluestumbling expeditions to London Mr Laurie said he had found 
    lots of devices that were vulnerable to attack. 
    
    He said he was now talking to manufacturers about fixing the 
    vulnerabilities he has discovered. 
    
    "At the moment there are no tools out there and no details as to how 
    it is done," he said, "but it will happen, someone will work out how 
    to do it in the coming weeks." 
    
    Other security experts such as Ollie Whitehouse from @stake and Bruce 
    Potter from Network Solutions have written about problems in 
    Bluetooth, some of which have been fixed in new releases of the core 
    software. 
    
    Anders Edlund, spokesman for the Bluetooth organisation that oversees 
    the technology, pointed out that the new vulnerabilities have yet to 
    be publicly verified and saw no reason to worry. 
    
    "I think the built-in security on Bluetooth is pretty good," he said. 
    "It has been discussed in the security group and it does not seem like 
    they are too worried about it." 
    
    Nick Hunn, from Bluetooth chip maker TDK, said there were probably 
    better ways of getting data from a phone. 
    
    If you wanted information from someone's handset you would probably 
    try and nick it rather than do it electronically," he said. 
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Nov 18 2003 - 06:59:43 PST