Bluesnarfing is a method of hacking into a Bluetooth-enabled mobile phone and copying its entire contact book, calendar or anything else stored in the phone's memory. Nokia and Sony Ericsson have admitted some of their handsets are vulnerable and although Sony Ericsson has made an effort to fix the problem, Nokia said the problem is not serious enough to warrant repairing.
Mark Rowe, consultant at security company Pentest, told ZDNet UK that the number of people that know how to perform the attack is quickly increasing and tools that enable the attack are widely available online. "We have been contacted by a number of security researchers that have worked out how to do it themselves without any help from us," Rowe said. "We were concerned when the information was previously published and we were told you need special tools. But in reality, anybody who looked into it in any depth would quickly work out how the attack is possible."
Rowe urged the media not to publicise which tools are used in attacks because this "would make it really easy for somebody to work out what to do". A Web search revealed hundreds of sites distributing the tools.
According to Rowe, the problem lies in how manufacturers implemented the object exchange (OBEX) protocol, which is a common method used by mobile devices to exchange information. "It was a deliberate design decision not to include authentication -- that allows people to [easily] send business cards to each other," he said. But the companies had overlooked that this implementation would also mean files could be transferred back and forth without permission, he said.
Tom Watson, Labour MP for West Bromwich East and a Bluetooth-phone user, told ZDNet UK he is concerned about the privacy of consumers and hopes that mobile phone manufacturers will do more to help fix the problem. "Once again consumers have to bear the brunt of technological failure," he said. "This offers profound threats to people's privacy. The least the sector can do is put matters right," he said.
Rowe advises anyone with a Bluetooth handset to keep it in hidden mode or even better, switch Bluetooth off: "If devices are hidden they are very difficult to find. There are techniques to find hidden devices, but it is a brute-force method that would take a lot of time. If they are not in hidden mode, you can find their address by simply asking," he said.
push button authentication?
is it not possible to just turn on a feature where before anything is xferred, one must press a button to authorize the transfer on the keypad?
i would have though that would be the most basic level of security.
valis
ceo
http://www.valissoft.com