|
|
| View previous topic :: View next topic |
| Author |
Message |
ladymobile
Joined: 01 Dec 2007
Posts: 4
|
 Posted: Sat Dec 01, 2007 12:05 pm Post subject: Security issues with the Bluetooth accessory/phone |
 |
|
Here are few Security issues with Bluetooth cell phones or accessories, you must take care of -
Here comes another one.
Backdoor attack, or deleting pairing info doesn't really delete pairing. Motorola phones are safe from this type of attack. When a device is deleted from the unit, the link key is deleted as well.
Next is Bluejacking. As with the Snarf attack, Motorola Phones are protected because they are only discoverable when first turned on, or when the user makes them discoverable. When in this mode, the phone only remains discoverable for 1 minute, limiting exposure to potential attacks.
In addition, the user interface of our phones provides some additional protection. Some bluetooth devices look in the vCard for the NAME field and present it to the user, with a message that the vCard has been received. So, if the NAME field is 'Hello, you've been bluejacked' then the user just sees, "'Hello, you've been bluejacked' has just been received by Bluetooth."
Motorola phones do not accept vCards without the user's input. When prompted, the user will view the vCard's filename, rather than the NAME field from within the vCard. In cases where the person doing the Bluejacking edits the file name, the phone shows the user something like this.
Incoming Transfer. [vCard Icon] Hello you have been bluejacked (or edited name)
From: [Friendly name of sending device]
Reject - Accept
The user then has the option to hit the Reject softkey and not receive the vCard.
|
|
| Back to top |
|
 |
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
