Major Bluetooth Security Flaw Found
New Scientist is reporting what appears to a serious security flaw in the bluetooth protocol. The flaw allows a hacker to force device pairing at will, and key discovery apparently takes less than .06 seconds on a Pentium IV.
This is not the security flaw found in February.
Via jkontherun.
Bruce Schneier covers it here.
Update: the risk may well be overblown in the New Scientist article. See my follow-up post here.
Related Posts
New Bluetooth Security Flaw – Not So Much?
Concern Over MS Office Security Issue Gathers Momentum
A Current Picture on Computer Security Attack Trends
About Risk
The Dangers of Personal Data Outsourcing
Liability for Software Vulnerabilities
Schneier on Ontario Land Fraud
This is the Trackback URI
/images/rss.jpg)
This article is quite flawed itself. I wrote up an analysis of the hack and posted it to my blog.
http://blogs.fullthrottle.com/EmbeddedBlue/
Basically it relies on a Bluetooth device with a bad security implemention and a user that chooses a really weak pin code.