Home » Technology

Bluetooth security flaw found

Submitted by Varun Krish on June 7, 2005 – 7:22 pmEmail This Post Email This Post | No Comment


Cryptographers have found a security flaw in Bluetooth that allows unauthorized pairing between (among other things) mobile phones. Pairing is the process that Bluetooth devices go through to make sure the owner of each device is aware of the connection. During pairing, the same PIN has to be entered on both devices.

The new flaw allows a malicious user to pair without the other device alerting its owner. It masquerades as another device that’s currently paired with the target:

Avishai Wool and Yaniv Shaked [of Tel Aviv University in Israel] have managed to force pairing by pretending to be one of the two devices and sending a message to the other claiming to have forgotten the link key. This prompts the other device to discard the link key and the two then begin a new pairing session, which the hacker can then use

Source:MobileTracker

Email This Post Email This Post


Leave a comment!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.

Comment moderation is in use. Please do not submit your comment twice -- it will appear shortly.