Bluetooth security flaw found

Cryptographers have found a security flaw in Bluetooth that allows unauthorized pairing between (among other things) mobile phones. Pairing is the process that Bluetooth devices go through to make sure the owner of each device is aware of the connection. During pairing, the same PIN has to be entered on both devices.


Cryptographers have found a security flaw in Bluetooth that allows unauthorized pairing between (among other things) mobile phones. Pairing is the process that Bluetooth devices go through to make sure the owner of each device is aware of the connection. During pairing, the same PIN has to be entered on both devices.

The new flaw allows a malicious user to pair without the other device alerting its owner. It masquerades as another device that’s currently paired with the target:

Avishai Wool and Yaniv Shaked [of Tel Aviv University in Israel] have managed to force pairing by pretending to be one of the two devices and sending a message to the other claiming to have forgotten the link key. This prompts the other device to discard the link key and the two then begin a new pairing session, which the hacker can then use

Source:MobileTracker


Author: Varun Krish

Varun Krish is a Mobile Technology Enthusiast and has been blogging about mobile phones since 2005. His current phones include the Samsung Galaxy S7 Edge , Apple iPhone 6S Plus & Nexus 5X. You can follow him on Twitter @varunkrish and on Google+ You can also mail Varun Krish