Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nokia Admits Multiple Bluetooth Security Holes

Posted by timothy on from the oops dept.

An anonymous reader writes "Nokia has admitted that four of its handsets (6310, 6310i, 8910 and 8910i) have multiple security vulnerabilities that can allow an attacker to read, edit and copy the contacts and calendar entries using Bluetooth. This admission comes after a ZDNet UK article published earlier today. the spokesperson advises customers to switch off Bluetooth in public places!" For more information, see the bluesnarfing site pointed out by reader profet.

9 of 136 comments (clear)

  1. Re:bluejacking by DJPenguin · · Score: 4, Informative

    Bluejacking is just where you send a contact to available phones, and it just used to startle people. This is nothing to do with bluesnarfing which is the hacking/changing data!

  2. Re:Great ! by Grounded0 · · Score: 4, Informative

    Go in to System Preferences, click Bluetooth applet, check "Support Non-Conforming Phones".

    --
    IRC: Grounded0 @ IRCnet. "I was lucky get into computers when it was very young & idealistic industry" -Steve Jobs
  3. Ingornace? by juuri · · Score: 3, Informative

    Bluetooth was built from the ground up with security in mind, obviously Nokia totally boggled this.

    --
    --- I do not moderate.
  4. Re:K.I.S.S by Anonymous Coward · · Score: 3, Informative
    Actually if you are kind of loose in what you term an OS, many Symbian devices run basically 3 OS at the same time.

    Application platform, misc. servers & UI apps (UIQ, Series 60, ...)

    Symbian OS (kernel, middleware)

    Some sort of Manufacturer RTOS for running a GSM stack, for which Symbian doesn't quite cut it.

    These devices are far from simple. Given what you can do on this size of device, I wonder why someone doesn't make a solid state PC, with a few seconds boot time, and no noise. Wireless keyboard, monitor, mouse and LAN. (I don't mean a laptop).

    I think the thing you mentioned (running up someones bill, on 0900 numbers, or otherwise) has already happened long ago, but by faking the SIM. I think the original GSMs had a fairly large security flaw related to the encryption key.

    Or you could just steal someones phone ;)

  5. Re:No big deal by hanssprudel · · Score: 4, Informative

    There are problems with Bluetooth by design. For one thing, no wireless protocol for interaction between devices can be truly secure unless peering requires physical contact between them (I place my phone next to my laptop, but the spook across the street has a directed antenna that is a thousand times stronger then the phone...)

    It isn't like this hasn't come up before, Schneier predicted that Bluetooth would be a security nightmare three and a half years ago ! Quoting:

    What amazes me is the dearth of information about the security of this protocol. I'm sure someone has thought about it, a team designed some security into Bluetooth, and that those designers believe it to be secure. But has anyone reputable examined the protocol? Is the implementation known to be correct? Are there any programming errors? If Bluetooth is secure, it will be the first time ever that a major protocol has been released without any security flaws. I'm not optimistic.

    And what about privacy? Bluetooth devices regularly broadcast a unique ID. Can that be used to track someone's movements?

    The stampede towards Bluetooth continues unawares. Expect all sorts of vulnerabilities, patches, workarounds, spin control, and the like. And treat Bluetooth as a broadcast protocol, because that's what it is.

  6. Both ZDNET and Nokia wrong by linuxislandsucks · · Score: 3, Informative

    You have to turn off bluetooth functionability to be safe..

    Nokia is vunerabile to both having the device detect on and off in the hacks..

    according to the bleustumbler.org site..

    --
    Don't Tread on OpenSource
  7. Re:Big Woop. by INSSOMNIAK · · Score: 3, Informative

    You only need to be discoverable when you are pairing. After that you can keep bluetooth on and it is _supposed_ to only talk to those devices you know about.

  8. It's bad implementation, not specification by rassie · · Score: 3, Informative

    If nothing has changed since AL Digital released the it on bugtraq, then the most serious issues only affect phones that have previously been paired with the attacking Bluetooth device.

    This means that you have to have given the attacker access to privileged services at one point in time, and then deleted him.

    If you had not deleted him, he would obviously still have access.

    But it is the missing deletion that is the problem.

    You should not pair your device with any devices except your own. Your PDA requires to be paired with your Phone, Laptop, and access point, so it can dial up, synch, and have LAN access etc. But you don't have to pair it to send your business card to somebody else. There is no reason to pair with Joe Hackers device. So for most of the cases described by AL Digital it is just a bad implementation which does not affect the majority of users.

    For the rest of the cases it is also a bad implementation by Nokia and "possibly other manufacturers", it is not a vulnerability in the protocol.

  9. Re:Great ! by singleantler · · Score: 3, Informative

    While I can use my 6310i as a modem for my Mac with no problems, I can't access the phone book in it, which is highly annoying, and using 'Support non-confirming phones' hasn't made any difference to that.

    It's a shame - this is something the Sony/Ericsson phones do very well, but I still prefer Nokias overall (mainly because of their interface.)

    --
    "What if they're using IE?" "I've dumbed Mozilla down to cope with it." - BOFH