Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nokia Admits Multiple Bluetooth Security Holes

Posted by timothy on from the oops dept.

An anonymous reader writes "Nokia has admitted that four of its handsets (6310, 6310i, 8910 and 8910i) have multiple security vulnerabilities that can allow an attacker to read, edit and copy the contacts and calendar entries using Bluetooth. This admission comes after a ZDNet UK article published earlier today. the spokesperson advises customers to switch off Bluetooth in public places!" For more information, see the bluesnarfing site pointed out by reader profet.

3 of 136 comments (clear)

  1. Re:bluejacking by DJPenguin · · Score: 4, Informative

    Bluejacking is just where you send a contact to available phones, and it just used to startle people. This is nothing to do with bluesnarfing which is the hacking/changing data!

  2. Re:Great ! by Grounded0 · · Score: 4, Informative

    Go in to System Preferences, click Bluetooth applet, check "Support Non-Conforming Phones".

    --
    IRC: Grounded0 @ IRCnet. "I was lucky get into computers when it was very young & idealistic industry" -Steve Jobs
  3. Re:No big deal by hanssprudel · · Score: 4, Informative

    There are problems with Bluetooth by design. For one thing, no wireless protocol for interaction between devices can be truly secure unless peering requires physical contact between them (I place my phone next to my laptop, but the spook across the street has a directed antenna that is a thousand times stronger then the phone...)

    It isn't like this hasn't come up before, Schneier predicted that Bluetooth would be a security nightmare three and a half years ago ! Quoting:

    What amazes me is the dearth of information about the security of this protocol. I'm sure someone has thought about it, a team designed some security into Bluetooth, and that those designers believe it to be secure. But has anyone reputable examined the protocol? Is the implementation known to be correct? Are there any programming errors? If Bluetooth is secure, it will be the first time ever that a major protocol has been released without any security flaws. I'm not optimistic.

    And what about privacy? Bluetooth devices regularly broadcast a unique ID. Can that be used to track someone's movements?

    The stampede towards Bluetooth continues unawares. Expect all sorts of vulnerabilities, patches, workarounds, spin control, and the like. And treat Bluetooth as a broadcast protocol, because that's what it is.