Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nokia Admits Multiple Bluetooth Security Holes

Posted by timothy on from the oops dept.

An anonymous reader writes "Nokia has admitted that four of its handsets (6310, 6310i, 8910 and 8910i) have multiple security vulnerabilities that can allow an attacker to read, edit and copy the contacts and calendar entries using Bluetooth. This admission comes after a ZDNet UK article published earlier today. the spokesperson advises customers to switch off Bluetooth in public places!" For more information, see the bluesnarfing site pointed out by reader profet.

5 of 136 comments (clear)

  1. Great ! by mpeeters · · Score: 5, Funny

    Great, not a single Mac OS X app can correctly address my 6310i, but Joe Random Hacker can? Urgh. I need to get my priorities straight.

    --
    Research is what I'm doing when I don't know what I'm doing.
  2. Social science wonder? by orzetto · · Score: 5, Insightful

    These days we have all possible material about encryption available publicly. We have RSA, we have digital signatures, we have freely available software which can create perfectly encrypted material which would give bad headaches to the NSA if they had to crack it, even I can encode anything with gpg.
    Yet, a mobile-phone giant does this. Are they just plain stupid, or is this another example of the wonders of social science? I can't help thinking how intelligent an ant nest can be though ants singularly are so stupid, and how an organization with some of the brightest engineers on the planet can act so carelessly.

    --
    Victims of 9/11: <3000. Traffic in the US: >30,000/y
  3. Re:No big deal by pesc · · Score: 5, Insightful

    What's happening with Bluetooth happened with wireless networks.
    What happened with wireless networks happened with anonymous ftp servers.
    What happened with anon ftp servers happened with telnet access (you remember the "guest" login provided by most hosts ?).
    Every time a new technology is used there are some flaws with it. No big deal.

    BIG DEAL!

    You could expect that someone that designs a new communication protocol today builds on past experience. It's not like viruses, spam, malware and and crackers are something unknown. Instead, you should make the security requirements absolutely central in your new protocols. With the bluetooth technology becoming the most widespread wireless communications protocol (if you believe its proponents) not having security as a top priority is absofuckinglutely brainlessly idiotical.

    --

    )9TSS
  4. Re:No big deal by infiniti99 · · Score: 5, Insightful

    Just to clarify, this article is about a problem in Nokia's implementation of Bluetooth, not necessarily a problem in the actual Bluetooth protocol/specification. As an analogy, we hear about security holes in IIS, Apache, OpenSSL, etc, but these do not necessarily indicate problems in the relevant RFC documents. At least, we can hope so ...

  5. nokia is not the only one by collin.m · · Score: 5, Interesting

    Nokia is not the only phone maker with broken or stupid bluetooth implementations. Just look at the Siemens S55 which by default (when bluetooth is on) accpets any kind of files and saves them to your phones inbox. Also it has several bugs, like the Nokia. I'm have setup a small website (http://www.betaversion.net/btdsd/) with a currently very small list of bluetooth capable phones with there security settings and bugs. I tell you bluetooth will be real fun in the future :-)