New Way To Crack Secure Bluetooth Devices

moon_monkey writes "Cryptographers have discovered a way to hack Bluetooth-enabled devices even when security features are switched on, according to a report from New Scientist.com. The discovery may make it even easier for hackers to eavesdrop on conversations and charge their own calls to someone else's cellphone. From the article: 'Our attack makes it possible to crack every communication between two Bluetooth devices, and not only if it is the first communication between those devices,'"

Re:A fix...

[plover]

Don't use bluetooth! To me it seems very unnessesary to have a bt enabled phone.

Then not only didn't you RTFA, but apparently you haven't used Bluetooth, either. Bluetooth is an extremely useful mechanism for many of us. It lets my PDA get on line; and when I hop in my vehicle, my car stereo magically becomes my car phone whenever it rings.

I just wish more devices were Bluetooth enabled (and that this security hole didn't exist.) As is, I'm not losing sleep over this as I don't have a public-transit commute (the sort of place where breaks seem most likely to happen.)

Re:Article is missing an important detail

[MadRocketScientist]

Digging up their paper, it seems that it is not automatic:

If the attack is successful, the Bluetooth user will need to enter the PIN again - so a suspicious user may realize that his Bluetooth device is under attack and refuse to enter the PIN.