Slashdot Mirror
'BlueBag' PC Sniffs Out Bluetooth Flaws
An anonymous reader writes "Why isn't Bluetooth set to "hidden" in all of Nokia's phones? Some hackers in Italy stuffed a computer with a bunch of Bluetooth dongles in a suitcase to see how many Bluetooth devices they could discover by wandering around airports, train stations and shopping malls. The answer? More than 1,400 in 23 hours." The team will present their findings at BlackHat later this summer.
-Eric
SJW: Someone who has run out of real oppression, and has to fake it.
While it is a fun experiment, it is really not news at all.
I have to make a 5 1/2 hours trip by train about twice a month, and for a while one of my ways to waste some time was bugging people who have bluetooth enabled phones...
My 'toolset' ?
A Palm m505 equipped with a bluetooth sdcard.
Typically, just walking through the train from one end to another would get me some tens of phones and a laptop here and there.
Often you can't pair with devices you find, but many of them don't really require pairing for getting data from them, and besides, pairing requests allow for sending text messages, and a 'yes' is an instinctive reply whenever people get bugged by popups.. also on a phone.. Even if that doesn't work, you can still bug people and even make use of their phone difficult... (great when you can find the phone of that extremely loudly talking person)
This was some 3 years ago, and it was well documented back then already.
Her sidekick didn't get hacked via bluetooth. The just used a really simple, easy to guess password and her web access (Sidekicks dont actually store much data, they ship photos & the address book off to the T-mobile servers.). IIRC she used the name of that little rat dog she used to carry around.
Her "incident" touched off a series of B-list celebs getting their sidekick data plasted around the web. I think Fred Durst was another one that was caught the same way.
There are some people that if they don't know, you can't tell 'em.