Tuesday, December 16, 2008

Mumbai Attack ( Adv Tech)

Decided for a post not fully related to bluesnarfing.
Looking back at the Nov 2008 Mumbai attack, it was clear that the attackers were clearly oct-teching the government troops.

The had satellite images of the city, carry handheld GPS sets and communicated via satellite and Internet phone.
It was reported that they were using 4 GPS systems which could double up as a wakie takie. Their cell phone users the Internet protocol for communication and this denied the police from using their conventional phone tracking devices.

The only way to protect ourselves 1) Out tech them 2) Turn off the systems
Linking back to our usual topic: While it is not likely GPS or goggle earth will ever be turned off. You can simply protect yourself from bluesnarfers by turning off your blue tooth.

Just remember, if you keep it on, it's like leaving your house door open. :)

Tuesday, December 2, 2008

Bluesnarf : The Backdoor Attack

This is a sneaky one.
This involves establishing a bluetooth paring with another phone.
Once the other phone accepst the paring, a "back door" is establish.
That means a connection remains and the owner of the phone being snarfed doesn't know that his information is being accessed.
That means you can literally transfer all the files, phonebook etc, or use any services of the victims phone.
The catch is, if someone is willing to pair with you in the first place, it is likely to be someone you know.
So be Careful when you pair with your friend in the future.

Monday, June 23, 2008

Pairing Securities for thought

When bluetooth devices pair, they cahnge idenfication information to ensure they are exchanging infomation with the right device.
Bluetooth pins can be 8 to 128 bits long. However, most phone makers use a standard 4 digit pin.
4 digit pin means that there can be a maximum of 9999 combinations of number.
Given they speed of computers that bluetooth attackers use, a pentium 4 can crack the paring code in less than 0.1 secs.
This simply means that any bluetooth attack can occur by "forcing" of "cheating" your device to pair with it as though it was a device your own bluetooth device previously paired with.
Then with a simple program, the attacker can crack the code and pair with your device to steal any information he wants.

So it you think you bluetooth device is safe because of the paring process, think twice.

Thursday, April 3, 2008

Long Distance Bluesnarfing

Just a little tip off here. Most people thinking that bluejaking/ bluesnarfing can only be done by people/ devices close by. But this is not absolutely true. For most people, usuing normal bluetooth devices/laptops, this rule stands. But all you need is a simple antenna and a class 1 toggle and you can bluesnarf anyone's phone up to a mile away, depending on terrain.

THis means that anyone can eseentially use your phone to make long distance calls, from up to a mile away, without any of your knowledge. Austrian researcher and Bluetooth expert Martin Herfurt did just that in an experiment in 2004

Thursday, January 17, 2008

Try This Poll

Found this Poll Quite interesting
See how many of us are bluesnafer vs bluejackers

Updated Jan 2009 : The poll has been completed.
visit http://bluejackingtools.com/forum for details.