When bluetooth devices pair, they cahnge idenfication information to ensure they are exchanging infomation with the right device.
Bluetooth pins can be 8 to 128 bits long. However, most phone makers use a standard 4 digit pin.
4 digit pin means that there can be a maximum of 9999 combinations of number.
Given they speed of computers that bluetooth attackers use, a pentium 4 can crack the paring code in less than 0.1 secs.
This simply means that any bluetooth attack can occur by "forcing" of "cheating" your device to pair with it as though it was a device your own bluetooth device previously paired with.
Then with a simple program, the attacker can crack the code and pair with your device to steal any information he wants.
So it you think you bluetooth device is safe because of the paring process, think twice.
Monday, June 23, 2008
Subscribe to:
Posts (Atom)