There are serious flaws in the authentication and/or data transfer mechanisms on some 
bluetooth enabled devices. Specifically, three vulnerabilities have been found:
* Firstly, confidential data can be obtained, anonymously, and without the owner’s knowledge or consent, from some bluetooth enabled mobile phones. This data includes, at least, the entire phonebook and calendar, and the phone’s IMEI.
* Secondly, it has been found that the complete memory contents of some mobile phones can be accessed by a previously trusted ("paired") device that has since been removed from the trusted list. This data includes not only the phonebook and calendar, but media files such as pictures and text messages. In essence, the entire device can be "backed up" to an attacker’s own system. Bluetooth Flaws Demystified | SecGuru
From around the Web
- How to Use Network Behavior Analysis Tools
- Apple updates Safari with 11 security fixes
- Mozilla fixes 11 Firefox flaws, six critical
- Google updates Chrome to third beta
- Firefox 3.1 beta arrives with JavaScript booster turned off
- The insider security threat in IT and financial services
- Windows 7 security: An overall improvement?
- Top 10 Network Security Threats
- Big leap in malicious Web sites
- Network security makes a quantum leap
- What is the Best Internet Browser to Surf the Web?
- Windows 7 UAC could be less of a nag
- Microsoft releases faster Desktop Search 4.0
- Vista users keen on SP1, but XP SP3 not so much
- Windows 7 Details In October, Microsoft Says
0 comments for this entry ↓
There are no comments yet for this entry.
You must log in to post a comment.