AnchorDesk |
 |
 |
|
|||
 |
|
Do hackers have your hardware singing the blues? |
|
|
Robert Vamosi Senior Editor, Reviews Friday, Aug. 20 |
| ||
Add your opinion
Last year, the IT security company AL Digital asked its chief security officer, Adam Laurie, to test the security of Bluetooth, which is a short-range radio technology that synchronizes data exchanges between Internet-enabled devices and computers. What Laurie found was surprising and scary. The protocol that Bluetooth uses contains some underlying security flaws (in authentication and data-transfer protocols) that could lead to targeted attacks in the future beyond just simple data theft. Currently, the most vulnerable devices are mobile phones when they are in discoverable or visible modes (that is, when the phones are seeking other Bluetooth-enabled devices in their vicinity). That's not too surprising--phones have relatively simple functionality when compared to PDAs and laptops--but future attacks could be scaled to include more-sophisticated devices. At the recent Black Hat Briefings USA and Defcon 12 conferences in Las Vegas, Laurie and German security researcher Martin Herfurt presented a talk about their work with certain models of Ericsson, Sony Ericsson, and Nokia Bluetooth-enabled mobile phones. I should note that these vendors have since mitigated these vulnerabilities; however, new exploits are now appearing elsewhere on the Internet. Collectively, the attacks have been dubbed bluesnarfing, and can be launched from modified Bluetooth-enabled laptops or even certain modified mobile phones. Laurie and Herfurt have identified four specific types of vulnerabilities. Four types of attacks
The basic snarf attack allows an attacker to gain access to someone else's mobile phone data, such as a phone book, a calendar, a business card, and his or her International Mobile Equipment Identity (IMEI), a code that uniquely identifies the phone to the mobile network. IMEI can be used to clone illegal copies of a compromised phone and force the victim to pay phone changes he or she didn't incur. A backdoor attack abuses the trusted relationship between a Bluetooth-enabled device and a computer. The attack itself is invisible to the victim and allows the attacker access to the victim's mobile phone anytime, anywhere. Not only can the attacker retrieve data from the phone, the attack also gives access to modem or Internet connections and Wireless Application Protocol (WAP) and General Packet Radio Service (GPRS) gateways. A backdoor attack also makes it easier for an attacker to launch the aforementioned snarf data-theft attack. A bluebug attack takes over a victim's mobile phone AT command set. This attack also allows the attacker to initiate calls to premium rate numbers, send short-message-service (SMS) messages, read SMS messages, and connect to data services such as the Internet--all through the victim's phone. If the attacker's call is made over a Global System for Mobile Telecommunications (GSM) voice network, the attack could be used to listen in on private conversations anywhere in the world. Finally, bluejacking is a practice that abuses the system by which Bluetooth devices authenticate each other, and it allows an attacker to insert a message into the initial Bluetooth "handshake" phase. Because bluejacking abuses the Bluetooth protocol, Laurie sees it as a basic underlying security threat to all Bluetooth-enabled devices, opening the door to more-sophisticated attacks in the future, beyond those mentioned above. More information about these attacks is available from AL Digital's bluestumbler Web site, including a table of mobile phones that are considered vulnerable to attack. Laurie concludes that the best defense against these attacks is to turn off your Bluetooth-enabled device when it's not in use. Are you currently taking security precautions with your Bluetooth-enabled devices? Should you? Talk back to me.
|
|
Special sponsor stores |
