[32443] in bugtraq
Re: Serious flaws in bluetooth security lead to disclosure of personal
daemon@ATHENA.MIT.EDU (Andreas Steinmetz)
Fri Nov 14 17:12:51 2003
Message-ID: <3FB41467.8040802@domdv.de>
Date: Fri, 14 Nov 2003 00:31:51 +0100
From: Andreas Steinmetz <ast@domdv.de>
MIME-Version: 1.0
To: Pentest Security Advisories <alerts@pentest.co.uk>
Cc: bugtraq@securityfocus.com, full-disclosure@lists.netsys.com
In-Reply-To: <3FB401AA.6010408@pentest.co.uk>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Pentest Security Advisories wrote:
>
> Fixes.
> ======
>
> 1) Only enable Bluetooth when absolutely necessary.
>
> 2) Place the device in non-discoverable mode. While this does not correct
> the fault, it is harder to find the target device. There can be problems
> with this, some Nokia devices fail will to connect properly when hidden.
>
Hint: After powering on or enabling bluetooth on the 6310i put the phone
in discoverable mode, connect the required devices and after that put
the phone in non-discoverable mode. At least the HDW-2 heatset will then
be able to connect while the 6310i is in non-discoverable mode.
--
Andreas Steinmetz
