| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: security at 303underground.com (Scott Taylor) Subject: Re: Serious flaws in bluetooth security lead to disclosure of personal data On Fri, 2003-11-14 at 11:38, Schmehl, Paul L wrote: > Bluetooth is *supposed* to be very short range - 10 meters is supposed > to be the maximum range. It is *not* 802.11b. It's 802.15.1. See > bluetooth.org for the details. > > Paul Schmehl (pauls@...allas.edu) > Adjunct Information Security Officer > The University of Texas at Dallas > AVIEN Founding Member > http://www.utdallas.edu/~pauls/ With that short range comes the belief that any lack of security through the air is made up for by physical security (someone would have to be in your house to get data off your bluetooth system). To some degree that holds true. 802.11b is generally thought of as limited to somewhere between a few hundred and about a thousand feet. However, with a decent sector antenna attached to my access point, the card in my laptop is able to associate at 1 mile away with a very good signal still, and even with no additional antenna in my laptop, I've been able to associate (full 2-way communication, not just being aware of the signal in the distance) from as far as 3 miles away on a clear day. Adding an antenna to the client device as well I can associate from over 15 miles away (more noticeable delay and retries required but still quite usable). An 802.11b sniffer has grabbed packets from 20 miles away or more. As bluetooth is not as widely used as 802.11b has become, the benefits from having sniffer tools and such for it are still somewhat limited at the moment. But if someone decided to become a bluetooth wardriver and setup a device plus antenna plus amplifier in their car, I bet it would be quickly discovered that any bluetooth systems that do exist out there are not very well monitored and no access controls are in place on them. It is pretty easy right now to find 802.11b access points that have not been changed from the default plug-n-play configuration they are shipped with which basically allows anyone with a client device to connect and be granted just as complete access as anything plugged directly into their lan. Wireless access that is limited to say, a wireless mouse - well, that is merely an inconvenience if there was outside interference, and eavesdropping on it is rather silly. Wireless access to network resources or filesystems brings about a potential for abuse that can be done by your neighbors or someone just driving by. As such, it should not be deployed before it is fully understood what kind of access it is capable of providing. -- Scott Taylor - <security@...underground.com> Novinson's Revolutionary Discovery: When comes the revolution, things will be different -- not better, just different.
Powered by blists - more mailing lists