lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Nov 2003 10:21:04 +0000 From: Pentest Security Advisories <alerts@...test.co.uk> To: Jordan Wiens <jwiens@...sp.nerdc.ufl.edu> Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com Subject: Re: Re: Serious flaws in bluetooth security lead to disclosure of personal data Jordan Wiens wrote: > > <SNIP> > >>The ultimate fix is for manufacturers to provide a greater separation of >>services, an attitude that seems to have been taken with the Ericsson T610. > > > I'm a bit confused; if I read it right, the first report specifically > mentioned this as a vulnerable device, now it's listed as one that got it > right? Did I misread? No, you didn't misread - The T610, whilst still vulnerable to some attacks, does provide more protection of OBEX profiles. In this respect, it's better than the other phones / devices we've tested. On the particular T610 that was tested, we found that whilst it was possible to upload files to the phone we could not download files from it. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists