lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: alerts at pentest.co.uk (Pentest Security Advisories)
Subject: Re: Serious flaws in bluetooth security lead
 to disclosure of personal data

Jordan Wiens wrote:

> 
> <SNIP>
> 
>>The ultimate fix is for manufacturers to provide a greater separation of
>>services, an attitude that seems to have been taken with the Ericsson T610.
> 
> 
> I'm a bit confused; if I read it right, the first report specifically
> mentioned this as a vulnerable device, now it's listed as one that got it
> right?  Did I misread?

No, you didn't misread - The T610, whilst still vulnerable to some 
attacks, does provide more protection
of OBEX profiles. In this respect, it's better than the other phones / 
devices we've tested.

On the particular T610 that was tested, we found that whilst it was 
possible to upload files to the phone we could not download files from it.





Powered by blists - more mailing lists