Bluetooth security is still borked in the 1.2 version of the wireless technology, at least according to those whose living comes from consulting about security flaws. The upside is that the equipment used to pluck Bluetooth pairing PINs out of the air isn’t cheap—@Stake’s Ollie Whitehouse (no relation to Randy) says about 15 large—but it can be done, if an attacker really needs your PIN. So while Bluetooth 1.2 may have crap security, you can protect yourself somewhat by using long numbers PINs and upgrading your phone’s firmware as soon as patches for vulnerabilities are released.
Sony Ericsson and Nokia have both acknowledged vulnerabilities in some models of their phones. Nokia announced yesterday their intention to fix the hole in their phones.
Read [CNet]
Read – New Bluesnarf Attack for Nokia and Sony Ericsson Phones [Gizmodo]
http://www.gizmodo.com/archives/new-bluesnarf-attack-for-nokia-and-sony-ericsson-phones-015139.php
