Quote:
|
Originally Posted by digi
I think I said a couple of years ago that Bluetooth was going to be a security issue. Now there is an exploit that interferes with the pairing process after the good guy authenticates his slave device and receives the "AU_RAND" confirmation from the master device . A malicious person can send a 'LMP_not_accepted' message to the master, and the master then thinks the slave has forgotten the authentication key. It can also send a IN_RAND, or a random SRES message After serveral invalid pairing attempts occur, the authentication process with the malicious device will restart and the master will pair with the malicious device. This is with any Bluetooth standard device. No fix is available yet.
Probably not the end of the world, but someday the Windows code in the I-Drive will probably need anti-virus protection! 
|
Very interesting development. I'm not overly concerned at the moment, as I only activate the BT on mt V600 when I want to pair with the vehicle. But certainly the rampant spread of viruses in the Windows environment show the harm that malicious programmers have wreak on software-based systems.