Xoutpost.com

Xoutpost.com (https://xoutpost.com/forums.php)
-   Bluetooth (https://xoutpost.com/electronics/bluetooth/)
-   -   Bluetooth Security Vulnerability (https://xoutpost.com/electronics/bluetooth/2485-bluetooth-security-vulnerability.html)

digi 06-05-2005 08:54 PM
Bluetooth Security Vulnerability
 
I think I said a couple of years ago that Bluetooth was going to be a security issue. Now there is an exploit that interferes with the pairing process after the good guy authenticates his slave device and receives the "AU_RAND" confirmation from the master device . A malicious person can send a 'LMP_not_accepted' message to the master, and the master then thinks the slave has forgotten the authentication key. It can also send a IN_RAND, or a random SRES message After serveral invalid pairing attempts occur, the authentication process with the malicious device will restart and the master will pair with the malicious device. This is with any Bluetooth standard device. No fix is available yet.

Probably not the end of the world, but someday the Windows code in the I-Drive will probably need anti-virus protection! :rofl:

UCrewX5 06-05-2005 09:27 PM
Quote:
Originally Posted by digi
I think I said a couple of years ago that Bluetooth was going to be a security issue. Now there is an exploit that interferes with the pairing process after the good guy authenticates his slave device and receives the "AU_RAND" confirmation from the master device . A malicious person can send a 'LMP_not_accepted' message to the master, and the master then thinks the slave has forgotten the authentication key. It can also send a IN_RAND, or a random SRES message After serveral invalid pairing attempts occur, the authentication process with the malicious device will restart and the master will pair with the malicious device. This is with any Bluetooth standard device. No fix is available yet.

Probably not the end of the world, but someday the Windows code in the I-Drive will probably need anti-virus protection! :rofl:
Very interesting development. I'm not overly concerned at the moment, as I only activate the BT on mt V600 when I want to pair with the vehicle. But certainly the rampant spread of viruses in the Windows environment show the harm that malicious programmers have wreak on software-based systems.

Quicksilver 06-06-2005 02:36 PM
Quote:
Originally Posted by UCrewX5
Very interesting development. I'm not overly concerned at the moment, as I only activate the BT on mt V600 when I want to pair with the vehicle. But certainly the rampant spread of viruses in the Windows environment show the harm that malicious programmers have wreak on software-based systems.
There is a white paper on the issue that may provide some additional
info. If you would like the PDF PM me.


All times are GMT -4. The time now is 02:06 PM.

vBulletin, Copyright 2024, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.6.0
© 2017 Xoutpost.com. All rights reserved.