Car audio Bluetooth hijack

By Derek Sooman on
The ability to inject or record audio signals from passing cars running insecure Bluetooth hands-free units was demonstrated by the Trifinite group during a Bluetooth Security talk at last week's What the Hack hacker festival in The Netherlands. Many car manufacturers use standard Bluetooth passkeys such as "0000" or "1234" which are easy to guess. Once a connection has been successfully made, it is possible to interact with other drivers or eavesdrop on conversations from inside other cars by accessing the microphone. This appears to be the tip of the iceberg, with even more mischief being possible.

"Since the attacker's laptop is fully trusted once it has a valid link key, the laptop could be used in order to access all the services offered on the hands-free unit. Often, phone books are stored in these units. I am quite certain that there will be more issues with the security of these systems due to the use of standard pass keys," Trifinite notes.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.