Introducing the latest hacker exploit: War Phoning

[Phantasm66]

Introducing the latest hacker exploit: War Phoning

Posted by admin on Tuesday, October 15 @ 08:33:00 AEST (57 reads)

Bluetooth-enabled phones and PDAs with inadequate security could become the target of the next wave of security exploits, allowing phreakers to filch confidential information or even make calls using someone else's identity.

Such War Phoning exploits, as they have been dubbed, arise because security features on Bluetooth-enabled devices are sometimes turned off by default, ZDNet reports.

Early reports of the phenomenon come from this week's RSA Security conference, in Paris.

"I have stood at the RSA booth in conferences, with my phone paging for other devices, and watched other people's devices show up," Magnus Nystrom, technical director of RSA Security, told ZDNet.

He reports that many devices permitted access without requesting a "pairing code", opening the door to all manner of abuse - stealing personal data of passers-by or even making calls on other phones - in the hands of the unscrupulous.

source: http://www.auspcworld.com/

See also: http://www.theregister.co.uk/content/55/27572.html

 

[Vehementi]

Hey Phant, what's your phone number?

 

[PHATMAN5050]

Veh

Nice find phantasm. Sounds like a bit of Bluetooth Phone Phreaking to me. I wonder how long it will be before Norton has a security program for bluetooth devices.

 

[poertner_1274]

My roommate is looking into getting one of these. I will definately have to let him know about this, simply for security reasons. That would suck if your palm got hacked, not sure why someone would want to do that, but still.

 

[PanicX]

Alright, I never thought about owning root on a phone!
Nice article, ZDnet may have won this battle, but the war is far from over!