The ability to inject or record audio signals from passing cars running insecure Bluetooth hands-free units was demonstrated by the Trifinite group during a Bluetooth Security talk at last week's What the Hack hacker festival in The Netherlands. Many car manufacturers use standard Bluetooth passkeys such as "0000" or "1234" which are easy to guess. Once a connection has been successfully made, it is possible to interact with other drivers or eavesdrop on conversations from inside other cars by accessing the microphone. This appears to be the tip of the iceberg, with even more mischief being possible.
"Since the attacker's laptop is fully trusted once it has a valid link key, the laptop could be used in order to access all the services offered on the hands-free unit. Often, phone books are stored in these units. I am quite certain that there will be more issues with the security of these systems due to the use of standard pass keys," Trifinite notes.