Bluetooth in secure mode vulnerable too
|A SECURITY flaw could allow hackers to eavesdrop on cellphone conversations made on Bluetooth-based wireless headsets was revealed in april 2004…But at that time an expensive piece of hardware was needed. Now it is even worse a simple brute force while the device are doing keyring exchange…|
"Whitehouse showed in 2004 that a hacker could arrive at this link key without knowing the PIN using a piece of equipment called a Bluetooth sniffer. This can record the exchanged messages being used to derive the link key and feed the recordings to software that knows the Bluetooth algorithms and can cycle through all 10,000 possibilities of the PIN. Once a hacker knows the link keys, Whitehouse reasoned they could hijack the device."
Now the new attack force the two bluetooth devices to pair, they can work out the link key in just 0.06 seconds on a Pentium IV-enabled computer, and 0.3 seconds on a Pentium-III