kkneubuh

Received from my corporate security group:

Multiple vulnerabilities have been found in Bluetooth enabled Nokia, Ericsson and Sony Ericsson mobile phones.

How Does This Affect Me?

If a hacker is within range (just a few meters) of a Bluetooth enabled device, the attack could result in the phone resetting or terminating the current operation. In the worst case, a hacker could use your phone to send SMS (Short Message Service), and use your browser to access the Internet. The connection fees are charged to your phone bill, since the connection was made via your phone.

No "device pairing," such as a remote headset, is required from one Bluetooth device to another Bluetooth device. Therefore, anyone in range of the phone could initiate an attack. (Device Pairing refers to the initial authentication of two Bluetooth devices such as a cellular phone and a remote headset.)

Affected models are:

Nokia 6310, 6310i, 7650, 8910 and 8910i
Ericsson T68
Sony Ericsson R520m, T68i, T610 and Z1010

Action Required
In public places, where devices with Bluetooth technology might be targets of malicious attacks, you can stop hackers by setting the device to a non-discoverable mode (hidden), or simply switch off the Bluetooth functionality altogether. This does not affect other functionalities of the phone.
No fix is currently available. However, exposure to this threat can be limited by enabling Bluetooth only when it is absolutely necessary

rets

Another one?

But this seems more real. Thanks.

mamorgan1

so, someone has to be sitting next to me to hack into my phone...how often is that going to happen?

ndabunka

No action required because setting your phone to "non-discoverable" mode SHOULD have been done after the external devices were set up anyway. I guess those users who aren't aware of technology may not have done this so in all appears to be a good post. Not really a security threat though.

rkclarke

Seems like a bad "feature" of those phone models. My Motorolas are only discoverable for 60 seconds then they turn off themselves.

mobilezen

Don't forget Nokia Series 60 phones as well.

Also, if you include the T68i and T610...then also the S710a, P910, K700i, etc etc. Setting your device to hidden mode is best even though Virgin Megastores in the UK have figured out a way to send advertisements to your phone even when your bluetooth is hidden. Makes you think twice huh.

bluenoise

It's a silly bit of fun to "bluejack" other people's phones during meetings here at work.

Adobeman

Well, My BT is only on when I am in the car so there gonna have to do it while they are beside me. Nobody stays there to long

mobilezen

Any of us with PDA/Phones do it right? hrm...

bluenoise

From my Treo 650, I can see all the other 650 owners in the room who've left their phones in discoverable mode. Attempting to connect to any of them causes them to make an embarassing "dink-dink-dink-dink" ascending scale sound.

frenchnew

Most people are not tech savy these days and the same things happens to those same people who have wireless networks setup at home, they leave the doors wide open.

Best regards

frenchnew