Bluetooth security - the car whisperer
The Car Whisperer and allows people equipped with a Linux Laptop and a directional antenna to inject audio to, and record audio from bypassing cars that have an unconnected Bluetooth handsfree unit running. Since many manufacturers use a standard passkey which often is the only authentication that is needed to connect.
Since the attacker's laptop is fully trusted once it has a valid link key, the laptop could be used in order to access all the services offered on the hands-free unit. Often, phonebooks are stored in these units. I am quite certain that there will be more issues with the security of these systems due to the use of standard passkeys.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.