Can a bluetooth phone be hacked or not

YES IT CAN

Especialy with cell phones it is very easy to hack the phone using the
bluetooth connection of a lap top
All it needs is a linux opperating system and a programma such as btscanner.

I have seen a item off this today on a consumer programme warning people how
easy it is to download ALL data from there phone to that lap top.
And after sending a general SMS to all cell phones with bluetooth that where
on the square.
4 people showed up to ask what was going on with there phone only to here it
had been HACKED.

Even politicians have no clue because they where the second group to fall
victim to this guy and after hearing there list off appointments from a
total stranger they turned off there phone and bought a new phone WITHOUT
bluetooth.

Bluetooth is nice but it is so easy to hack.

O and once you have hacked a bluetooth phone you also use that persons phone
to spy on them because it has a microphone and a transmitter.
Easy to see if that guy is with his wife or secret girlfriend.
And placing a call with the STOLEN IMEI code is from this point easy and the
phone no longer has to be in bluetooth range to be hacked.

So if you have a bluetooth phone be very very carefull or I will hack it.
LOL

(>'.'<)

"\(>'.'<\)" <kirby@kirby.kirby> writes:

>Bluetooth is nice but it is so easy to hack.

Be careful taking advice from people who make sweeping generalizations
about this stuff. When I last looked into this I found that *some*
phones are vulnerable in *some* situations. It didn't appear that
Bluetooth is necessarily crackable.

I'd like to learn more though.

--kyler

(>'.'<) wrote:
> YES IT CAN
>
> Especialy with cell phones it is very easy to hack the phone using the
> bluetooth connection of a lap top
> All it needs is a linux opperating system and a programma such as btscanner.
>
> I have seen a item off this today on a consumer programme warning people how
> easy it is to download ALL data from there phone to that lap top.
> And after sending a general SMS to all cell phones with bluetooth that where
> on the square.
> 4 people showed up to ask what was going on with there phone only to here it
> had been HACKED.
>
> Even politicians have no clue because they where the second group to fall
> victim to this guy and after hearing there list off appointments from a
> total stranger they turned off there phone and bought a new phone WITHOUT
> bluetooth.
>
> Bluetooth is nice but it is so easy to hack.
>
> O and once you have hacked a bluetooth phone you also use that persons phone
> to spy on them because it has a microphone and a transmitter.
> Easy to see if that guy is with his wife or secret girlfriend.
> And placing a call with the STOLEN IMEI code is from this point easy and the
> phone no longer has to be in bluetooth range to be hacked.
>
> So if you have a bluetooth phone be very very carefull or I will hack it.
> LOL
>
> (>'.'<)

Is it the protocol that can be hacked, or just an implementation?

I have a Nokia 6600, I leave bluetooth on but not discoverable. Is there
a vulnerability there? Unless I have paired and authorised your device
it will prompt me to allow any incoming connections. The most you could
do is attempt to send me a vCard, which I can choose to accept or not.

How would you go about using someones phone to spy on them with
bluetooth? Connecting to the audio gateway profile? Most phones cannot
act as a bluetooth headset device in this way. Wouldn't you also need to
be within bluetooth range of them at the time? If you are sitting only
5-10 meters away listening with a laptop you can probably tell who they
are with and what they are saying anyway.

Or do you mean that once hacked, you can automatically install some
software on the phone that will record and transmit calls over GPRS to
some predetermined internet address? Now we are limiting possible
targets to smartphones, and again most implementations will not allow
software to be installed without some user interaction.

Placing a call with a stolen IMEI? Well you could do that anyway without
bluetooth, but how does bluetooth help you discover what someones IMEI is?

I'm sure you don't need Linux to attempt to hack someones phone, any OS
will do as long as there is a bluetooth device, drivers, and appropriate
software.

Yes,

...and the layer of security of Bluetooh are at level of the phone, for this
razon some terminales are vulnerable and others not...

Regards,
Sir Graham.
http://www.endorasoft.com


¿Do you know XBlue? The first application to make bluejacking... (serie 60)
You can download demo in: http://www.endorasoft.es/download/xblue.zip
(spanish version)



"Kyler Laird" <Kyler@news.Lairds.org> escribió en el mensaje
news:8lub32-eg3.ln1@lairds.us...
> "\(>'.'<\)" <kirby@kirby.kirby> writes:
>
>>Bluetooth is nice but it is so easy to hack.
>
> Be careful taking advice from people who make sweeping generalizations
> about this stuff. When I last looked into this I found that *some*
> phones are vulnerable in *some* situations. It didn't appear that
> Bluetooth is necessarily crackable.
>
> I'd like to learn more though.
>
> --kyler

Turn off discovery, and allow connect of only paired devices ... how are =
you going to "hack" that?

What you described below is not really hacking ... come on now.

B H

"(>'.'<)" <kirby@kirby.kirby> wrote in message =
news:cjt5qh$htb$1@news1.zwoll1.ov.home.nl...
: YES IT CAN
:=20
: Especialy with cell phones it is very easy to hack the phone using the
: bluetooth connection of a lap top
: All it needs is a linux opperating system and a programma such as =
btscanner.
:=20
: I have seen a item off this today on a consumer programme warning =
people how
: easy it is to download ALL data from there phone to that lap top.
: And after sending a general SMS to all cell phones with bluetooth that =
where
: on the square.
: 4 people showed up to ask what was going on with there phone only to =
here it
: had been HACKED.
:=20
: Even politicians have no clue because they where the second group to =
fall
: victim to this guy and after hearing there list off appointments from =
a
: total stranger they turned off there phone and bought a new phone =
WITHOUT
: bluetooth.
:=20
: Bluetooth is nice but it is so easy to hack.
:=20
: O and once you have hacked a bluetooth phone you also use that persons =
phone
: to spy on them because it has a microphone and a transmitter.
: Easy to see if that guy is with his wife or secret girlfriend.
: And placing a call with the STOLEN IMEI code is from this point easy =
and the
: phone no longer has to be in bluetooth range to be hacked.
:=20
: So if you have a bluetooth phone be very very carefull or I will hack =
it.
: LOL
:=20
: (>'.'<)
:=20
:

On Tue, 05 Oct 2004 05:52:50 +0200, (>'.'<) wrote:

> YES IT CAN
>
> Especialy with cell phones it is very easy to hack the phone using the
> bluetooth connection of a lap top
> All it needs is a linux opperating system and a programma such as btscanner.

Which is a BT sniffing program.

> I have seen a item off this today on a consumer programme warning people how
> easy it is to download ALL data from there phone to that lap top.

Bluesnarfing:
http://searchmobilecomputing.techtar...952393,00.html

> And after sending a general SMS to all cell phones with bluetooth that where
> on the square.

SMSs are NOT sent via Bluetooth.

They where talking about 'Bluejacking', which is just the silly prank of
sending a stupid message as a phone-book entry or business-card to a
*discoverable* BT device.

> 4 people showed up to ask what was going on with there phone only to here it
> had been HACKED.

Wrong...

'HACKED' is NOT the same as receiving a phone-book entry or business card
via BT.

> Even politicians have no clue because they where the second group to
> fall victim to this guy and after hearing there list off appointments
> from a total stranger they turned off there phone and bought a new phone
> WITHOUT bluetooth.
>
> Bluetooth is nice but it is so easy to hack.

Easy: Just make sure your BT device is set as 'undiscoverable'.

> O and once you have hacked a bluetooth phone you also use that persons
> phone to spy on them because it has a microphone and a transmitter.

BWAHAHAHAHAHAHA.

> Easy
> to see if that guy is with his wife or secret girlfriend. And placing a
> call with the STOLEN IMEI code is from this point easy and the phone no
> longer has to be in bluetooth range to be hacked.

And just what has the IMEI code go to do with BT ? Absolutely nothing.

> So if you have a bluetooth phone be very very carefull or I will hack
> it. LOL

Yeh right!

--
Michael Turner
Email (ROT13)
zvxr.gheare1963@grfpb.arg

"Bob H" <ylp17410@comcast.net> schreef in bericht
news:6TR8d.314864$mD.74906@attbi_s02...
Turn off discovery, and allow connect of only paired devices ... how are you
going to "hack" that?
What you described below is not really hacking ... come on now.
B H


In the programm they showed the people that reacted to the bluetooth-message
(sending a contact with the message in the name-box) the content of their
phone, including pictures taken with that gsm.
So... yes it is possible.

Peter

On Wed, 06 Oct 2004 16:08:48 +0200, R. Adius wrote:

> "Bob H" <ylp17410@comcast.net> schreef in bericht
> news:6TR8d.314864$mD.74906@attbi_s02...
> Turn off discovery, and allow connect of only paired devices ... how are you
> going to "hack" that?
> What you described below is not really hacking ... come on now.
> B H
>
>
> In the programm they showed the people that reacted to the bluetooth-message
> (sending a contact with the message in the name-box) the content of their
> phone, including pictures taken with that gsm.

Assuming that person actively presses 'Yes' to the unsolicited content,
AND the target device can even deal with it. A would be 'Bluejacker' ain't
going to get very far sending a .JPG picture to a Nokia 6310i.

> So... yes it is possible.

Of course.

--
Michael Turner
Email (ROT13)
zvxr.gheare1963@grfpb.arg

Michael turner wrote:
> On Tue, 05 Oct 2004 05:52:50 +0200, (>'.'<) wrote:
>
>
>>YES IT CAN
>>
>>Especialy with cell phones it is very easy to hack the phone using the
>>bluetooth connection of a lap top
>>All it needs is a linux opperating system and a programma such as btscanner.
>
>
> Which is a BT sniffing program.
>
>
>>I have seen a item off this today on a consumer programme warning people how
>>easy it is to download ALL data from there phone to that lap top.
>
>
> Bluesnarfing:
> http://searchmobilecomputing.techtar...952393,00.html
>
>
>>And after sending a general SMS to all cell phones with bluetooth that where
>>on the square.
>
>
> SMSs are NOT sent via Bluetooth.
>
> They where talking about 'Bluejacking', which is just the silly prank of
> sending a stupid message as a phone-book entry or business-card to a
> *discoverable* BT device.
>
>
>>4 people showed up to ask what was going on with there phone only to here it
>>had been HACKED.
>
>
> Wrong...
>
> 'HACKED' is NOT the same as receiving a phone-book entry or business card
> via BT.
>
>
>>Even politicians have no clue because they where the second group to
>>fall victim to this guy and after hearing there list off appointments
>>from a total stranger they turned off there phone and bought a new phone
>>WITHOUT bluetooth.
>>
>>Bluetooth is nice but it is so easy to hack.
>
>
> Easy: Just make sure your BT device is set as 'undiscoverable'.
>
>
>>O and once you have hacked a bluetooth phone you also use that persons
>>phone to spy on them because it has a microphone and a transmitter.
>
>
> BWAHAHAHAHAHAHA.
>
>
>>Easy
>>to see if that guy is with his wife or secret girlfriend. And placing a
>>call with the STOLEN IMEI code is from this point easy and the phone no
>>longer has to be in bluetooth range to be hacked.
>
>
> And just what has the IMEI code go to do with BT ? Absolutely nothing.
>
>
>>So if you have a bluetooth phone be very very carefull or I will hack
>>it. LOL
>
>
> Yeh right!
>

This response is mostly correct however leaving on Bluetooth but turning *off*
"discoverable" only stops bluejacking.

Some Bluetooth cracker programs just brute force the MAC address of the device.

For the great unwashed,ignorant,media junkies out there, i'll explain.

If you have bluetooth turned on, then devices can connect (page) to your's (and vise versa).
To connect you need (at the least) the Hardcoded MAC style address. BDADDR
This number comes from the Ethernet address space and is unique to every BT device.

To find out the BDADDR, there exists in bluetooth an inquiry protocol. This is a set of radio states
and a set of messages to facilitate finding out or "discovering" the potential other-end's BDADDR.

You can turn off "discovery" to stop passers by and other bluejacking motherfuckers
connecting to your device. but if bluetooth is still enabled and the BDADDR is known
then a connection can still be made. (think pairing)

Cracker programs just go all the way through the address space of the available BDADDRs and try to make a
connection to each address (one of which will be your's) and make a connection (if it's in range).

However this is just a network layer link and relatively unimportant info can be retrieved.
The data link layer connection comes higher up the stack where things like
authentication and authorization happen with passkeys and pairing etc.

Hacking Bluetooth therefore basically means hacking "An implementation of" bluetooth and not the idea/concept of
bluetooth itself (ie undetected but specified flaws).

It's this kind of stupid media sensationalism that causes ignorant shits to hinder the marketing and vis-a-vis
development of perfectly usable technology which talented engineers spend great amounts of time and effort on.

next you'll be saying "but I get miles better data rate from wireless LAN"

gits

Rob