Via SANS ISC -
Over the past few years with the high adoption of bluetooth by mobile devices, such as pda, phones and others, few advances were made in the security area, despite de fact that it is deserving more and more attention from security researchers.
Thierry Zoller wrote to us reporting a presentation that he and Kevin Finistere gave in a security conference in Luxembourg. In this presentation they show some new 0day related to Bluetooth and a live demo of getting a remote root shell over bluetooth on a Mac OSX 10.3.9 and 10.4 !
I recommend you to take a look on their presentation and on the live demos ! Ah, I also recommend you to pay attention in which of your devices has bluetooth turned on and which ones really needed to be on! :)
I haven't talked to KF in a while, but last time I did, he was having all types of fun fuzzing the hell out of bluetooth stacks. So it doesn't suprise me that they found some juicy stuff.
My MotoRazr has never used bluetooth..and I don't plan on ever turning it on. It is just too new and haven't been pushed thru the security paces yet.
Big ups to Thierry Zoller and KF, nice work. Keep it up.
No comments:
Post a Comment