Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Privacy

Bell Labs Researchers Spot Bluetooth Insecurities 61

Posted by timothy from the chips'-blips'-loose-lips-ships-hips- dept.
Kyobu writes: "There's an article by John Markoff in [Saturday's] New York Times about insecurities in Bluetooth. The defects allow eavesdropping and caller identification." Markus Jacobson and Susanne Wetzel, both of Bell Laboratories, discovered weaknesses in the key exchange protocol currently implememented by Bluetooth. From the article: "The researchers are suggesting that the Bluetooth standard be altered so that the identity numbers are masked by a constantly changing pseudonym when transmitted." Considering the ubiquity many people expect Bluetooth devices to achieve, perhaps it's a good thing that this kind of attention starts early rather than late. (Complete with gratuitous Bruce Schneier quote.)
This discussion has been archived. No new comments can be posted.

Bell Labs Researchers Spot Bluetooth Insecurities More

Bell Labs Researchers Spot Bluetooth Insecurities

Comments Filter:
  • Well, the researchers were European.
  • Bluetooth, and any other sort of high speed wireless connectivity is surely going to bring forth a whole new area for virii. If you exploited enough features, you could easily trick 90% of the population into accepting a virus, which would then attack anything else they've networked with it. I'm not sure how the virus would work, but i do know how fast it would spread. I know people who KNEW the i-love-you email was a virus, but they were so confident windows would kill the virus, they opened it anyways. so, my solution is; Bluetooth should only be given to people who have a high IQ.
  • I think it needs to broadcast its address to be addressable.

    The chief difference between a cell phone and your home phone is the 'wireless' part. The phone network always knows where to route your home phone calls to because they only need to get to their end of the wire.

    For you to receive information from any kind of network, you need to broadcast your location. It's done automatically because many devices, cell phones in particular, might as well be off if their not primed to receive.

    It would be nice to be able to turn off the broadcast on things like PDAs, kind of a 'stealth mode'. Or better still, have it constantly listening with a ruleset for broadcasting defined by the user.(e.g. only broadcast on work/home network). Again this would only be useful for things that do more than two way communication.



    --
  • No shit! It has been rather obvious that Bluetooth is insecure for quite awhile now.

    Now we get to watch them backpedal and spin while the techs scramble to kludge some kind of security into the protocol.

    What would be better would be if someone started over FROM SCRATCH and designed a new wireless protocol, with security in mind from square one.
    --
  • Also, the problem with dropping a bug in a cybercafe could be resolved by making the transmission more tight-beamed.

    That's an advantage IrDA has over Bluetooth -- IrDA devices beam data in about a 30-degree cone with a range of roughly one meter. It's hard to intrude on a conversation over IrDA.

    Bias/Plug: Synchrona has released a Java implementation of IrDA (parts of it, more to follow) to sourceforge.net/projects/jred [sourceforge.net].

  • About the Bluetooth attack (Score:3)

    by Anonymous Coward on Sunday September 03, 2000 @05:28PM (#807562)
    The recent Times article by John Markov brought attention to a recent attack on Bluetooth. Two attacks are discussed in the article: one which allows an attacker to obtain the key established between two other users, to be used for encryption and authentication. The other allows an attacker to recognize the identities of Bluetooth devices.

    Somebody suggested that since Bluetooth is a broadcast protocol, it cannot be secure. That is not quite fair. First of all, it is known how to make key establishment protocols secure against an adversary who sees all transcripts, and it is known that the man-in-the-middle attack can be avoided by means of certification and other public key methods - which can be run on the application layer to enhance the security of the Bluetooth key exchange. (This is not the same as saying that it will practical, or econimically feasible for a product like Bluetooth to imcorporate such methods.) On the other hand, some security is better than none - as long as everybody understands exactly what "some" means.

    The second attack allows an attacker to recognize and locate Bluetooth devices, whose identities can be linked to user identities by means not related to Bluetooth. This could allow companies to determine where competitors' CEOs are travelling (by bugging airport gates, for example), and may also allow for quite nasty types of blackmailing (starting, for example, by determining what politicians frequent what establishments.) While it does not appear that this problem can be remedied on the application layer, the use of pseudonyms, as noted in the Times article, can disassociate user sessions from each other, and would avoid these problems.

    One should therefore be hopeful that appropriate changes are made, and that a careful analysis of the de-facto standard results in an improved product that is safe for both individuals and society.

    The Bluetooth specs are available at
    http://www.bluetooth.com
    Markus Jakobsson's homepage is
    http://www.bell-labs.com/user/markusj/
    Susanne Wetzel's homepage is
    http://www.bell-labs.com/user/sgwetzel/

  • Re:New technology (Score:3)

    by Anonymous Coward on Sunday September 03, 2000 @12:59PM (#807563)
    Actually, they are, just head over to the BlueTooth [bluetooth.com] web site and look around. The code API is a 6 Mb pdf file and they also offer an additional add-on pdf describing higher-level interaction protocols. A highly technical but very good read.
  • Nobody seems to have commented on the fact that John Markoff is guilty of ridiculously libelous reporting with regard to the case of Kevin Mitnick. Whether one supports Kevin Mitnick's case or not he should never support fraudulent reporting. I do not believe /. should in any way, shape, or form give him any journalistic credit. If he is too proud to admit the hand he played in distorting the public's perception of Kevin Mitnick, he will earn no respect from me. For more information on his libelous actions see the following URL: http://www.freekevin.com/news-release.ht ml [freekevin.com]
    --

  • There is Bluetooth security research (Score:3)

    by AHaspel ( 177339 ) on Sunday September 03, 2000 @02:02PM (#807565) Homepage
    An excellent overview of Bluetooth security, enumerating potential flaws that aren't discussed in the Markoff article, can be found here [cs.hut.fi].
  • "The Bluetooth device address (BD_ADDR) is the 48-bit IEEE address which is unique for each Bluetooth unit. The Bluetooth addresses are publicly known, and can be obtained via MMI interactions, or, automatically, via an inquiry routine by a Bluetooth unit."

    It's no great surprise that the identity of a Bluetooth tranceiver can be discovered.

  • Problems like security holes in private and public companies pop up, and at Slashdot, a thousand-million geeks all come up with the solutions --> for FREE.

    Hey I don't wanna sound like a troll, but when are these companies going to send us all on a pizza night?

    /d

  • Kewl. I run and designed spg.web.lucent.com :)
  • Actually, since the CAC is a deterministic function of the BD_ADDR, we can exhaustively search all possible mappings (in a matter of seconds); therefore, and since the CAC is transmitted in each message, you can determine (with a very high probability) the BD_ADDR of a device you are eavesdropping on.

    Cheers,
    Markus
    http://www.markus-jakobsson.com
  • I cannot believe the number of folk who are posting 'remember this thing only has a range of 10 metres, eavesdropping isnt an issue'. Bluetooth does not suddenly stop 10 metres from you. Bluetooth receivers must be certified to work at this range, but you can obviously build something much more sensitive.

    This was exactly the point Bruce Schneier was making, which a lot of people seem to have missed: if you can pick up transmissions from a monitor from outside a building, just how much easier will it be in a bluetooth environment, where the devices are _intended_ to be transmitters.

  • To make it worse: they are using PINs... (Score:3)

    by Pascal of S ( 23541 ) on Sunday September 03, 2000 @10:20PM (#807571) Homepage
    Although the absence of a good set of crypto is bad to begin with, the designers made matters worse still by using a PIN code system. To establish an adhoc connection, you can use PIN codes on both sides to establish a new link. This will probably work fine if you are connecting two PDAs with each other, and neither of those devices will normaly accept new connections.
    However, this will probably be RARE, to say the least. A lot of devices, like the Blue Tooth ear phone/mic for your mobile will have a hard to modify (from a user point of view) fixed pin.
    By default a lot of devices will be shipped with pin codes of 0000 or 1234 or whatever. Most users will not change that PIN, or when they do choose something like 1111...
    In an automated world, 10000 tries (5000 on average) is not much. It won't take long before someone writes a Palm-Blue Tooth scanner.

    Even if some people are a bit more sensible and change their PINs to 8 digits (or even the maximum of 16) this will leave a LOT of mostly unprotected devices. Just imagin, walking past someone's house, and you will be able to start the Blue-Tooth coffee machine... Or better still, you see someone with the ear-mic thingie, you'll be able to whisper in his ear :)

  • Or you could just go straight to http://www.bell-labs.com

  • The problem with triangulation... (Score:3)

    by Lord Ender ( 156273 ) on Sunday September 03, 2000 @07:19PM (#807573) Homepage
    Having any sort of broadcast device (like a bluetooth enabled mobile phone) does make triangulation possible. But you are forgetting that bluetooth has a range of 10 meters so triangulation is not much of an issure.

    I mean if they have to be within 10 meters, they can just watch where you are going with their eyes (whoever 'they' are).

  • Demon Seed was made into a film with Julie Christie where she get impregnated by some hugh computer that takes over her house remotely after deciding that humans are all bastards. Or something like that
  • Linux's 100% uptime and hundreds of distinguished posters have clouded the issue. You live your life online, system ready, at least one eyeball on the pulse of the internet. Great. But if you have something important to conceal on a computer Disconnect it from the internet or in the case of these "privacy invading" bluetooth Peer to Peer devices, Turn off their transmitters or turn them off entirely Just like the television set... don't like what is on? Shut it off. In reality the only thing the engineers did not think of was even a technical user's stupidity.
  • devices, but know one seemed to be interested

    Sorry but I'm just too curious to know (no 8) if this kind of misspelling errors only comes from Americans or is common to any English speaking individuals (where English is the mother tongue).
    Kill me but give me opinions.
    Thanks

  • Does this really... (Score:1)

    by Anonymous Coward
    ...come as a surprise to anyone?

    ANY sort of radio transmission can, with the right equipment, be intercepted. With enough subsequent effort, any such transmission, even if encrypted, can be decoded.

    An example: Motorola likes to propagate the myth that the mobile data terminals used by a lot of cop-shops are "secure" simply because they're data terminals.

    Well, guess what? All it takes to monitor MDT's is a good scanner, a PC with a sound card, free decoding software, and a couple of dollars investment in some cable and a connector or two. It's plain ASCII data... not in the least encrypted! Yes, it's packaged into a messaging protocol that the cop-shop's mainframe likes, but there's nothing alien about it.

    What I'm getting at is that, unless a radio data channel is -known- to be tightly encrypted, one should not consider ANY wireless solution to be a secure channel.

  • Hmm (Score:2)

    by Money__ ( 87045 )
    Markus Jakobsson [bell-labs.com] home page.
    Susanne Wetzel [bell-labs.com] home page

    The funny thing is, I can't find any papers on their sites (nor at Secure Systems Research Department [bell-labs.com]) at bell labs [bell-labs.com]

  • There is such thing as "calculated risk" almost always involved in the project. In this case the security issue may well be overdriven - BlueTooth has only a limited range of 10 meters, remember?

    Just how many hackers (or their equipment) could you get connecting to your fax machine within 10 meters from you? Calculate the probability and take measures. It does not apply if you are paranoid, though. In the latter case you'd eliminated every chance for anyone to crack your agenda/VISA/phone (and would be right, too).

    Eriksson's main task now would be to clean out the errors and bugs (or even certain concepts) from their code and give the world something very secure. Besides, that's what the market wants, anyway. I wonder when they go opensource and ask Slashdotters for help...

  • there was the book wasn't there?
    Dean Koontz: Demon Seed
    or something like that. ISTR a film called "electric dreams" too.

  • Re:Interesting hole, but... (Score:1)

    by Anonymous Coward
    But wouldn't making the beam tighter make these devices harder to use? I thought part of the point of Bluetooth was to make such devices more flexible with respect to positioning, as, for example, wearable devices must be.

  • Bluetooth can o' worms (Score:4)

    by zlite ( 199781 ) on Sunday September 03, 2000 @11:15AM (#807582)
    Actually, the whole concept of a peer-to-peer local area wireless network raises a host of issues. As I understand it, by default any Bluetooth device can "see" any other Bluetooth device in its vicinity. The point of this is that your cellphone/PDA can connect to everything from a wireless ISP server in your local Starbucks to the printer in your office, or simply trade info with another cellphone/PDA.

    Obviously you will be able to set allowed access rules on the individual device, but can you hide the fact that you're carrying a Bluetooth device altogether?

    To be useful for local-area communications (messaging across a classroom, for instance) the device would have to be as openly addressable as a telephone number. The difference being that, unlike a cellphone, the device itself automatically broadcasts that addressability (its phone number, as it were), which makes unwanted communications more of a risk. For instance: you're driving down the highway and some jerk cuts you off. You check your PDA and sure enough he's got a Bluetooth device in range. So you flame him! Far better than shaking your fist, huh?

    Does anyone know what's being done to balance the privacy issue with the comminucations need for open accessibility?

  • Feelings about this Article (Score:4)

    by hayfever ( 113254 ) on Sunday September 03, 2000 @11:17AM (#807583) Homepage
    I may be misreading this, so let me know if I'm wrong, but I believe it sounds like Bruce Schneier is against Bluetooth. I don't know the reasons behind it, or why he believes there are "too many things that can go wrong", but here are my feelings on the issue.

    1) This is a protocol issue. It's basically saying that in the current form of the protocol, a machine's identity could be marked. Big deal. This is a completely new technology which is still being developed. When holes are discovered in technologies in wide use, there's a problem. When they are discovered in a yet-to-be released product, the problems can be fixed. Bruce is premature in his attack on Bluetooth.

    2) Kudos to the Lucent team who discovered the problem. Not only did they search and find the problem, showing they are dedicated to this project and its security, but they told the world. It would have been all too easy to hide the problem and fix it, but they spread the word, even though the technology is not really in active use. This says to me again that they are dedicated to fixing the problems and keeping Bluetooth secure, which makes me more interested in using it. I'm not paranoid, nor do I feel like I'm a particular target for espionage, however, I enjoy my freedoms just as much as anyone else, including my right to privacy, and if Lucent and the rest of the developers are working to make sure I continue to enjoy that privacy, I'm just a little bit happier. Congratulations to the Lucent team and keep up the good work.

  • Re:It seems likely that (Score:4)

    by quonsar ( 61695 ) on Sunday September 03, 2000 @11:59AM (#807584) Homepage

    Joe User cares when his identity is stolen and his bank account is wiped

    yes, but he won't blame the technology. he'll know from the media that evil hax0r5 are to blame. and legislation to require licensing of all internet access tools and regulations to control internet content will have won a new lifelong supporter.

    "I will gladly pay you today, sir, and eat up

  • If you work for Lucent you couldn't help but know that Bell Labs still exist. It is part of the company logo after all "Lucent Technologie - Bell Labs Innovations". Of course it still exists and is bigger than ever. It is more product focused these days but still does a lot of pure research. Check out http://www.lucent.com and follow the Bell Labs link.

  • Oh really? (Score:3)

    by mplex ( 19482 ) on Sunday September 03, 2000 @11:18AM (#807586)

    I posted about this a while back on slashdot and the implications of a network to track bluetooth devices, but know one seemed to be interested Do you always have a cell phone on you? Bluetooth negotiations are automated. Imagine a scenario of a building filled with bluetooth devices in certian locations like doorways ect. Every person carrying a phone has a unique identifier and could be tracked room to room in the building. You can take this to any level you want, I think it is pretty scary to say the least. As each person becomes networked, I'd say with almost any wireless scheme, not just bluetooth, there will be ways of tracking the devices. Triangulation comes to mind as a last resort, cell phone tracking ect. It's becoming easier and easier to do...

  • Isn't security outside of it's domain? (Score:4)

    by Nelson ( 1275 ) on Sunday September 03, 2000 @12:09PM (#807587)
    Isn't bluetooth the wireless equivelant of ethernet? Ehternet takes no security considerations in to mind, it is simply a transport layer and security is a higher level concern.


    There are some subtle security issues since you can control the physical security of an ethernet lan and anyone can jack in to a bluetooth simply by walking in to range.

  • The simple answer is that this stuff is too useful not to have. The solution is not to store secure data locally. Yahoo probably devotes more effort to security than 99% of individuals can. In future, computer data security won't matter because everyone will just keep their stuff on some hardened remote server. (Program security, like getting viruses, will still matter.)

  • Everyone, calm down (Score:1)

    by Anonymous Coward
    I'm sure Intel has a plan. I've never seen them let a buggy product get out in all my years of loyal purchasing.

  • Ummmm... (Score:3)

    by Captain Pillbug ( 12523 ) on Sunday September 03, 2000 @01:30PM (#807590)
    How do you plan to get your data off a "hardened" server via an insecure client without compromising those data? If someone can get access to your device, then he can impersonate you; or if not, then he can just grab the data off your device as you grab them off your server.
  • There's *Got* to be a better reference on security with bluetooth devices than that web page.

    Basically, the guy says "Oo! Radio waves! Anyone with a paperclip and a sheet of aluminum foil can listen to radio waves! The sky is falling! And i don't know *ANYTHING* more about it!"

    The problem of securing data that will be heard by unwanted recipients is very, very old. It may surprise you to learn that your connection is no more secure through an ethernet hub than it is over a bluetooth link.

    Or honestly, any information that's transmitted over the internet. Traceroute to something. Every host it lists between here and there can snoop your connection.

    The problem is not in the encryption per se, but how it exchanges keys. This can be fixed.

    Sure, no data transmission protocol is ever truly 100% secure. But there's "somebody maybe might find a way to get the inverse of my public key" and then there's "Any scriptkiddie can flip their device into promiscuous mode and have all the data fly into their lap."

    A lot of people argue that mediocre encryption systems give people a false sense of security. In a mission critical operation, this is true, you shouldn't trust it just because it's not cleartext. But for me, for personal use and casual corporate use, I'll take any system that's difficult to snoop over any other system that's flat out easy to snoop. Wouldn't you?

  • Here [nytimes.com] Is the article without reg.
  • Actually, this is not a problem:

    1) The "MMI" interactions take place on the local device. There is reason a user can't see his own BD_ADDR.

    2) Bluetooth units can ONLY be inquired if they are in Inquiry Scan mode. If some developer wishes his device to do this all the time then so be it, but this is NOT a requirement of the Bluetooth spec. In fact a device may never be inquired but could still be connected to.

  • Re:Feelings about this Article (Score:3)

    by Big Jojo ( 50231 ) on Sunday September 03, 2000 @04:29PM (#807594)
    ... I don't know the reasons behind it, or why he believes there are "too many things that can go wrong"

    Go back and read the first part of the quote you excerpted, then -- it's where he said that it's a peer-to-peer system where the devices don't actually know each other up front.

    To anyone who's built secure systems, that pretty much says it all. Where is the "trust" in the system supposed to come from? Consider GPG as an example (the safe version of PGP :-). You don't accept keys from just anyone, or shouldn't; you accept keys from people you have some out-of-band knowledge about. Secure key distribution is a well known problem, with many solutions, but if there is by design no up-front physically secure bootstrapping system (no, trusting the device vendor isn't good enough in the least!) then the overall system has major problems passing the first milestone in the "can it be trustworthy" contest ... MAJOR problems.

    What's worrisome about this stuff is that bluetooth is being rushed to market (or as you put it, "fixed") with undue haste. These folk found a couple nontrivial problems. Their corporate parents would shoot them if they talked about the real risk this raises: that the various other bugs, as-yet unfound, could easily be much worse.

    Of course, on the flip side of things if you expect that any widely available technology getting regulatory approvals from governments isn't automatically full of security holes for the benefit of folk like the FBI (or more to the point, the ever-untrustworthy LAPD) ... you're really not living on Planet Earth, Year 2000.

  • bah.. not high IQ.. just an IQ higher than that of a peanut. Unfortunately this seems to be a rarity.

    //rdj
  • First, let the record show that I'm quite intrigued by bluetooth, and I think it's the future of mobile computing. Of course there are security issues to be addressed, but something like this technology will be needed eventually.
    Anyway:

    Just how many hackers (or their equipment) could you get connecting to your fax machine within 10 meters from you?

    I agree. Unless they're crouching in the broom closet, this hypothetical malicious hacker would have a hard time getting into your local bluetooth net. But a thought occurs to me(experts in this field, corect me if it's implausible): what about piggy-backing a signal? Say I want to get into an bluetooth handheld sitting on someone's desk in an office building. I get into a laptop two floors down over the 'net, then use its bluetooth chip to access its owner's mobile phone. From there I go up a floor to a printer, through a fax machine, and up into the aforementioned handheld. Granted, this is abit convoluted, and requires all the parties involved to stay in one place, but is it feasible? Could you write a program to seek out a route to any bluetooth unit, and more importantly, could you go through bluetooth unit like that without the owner's knowledge?
    -J
  • Or better still, you see someone with the ear-mic thingie, you'll be able to whisper in his ear :)
    Um, if you make that "her", it could actually be quite interesting! ;)

  • Schneier's Take on Bluetooth: Tempest, Closed Code (Score:4)

    by mr. fabulous ( 194090 ) on Sunday September 03, 2000 @04:46PM (#807598)
    Actually, the whole concept of a peer-to-peer local area wireless network raises a host of issues.

    Schneier's 8/15 Cryptogram newsletter [counterpane.com] touched on these issues weeks ago.

    Namely, if capability like the US government's Tempest technology (reads electro magnetic pulses, CRT, keyboard radiation, etc. - spy craft stuff) is available, it's a matter of time before such tactics are _readily_ used on commonplace bluetooth devices doing private or delicate matters in public. After all, reading your OpenSSH-downloaded, and GnuPG encrypted email privately to yourself in the back booth might seem secure, but, what if a black hat type is capturing your radiating emissions quite easily? Illusory protection. Treat Bluetooth as a broadcast protocol, because that's what it is, says Schneier.

    What amazes me is the dearth of information about the security of this protocol. I'm sure someone has thought about it, a team designed some security into Bluetooth, and that those designers believe it to be secure. But has anyone reputable examined the protocol? Is the implementation known to be correct? Are there any programming errors? If Bluetooth is secure, it will be the first time ever that a major protocol has been released without any security flaws. I'm not optimistic, continues Schneier.

    Check out some of these articles on Bluetooth, and it's lack of discussion on it's possibly inherent security shortcomings.

    Bluetooth [bluetooth.com]

    A list of Bluetooth articles, none of them about security [zdnet.co.uk]

    One mention of security [zdnet.co.uk]

    An essay about the Bluetooth hype [idg.net]

    Recent article on TEMPEST [zdnet.com]

    Me pican las bolas, man!
    Thanks

  • great, you just saved yourself $300
    .oO0Oo.
  • Hmmm. Perhaps there are MDTs still in use in some major centers. But many policing agencies using mobile devices are very concerned with security issues. I would hope that any CIO for any PD of size in the US is investigating options for the support of encrypted wireless data. Canadian federal policing agencies have been involved in this security development for quite a time. One of the principal problems with this situation is the low bandwidth wireless link. The kind of encryption that works on a 10 Mbps Ethernet will NOT work on an MDC4800 or RDLAP19.2 network. Things like key exchanges involving multiple transactions become problematic when a cop needs to jump in his car and login and begone to a crime in progress. So operational and technical limitations have had some effect of restricting the amount of security that can be deployed. But don't doubt that as new wireless technologies increase BW and new encryption schemes are available, subject to budget limitations, the PDs *will* adopt them. They are aware of their responsibilities... they just often have finite budgets and limited technical assets.
  • Actually, most wireless devices will transmit over a greater distance than recomended. However, most of the time the receivers are so lousy that they can only rate the things for a few meters. For someone with a decent receiver and an antenna with some gain, pulling out signals over great distances is no big deal.

  • I agree with Perdo's comment about important information that should be stored offline. With the exception of some high-grade encryption algorithms currently in the possession of the NSA, it is remarkably easy to eavesdrop on somebody's Internet communications.

    Anyone see Tom Cruise explaining the Langley supercomputer room in Mission: Impossible? It's on a stand-alone. No modem access. If there's no modem access then there's NO FUCKIN WAY that you can pull something off that computer. Even if you reconstructed the radio emissions from the screen into another computer (which can be done I might add) you'd have to be at least a few feet away. By then (provided your security personnel have at least half a brain between them) your datathief would already be out the door and into a jail cell.

    So if it's important or confidential, store it offline.

  • I wonder when they go opensource and ask Slashdotters for help...

    There is already an opensource Bluetooth driver (for Linux) available over at www.developer.axis.com [axis.com]
  • Sorry to burst your bubble, but Americans do not, contrary to popular opinion, share a common brain (cell). Some of us have impeccable spelling.

    As for other English speaking countries, they DO share a common brain, and therefore their attempts at written communication are a) redundant and b) prone to spelling errors. That's why we left Britain in the lurch.

    (it's a joke, people. Take a deep breath.)
  • on the traffic analysis possibilities. Folks walking around with transmitters that have pre-encoded numbers, and freely broadcast them. If this ever gets popular, I can see a number of products that suggest themselves.

    Of course, once you start using Bluetooth on a regular basis then your usage patterns can be established, and simply turning all the transmitters off can be viewed as a suspicious act, pinpointing times and locations that bear further investigation. To this end, I figure there might be some use for a Bluetooth emulator, complete with changable ID numbers, that sits around your office and makes traffic for you while you are out ;-).

    I figure these are going to be expensive, and I will make sure they arrive in a plain brown wrapper.

  • I'm wagering that this is going to be fairly damaging for bluetooth, as if something like this has occured this early then people will start to wonder what other insecurities are there. It's a cool protocol though, and I hope it get's patched up and working.

  • ...it should be relatively simple to patch. Like the article mentioned, it should be easy to implement a constantly changing pseudonym based on any number of schema...

    Just off the top of my head, they could use an algorithm based off of the user ID characters, the date, the time, or practically anything else.

    Also, the problem with dropping a bug in a cybercafe could be resolved by making the transmission more tight-beamed. This might increase the amount of radiation output slightly, as it will require more energy to focus the transmission beam, but it could be worth it. Basically, you'd end up having to place the 'bug' in precisely the right spot to catch a transmission.

    Kierthos

  • no registration link (Score:1)

    by Anonymous Coward
    NY Times is eavesdropping on u with biscuits! Use this link [nytimes.com] instead!
  • Realplayer has suffered a lot of bad press based on their exposing of personal data, and so if people are reacting to that, then I don't see why they should care less if a complete stranger stole something.
  • Well, at least here we see a corporation exposing security flaws, not hiding them. Question, are these researchers from Lucent Technologies or what? I didn't think there WAS a Bell Laboratories anymore (it broke off into Lucent a few years back, the company I currently work for)

    P.S. - \/\/ Hit that link :) \/\/

  • Joe User cares more about whizbang features than security.

    Joe User cares when his identity is stolen and his bank account is wiped

    1Alpha7

  • I am glad the bugs are getting ironed out now. With any new technology things like this are likely to happen. I wonder are the docs on the Bluetooth protocols are available for public viewing so more people can find more security issues like this.

  • That's the signpost up ahead. Next stop ... (Score:3)

    by Vassily Overveight ( 211619 ) on Sunday September 03, 2000 @10:55AM (#807613)
    As time goes on, we hear more and more about security flaws in these new wireless personal devices. I think I'm going to devote some serious thought to whether I want to festoon myself with a bunch of linked equipment that contains my personal information, or on which I rely for things like communication, scheduling, directions, etc. I have this nightmare vision where someone manages to hack my body network and all my hardware starts conspiring against me. The modern-day equivalent of that old twilight zone episode where the guy is murdered by his own household devices.

  • I'm skeptical... (Score:1)

    by Anonymous Coward
    To quote Mr Schneier himself: "The design of a secure key-exchange protocol is a thorny endeavor." In particular, I am not encouraged by the assertion that these little bugs will be fixed quickly; as I understand it, they're easy to screw up in implementation. Does anybody know what the published source is for the NYT story? The tone of the article seems to indicate a published advisory or bug report, but damn if I can find it on Lucent's site. And what's all this blather about device/user "identity"?

  • It a broad cast protocol (Score:3)

    by kinross ( 99216 ) on Sunday September 03, 2000 @11:09AM (#807615)
    As cypto-gram already reported; http://www.counterpane.com/crypto-gram-0008.html#8 ; Bluetooth is a broadcast procol and will always be insecure.

  • If people keep going around fixing things before they become problems, what are the scriptkiddie haxxors of tomorrow gonna do to keep themselves busy?

  • Problems in protocols, analysis (Score:5)

    by Submarine ( 12319 ) on Sunday September 03, 2000 @11:10AM (#807617) Homepage

    A little known fact in the general computing public is that problems in secure communications lie more often in the communication protocol than in the encryption primitives.

    There are some classical attacks:

    • Man-in-the-middle Idea: I can prove to both Karpov and Kasparov that I'm a great chess player. I challenge them both in a play through mail. I use the moves of each one against the other. Both think I play like a grandmaster.
    • Use of old keys Idea: recover some secret data of a previous session (for instance from old temporary files on a common machine - after all, many operating systems do not really erase erased data). Use it in a current session.

    It is possible to prevent those attacks by clever design of the protocol. For instance, the use of old keys can be prevented by some "nonce" numbers (generated once) or some clock data.

    It is very difficult to analyse protocols and prove them correct.

    First, a formal model of the protocol, its environment and what it means for it to be correct. This is nontrivial, since some models may just ignore some kinds of attacks.

    Then the protocol must be proved correct with respect to the formal specification. Alas:

    • manual theorem proving is error-prone
    • formal theorem proving is tedious
    • automatic analysis tools are not so powerful

    I have made some research on these topics [di.ens.fr]. For more information, see for instance Jon Millen's page [sri.com].

Slashdot Top Deals

Any circuit design must contain at least one part which is obsolete, two parts which are unobtainable, and three parts which are still under development.

Close