21C3 Schedule Release 1.1.7

21st Chaos Communication Congress
Lectures and workshops

Picture of Adam Laurie Adam Laurie
Picture of Marcel Holtmann Marcel Holtmann
Picture of Martin Herfurt Martin Herfurt
Day 2
Location Saal 1
Start Time 15:00 h
Duration 02:00
ID 66
Type Lecture
Track Hacking
Language english

Bluetooth Hacking

Bluesnarfing, bluebugging and backdooring have been in the spotlight for over a year now, and, finally, the mobile phone industry have reacted and are issuing fixes for these very serious problems. Accordingly, the time has come for full disclosure...

In November 2003, Adam discovered serious flaws in the authentication and data transfer mechanisms on some bluetooth enabled devices, and, in particular, mobile phones including commonly used Nokia, Sony Ericsson and Motorola models. Shortly thereafter, Martin Herfurt of Salzburg Research Forschungsgesellschaft mbH expanded on these problems, and teamed up with Adam to investigate further. At EuroFoo in August 2004, Adam and Marcel Holtmann met, and agreed to colaborate on looking into the underlying causes of the problems, as well as sharing information and resources to try and gain a better foothold for the opensource community within the official bluetooth organistaions.

This talk will cover the issues arising out of the flaws, including loss of personal data, identity theft, phone tapping, tracking, fraud and theft of service. The threat to individuals and corporates will be examined, and statistics and examples from the real world presented, as well as live demonstrations and full disclosure of techniques used in each of the attacks. Details of how the industry reacted, what they did, didn't and should have done will also be discussed, as well as some positive steps that have been taken as a direct result of the original problem disclosures.

This will be a fun talk and a real eye-opener for those with bluetooth enabled devices, and will start with an introduction into the Bluetooth architecture and the security mechanisms offered by it so that it is possible to understand how and why the different attacks are working. Further there will be an introduction into the Linux Bluetooth stack BlueZ that will be used for doing the attacks and showing exactly how these attacks are working.

For further background information on the issue, see: <http://www.thebunker.net/release-bluestumbler.htm>.

Archived page - Impressum/Datenschutz