We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Bluetooth cracking tools released

Code could give short-range access to hackers

Two tools aimed at compromising Bluetooth devices, including PCs, have been released by German programmers at the Chaos Communications Congress in Berlin.

Businesses often ignore Bluetooth from a security point of view, but should be aware that there are fundamental security weaknesses in the wireless specification, according to Thierry Zoller, who introduced the tools at the conference.

Zoller, a security consultant, developed BTCrack, an implementation of a flaw disclosed in 2005 by Israeli security researchers. The tool takes advantage of weak PINs in Bluetooth devices, allowing an attacker to listen in on a pairing session and gain access to both paired devices.

HID Attack is a proof-of-concept exploit for hijacking a Bluetooth keyboard using the Human Interface Device (HID) standard. The attack could allow access to sensitive systems, according to developer Collin Mulliner, who said he came across the problem by accident while developing a software keyboard.

"The threat potential is high, it basically is like getting physical access to the target system," Mulliner said in a paper released in connection with Zoller's talk.

However, several practical obstacles mean that carrying out an attack is difficult, he acknowledged. Not all HID hosts implement server mode, which is necessary for the attack, and the fact that the screen might not be visible adds more complications.

Furthermore, the biggest limitation to Bluetooth attacks is that they must be carried out at close range.


IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model