<div class='os_post_top_link'><a href='http://www.engadget.com/entry/1234000550048520/' target='_blank'>http://www.engadget.com/entry/1234000550048520/</a><br /><br /></div><i>"The Bluetooth Special Interest Group has told people to set eight-digit PINs when pairing two devices and to take other precautions, after a report described a way for hackers to crack the security codes on Bluetooth devices and seize control of them. For security, Bluetooth devices will not communicate until they have 'paired'--a one-off process in which both devices must enter the same PIN, or personal identification number. A hacker that listens in on the pairing process can decode the PIN and then take control of the link, siphon off data or, potentially, take control of either of the devices."</i><br /><br />So the advice of the Bluetooth SIG is to use an 8-character alphanumeric PINs and to only perform pairing in private. 4-digit codes can be cracked in 0.1 seconds but an eight-character PIN would take 100 years to crack according to the Bluetooth SIG. They go on to say that such breaches would be highly unlikely as the equipment required is very expensive. Hmmmm. Well my initial thoughts are that 100 years to crack an 8-character sounds like wishful thinking and the equipment required to do it probably isn't going to be too expensive for too long. On the other hand, such a security breach requires the thief to be at just the right place at just the right time and within a close proximity to you... and then be able to stay within a close proximity for a period of time that is long enough to pull any important information off of your device (remember the slow BT speeds). Additionally, they have to rely on you not doing anything to break the pairing... all the while you'd probably be sitting there wondering why your paired devices aren't working properly (and of course, doing nothing about it). Finally, my PPC and my laptop both prompt me for confirmation everytime a paired device tries to access a file (the file transfer profile is the only one that would worry me), so I'm not sure just how much risk I'm really at. Anyone see differently?

This attack really is frightening. The hostile party forces apart two paired devices by impersonating one and claiming that the pairing key has been lost. Then they eavesdrop on the repairing and use that information to crack the PIN. And even if it really does take 100 years to crack an eight-character alphanumeric PIN (ha! maybe on a 6800), many devices only allow numeric PINs. I suspect that even at eight digits, those could be cracked in less than a minute. Bluetooth's saving grace is that the (re-)pairing process remains manual; user education (pair in private!) is enough to defang such attacks. Thank SIG for that.

Well... just my take on the subject (I'm hoping I am reading the article right). If people are really concern about that loophole, just do your pairing at home and not on a public area. Pairing are done once between the two devices so when you are out there, you should be ok.

Can't all files or folders in a BT transfer be set up in such a way that it takes an active event to release the files? Someone to actually push a button that says, "yes, you can send this file now." Instead of the "Do you accept this file?"

"The Bluetooth Special Interest Group has told people to set eight-digit PINs...

So the advice of the Bluetooth SIG is to use an 8-character alphanumeric PINs and to only perform pairing in private... 4-digit codes can be cracked in 0.1 seconds...


Don't forget the multitude of devices that have a SINGLE FIXED 4-digit pin: 0000. These take absolutely no time to crack whatsoever.

And if I recall the protocol correctly, one can inject bad packets into the datastream and force the devices to do a re-pairing on the fly. So pairing in "private" (I guess that means in your own personal faraday cage) isn't likely to be an improvement.

The real problem here is that people assume that Bluetooth has security.

-- Jorj

Well, if you are on the train and your headset conversation suddenly cuts out because lost your pairing, are you really not going to re-pair when the phone prompts you?

When you do, on your intercity train, some guy with a laptop could be running up premium rate phone calls on 5 phones at £1.50/minute.

£75 later he move on to another 5 phones, and a month later you get a big bill. Its not all about identity theft. There's real money to be made in them thar phones.

Surur

Well, if you are on the train and your headset conversation suddenly cuts out because lost your pairing, are you really not going to re-pair when the phone prompts you.

I'm not sure about your headphone but mine doesn't need another one if the phone and the headset loose connections. This is what I know though (correct me if I'm wrong).... once a device gets paired it adds that device's addresses to the trusted devices list. So if the headset is connecting to your phone, it recognize that unique address (looks like a MAC address) and figures that it doesn't need another pairing cause it's in the trusted list.

And yeah, when you go to a tunnel while riding a train, your phone &amp; BT headset doesn't loose connection.... only your phone signal. ;-)

Don't forget the multitude of devices that have a SINGLE FIXED 4-digit pin: 0000. These take absolutely no time to crack whatsoever.

Those devices that has a single fixed 4-digit pin (i.e. my iTech headset), only goes to pairing mode when you tell it to. I don't see how a malicious device could stablish a pairing session-request if it's not on that mode.

Granted, there are BT devices that has pairing always turned ON (like my BT access point... which is not working anymore). This are the cases where one has to be really really really careful.

Cheers!

You are misunderstanding. The hole in the specification is that a lost of pairing can be induced.

On my phone (A SE v800) I would hear a tone from my phone telling me it lost connection with the headset. When I browse the bluetooth settings to reconnect it will tell me to re-pair. This is were the hacker sniffs the password, and will be able to impersonate your headset, and therefore dial a number while you are reading your paper.

Surur

You are misunderstanding. The hole in the specification is that a lost of pairing can be induced.

Sorry Surur, but the article discusses re-pairing "with" re-authentication. The attacks mentioned forces your devices to get unpaired... in other words, to take your devices off the trusted list (I'm not sure if that is even possible... cause you cannot delete it from outside the device, or in other words, tell the other device to take you off the trusted pair list).

Anyway, that is why on the article, it says you have to re-enter your PIN again because the other device doesn't recognize it anymore. But if you just loose connection by, say, you turned OFF then ON your devices, that's a different case cause your devices won't ask for re-authentication.

I guess we are both lost in semantics here. There are 2 known use of the word "pairing/pair" in the bluetooth world. One is often used (as far as I know) in making each devices known to each other aka trusted, so the next time you do any other operations in between devices, you don't need to keep on sending another PIN or verifying that it's ok for the other devices to access it (OBEX file transfer doesn't seem to follow this rule). Another use for the word "pairing" is to reconnect devices when one is powered OFF before or something. I could have sworn 'pairing' mentioned in the article is the first one. Don't you agree? :wink:

Best regards,

Well, I could be looking at this wrong, but with regards to devices with hardcoded '0000' pins, I'm not all that worried about someone hijacking my headset or my GPS unit. I'm not even worried about someone hijacking my phone, as all they can really pull are some pictures, some music, and maybe some phone numbers.

What I'd be worried about is them hijacking my Pocket PC or my laptop. But for them to pull sensitive data off my device, they'd have to access it through the file transfer profile. No other profile I can think of makes sense.

However, on my PocketPC, anytime a paired device navigates to a new folder, I get prompted for confirmation. On both my Pocket PC and my laptop, everytime a paired device attemps to download a file, I get prompted for confirmation. In both cases, if I don't actively approve the action on my Pocket PC or laptop, then no data is submitted to the paired device.

On top of that, even if I were dumb enough to approve, the thief would have to be smart (or lucky) enough to find just the right files and would have to remain in my vicinity long enough for those files to be downloadable through slow BT speeds.

But what if he uses the BT connection to send 500 text messages at £2 each to his friends premium line? If you are on a bus or train, he would only need access for 10 minutes.

Surur

But what if he uses the BT connection to send 500 text messages at £2 each to his friends premium line? If you are on a bus or train, he would only need access for 10 minutes.

Surur
Good point. I was thinking more in terms of data security. I hadn't thought about services.

Wow, £2 per message for a "premium line"? I guess b/c text messaging never really became popular in the US, we just don't have these same sophisticated levels of text service in the US.

But what if he uses the BT connection to send 500 text messages at £2 each to his friends premium line? If you are on a bus or train, he would only need access for 10 minutes.

Exactly. Or a bluetooth keyboard, where you think that your traffic is encrypted, but every keystroke is being logged by someone. Bye-bye passwords...

-- Jorj

Yes, premium text messages is how e.g ring tones are sold. The recent LiveAid ticket lottery used text messages costing $1.50 each.

The target for all the hackers is always money. As a normal person there is very little benefit in getting my personal information. Getting their hands on a £1000 would make them very happy however. Its like the premium line modem dialer available as spyware on the Internet. They could empty out the people's "My Documents" folder easily, but they are more interested in hitting them with massive phone bills to a foreign country and getting their money that way.

This could potentially become a very common and effective attack.

Surur

Yes, but this hack is only possible during the initial pairing process. Once the device is on the paired device list they never swap the pin again. It's all based on mac address.
So if the hackers were really smart they would work on a way to get the mac address from one of the devices and spoof that. But that may not be possible as that is only given out after pairing.
Plus your device has to be in discoverable mode before you can even initiate a pairing then be open for the hack. So if you device is not in discoverable mode they can't even force you to initiate a pairing because they can't even see you...

It's nice to know these type of holes are there but lets not get carried away.

We're all gonna die!!! Run! Burn all your bluetooth!!! :roll:

But what if he uses the BT connection to send 500 text messages at £2 each to his friends premium line? If you are on a bus or train, he would only need access for 10 minutes.
Exactly. Or a bluetooth keyboard, where you think that your traffic is encrypted, but every keystroke is being logged by someone. Bye-bye passwords...
I don't believe keyboards would be an issue. AFAIK, keyboards can only be paired to one device at a time. For someone to be able to catch everything you're typing, you would have to be using the keyboard continuously while never raising an eyebrow at the fact that none of the text input is making it to your laptop or PDA.

So if you device is not in discoverable mode they can't even force you to initiate a pairing because they can't even see you...
That's an even better point. My phone needs to be in discoverable mode for a re-pairing to occur. Now they could rely on you trying to re-pair your devices and use that opportunity to get in, but if you either perform the re-pair in private or if you're paying close enough attention to the two devices you're attempting to pair, I would think you could tell immediately if the pairing happened the way you expected it to.

It's nice to know these type of holes are there but lets not get carried away.

We're all gonna die!!! Run! Burn all your bluetooth!!! :roll:
Yup. The security hole is unfortunate, but I still can't think of a convincing method that would allow someone to do anything other than annoy me by breaking a partnership.

I suggest you guys read the articles again.

In the exploit demonstrated by Shaked and Wool, a Bluetooth device pretends to have been paired with another previously, but has "forgotten" the link key. This begins a new pairing session, from which hackers could snatch the key, then crack it in nothing flat. With the cracked key in hand, an attacker could monitor all data sent by the compromised device, or even hijack it for his own use to, for instance, make calls that are charged to the hacked Bluetooth phone.

"At first glance, this attack isn't a big deal," wrote security researcher Bruce Schneier on his blog. "It only works if you can eavesdrop on the pairing process. Pairing is something that occurs rarely, and generally in the safety of your home or office. But the authors have figured out how to force a pair of Bluetooth devices to repeat the pairing process, allowing them to eavesdrop on it."

http://www.informationweek.com/story/showArticle.jhtml?articleID=164301936&amp;tid=5978


In order to send a “forget” message, the hacker must simply spoof one of the devices personal IDs, which can be done because all Bluetooth devices broadcast this automatically to any Bluetooth device within range.

“Having it done so easily is surprising,” says Schneier. He is also impressed by the fact that Wool and Shaked have actually implemented Whitehouse’s idea in real devices.

They show that once an attacker has forced two devices to pair, they can work out the link key in just 0.06 seconds on a Pentium IV-enabled computer, and 0.3 seconds on a Pentium-III. “This is not just a theoretical break, it’s practical,” says Schneier.
http://www.newscientist.com/channel/info-tech/electronic-threats/dn7461


So, in the keyboard example, you try to use your keyboard, it doesn't work, you pair it again, they hack your pass key, and now they can eavesdrop on every key you type. More dangerous is making phone calls however using your phone. That may even be done by pranksters, who could call MI5/Homeland Security making bomb threats and get your arrested. They would really enjoy that I'm sure.

Surur

Lessons learned:

1) never EVER put your BT devices on a discoverable mode unless pairing.
2) when authenticated-pairing is lost, re-pair them in a private place
3) if you really really really have to pair them again by sending another set of PIN on your device... look around for people with some bluetooth gadgets and a huge smirk (like this-> :devilboy: ) and walk 30 feet away from him/her (whatever the range of your BT signal) then you do your thing.

Again... hacking/cracking is "only" possible by eavesdropping on pairing process (read: manual resending of PIN). If you are just minding your own business (your PDA is OFF at the train), you should be ok. In reality, only BT phone and headsets are more susceptible to this attacks since people can easily see other person holding this devices in public (such as inside a train). Most people with Pocket PC are not your average Joe (or so I think). They at least know how to avoid this kinds of attacks (provided they read PocketPCThoughts daily :lol: hahahaha ). Another moral lessons... always go to PocketPCThoughts.com :wink:

So, in the keyboard example, you try to use your keyboard, it doesn't work, you pair it again, they hack your pass key, and now they can eavesdrop on every key you type. More dangerous is making phone calls however using your phone. That may even be done by pranksters, who could call MI5/Homeland Security making bomb threats and get your arrested. They would really enjoy that I'm sure.
Got it. So what we're saying is that a BT device can broadcast to multiple receivers if each of those receivers pretend to be the same device, regardless of whether the device is only designed to pair with one device at a time or not. That's the assumption I wasn't capturing.

Yes, but this hack is only possible during the initial pairing process.

Jason, that's not quite true. The encryption key for bluetooth is the PIN plus the Bluetooth address. If you know the key, you can decrypt the traffic stream. Again, back to the bluetooth keyboard I mentioned. And once you know the key, you can inject any packet you like into the conversation, which will at very least close down the existing connection.

Even with 4-digit pins at their best, you wind up with about 13.3 bits of key material -- which is trivial to crack. So I reiterate: there is no security for Bluetooth. Assuming that it has any is a flawed proposition.

So if the hackers were really smart they would work on a way to get the mac address from one of the devices and spoof that. But that may not be possible as that is only given out after pairing.


The bluetooth address can be retrieved from any active bluetooth device with an Inquiry command. Additionally, the slave address (i.e. for your headset or keyboard) is embedded in the baseband layer protocol of every packet. This part of the packet is not encrypted; only the payload is encrypted.

Plus your device has to be in discoverable mode before you can even initiate a pairing then be open for the hack.

Not for a denial-of-service attack, or for passive eavesdropping. And there are several proposed mechanisms to force re-pairing of two active (and paired) devices, which can put your device back in the pairing part of the negotiation, opening it up to these attacks.

Yes, I'm a bit paranoid here. But these flaws mean that (current, production) bluetooth keyboards are absolutely insecure, and the best you can hope for with headsets is that hackers don't become interested in them. Enough flaws have come to light that the entire encryption protocol is going to come tumbling down.

-- Jorj

I don't believe keyboards would be an issue. AFAIK, keyboards can only be paired to one device at a time. For someone to be able to catch everything you're typing, you would have to be using the keyboard continuously while never raising an eyebrow at the fact that none of the text input is making it to your laptop or PDA.

I'm not suggesting that one would inject keystrokes into your computer -- the point is that one could sniff all of the traffic, without the user's knowledge, and would have a complete account of every keystroke you typed.

-- Jorj

My phone needs to be in discoverable mode for a re-pairing to occur...
Now they could rely on you trying to re-pair your devices and use that opportunity to get in, but if you either perform the re-pair in private or if you're paying close enough attention to the two devices you're attempting to pair, I would think you could tell immediately if the pairing happened the way you expected it to.


So let's take an example case. You're on a train, or bus, and you're in the middle of a bluetooth call. Suddenly the line drops. You check your phone to find that the headset is unpaired.

What are you going to do? Re-pair it, of course. (Especially if the "phone" is really a PDA with a known unreliable bluetooth stack. But that's a different argument. :? ) You finish your call. The wily hacker, sitting across the way from you, realizes you're done and *then* hijacks your device, since he's got the PIN from the re-pairing.

Yes, paranoia. Yes, possible. I'll stop ranting now.

walk 30 feet away from him/her (whatever the range of your BT signal) then you do your thing.

Assuming they're not using a high-gain antenna to sit farther away and get the same signal, of course.

Again... hacking/cracking is "only" possible by eavesdropping on pairing process (read: manual resending of PIN).

Still not quite true. E0 (the encryption protocol for Bluetooth) uses a 128-bit key. There's a key initialization flaw that gives away 24 bits (if I recall correctly). With research done into attacking E0, a modern algebraic attack exists that reduces the keyspace down to 2^49. This is a little bit of work, and may still be somewhat secure. 49 bits is not a lot, though.

But attacking it from the other angle: using a 4-digit PIN plus a known address as the basis for the encryption key gives you only about 13.3 bits of data. 2^14 is crackable in less than a second.

Another moral lessons... always go to PocketPCThoughts.com :wink:

Now there's something I can agree with! :wink:

walk 30 feet away from him/her (whatever the range of your BT signal) then you do your thing.

Assuming they're not using a high-gain antenna to sit farther away and get the same signal, of course.

Ahh... but would only allow that person to "send" data and not receive. His device when using a high gain antenna can reach the other person's BT device BUT the person sending the PIN to his other device would not reach the perpetrators hacking device. :-)

I think you better read this article.

1 Kilometer World Record Bluetooth Link?
Posted Jul 30, 2004, 5:59 PM ET by Mike Outmesguine

Bluedriving at extreme range - 1 kilometer file transfer.

The date: Wednesday, July 28th 2004
The time: 12:00 PM PDT
The test: Connect to a low-power Bluetooth cellphone from a distance of 1 kilometer
.
.
.
A typical unmodified cell phone can be reached at a distance of one kilometer by using slightly modified equipment on only one side of the link. Imagine the possibilities with modifications on both ends of the link!

The result: Success!

http://www.wifi-toys.com/images/side-a.jpg

http://www.wifi-toys.com/images/side-b.jpg
http://bluetooth.weblogsinc.com/entry/2983435022266434/

Note, the cellphone is completely unmodified.

Surur

walk 30 feet away from him/her (whatever the range of your BT signal) then you do your thing.

Assuming they're not using a high-gain antenna to sit farther away and get the same signal, of course.

Ahh... but would only allow that person to "send" data and not receive. His device when using a high gain antenna can reach the other person's BT device BUT the person sending the PIN to his other device would not reach the perpetrators hacking device. :-)

You're mistaken. Antennas are bidirectional. If what you said were true, satellite dishes would not be able to receive signals from satellites.

I wish that I could give you comforting news about wireless and security, but Surur is right on the mark.