Bluetooth Security Challenges, A tutorial Davide Del Vecchio dante@alighieri.org

摘要

In Italy there is a car, that implement Bluetooth, I wontrnimagine if bad connected what kind of things could be donernwith it.rnBut we can also imagine that the next generation of virusesrnwill spread not just trough outlook, messenger, or IRC, butrntrough your mobile phone too.rnYou will go to a Bar, and your mobile phone will berncontaminated, you will come back home, synchronize yourrnphone with PALM or with your personal computer and virusrnwill spread more.. and more..rnSo, the vulnerabilities in the Bluetooth protocols are (even ifrnmitigated by vendors) really of high risk.rnSome of this vulnerabilities are based on the bluetoothrnprotocols, on which the applications are based on. But thernvulnerabilities that resides on bluetooth softwarernimplementations are of higher risk.rnIt is possible infact not only to intercept every kind ofrncommunications (audio/data), but to read the phonebooks,rnand the sms, intercept phone calls and send sms too. For leastrnbut not for importance the possibility to execute arbitraryrncode thanks to some buffer overflow vulnerabilities.rnThis is because I am just helding this conference, and writingrnpapers, as first step of a sensibilization capaign.