Security experts in the U.K. have discovered serious flaws in some Bluetooth-enabled phones, prompting one supplier of the vulnerable phones, Nokia Corp., to recommend precautionary measures.
"We have developed a tool that allows us to connect to a number of Bluetooth-enabled phones and download all sorts of confidential information, such as address books, calendars and other attachments without going through the normal pairing, or handshaking, process between devices," said Adam Laurie, technical director and co-founder of A.L. Digital Ltd. in London. "In fact, we have been able to obtain this confidential data without giving users any indication whatsoever that an intrusion is taking place."
A.L. Digital has discovered security flaws in four Nokia phone models: 6310, 6310(i), 8910 and 8910(i).
Janne Ahlberg, manager of technology platforms at Nokia, confirmed on Wednesday that these models are susceptible to potential attacks. Users of these phones in public places should either switch their phone to the "nondiscoverable" or hidden mode, making them invisible to others, or turn off the Bluetooth functionality completely, he recommended. Users should also check that their Bluetooth "pairings," or approved connections with trusted partners, are correct.
The U.K. security company detected similar flaws in phones manufactured by Sony Ericsson Mobile Communications AB. The Sony Ericsson models include the R520, T68i, T610 and Z1010.
The link for this article located at computerworld.com is no longer available.
