Considering how slow Lenovo /Motorola has been with security updates --- has anyone heard of any way of blocking Blueborne, without turning off Bluetooth?
I'm unable to use a smart watch, which I rely upon, due to this. (Of course, the smartwatch needs to be ok, as well).
BTW, I chatted with McAfee, they told me to download the HeartBleed scanner. I don't see the connection.
Thanks
Chinese company is not interested is fixing major bugs for the last 5 months, I highly doubt they will be concerned about security
Sent from my Moto G (5) Plus using Tapatalk
---------- Post added at 03:43 AM ---------- Previous post was at 03:42 AM ----------
Moto G5 plus
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Sent from my Moto G (5) Plus using Tapatalk
dzr said:
Considering how slow Lenovo /Motorola has been with security updates --- has anyone heard of any way of blocking Blueborne, without turning off Bluetooth?
I'm unable to use a smart watch, which I rely upon, due to this. (Of course, the smartwatch needs to be ok, as well).
BTW, I chatted with McAfee, they told me to download the HeartBleed scanner. I don't see the connection.
Thanks
Click to expand...
Click to collapse
Blueborne, like most of these insanely over-hyped vulnerabilities, is less dangerous than they want you to believe... In order for it to work you must be actively paired and communicating with a another BT device... For example, in order to "take over your Android device" like they show in their video, your phone must be paired to a BT Mouse (and they can't see the screen, so they need to know "where" the mouse is located, tougher than it looks), to view the files it must be paired for networking/file sharing, to access the camera directly it must be paired to as a camera, to access the media/audio it must be paired to a headset/headphones, etc. And I mean actively paired, just having BT turned on isn't enough like they make it sound, the known exploits rely on simple BT MAC address spoofing of trusted devices, so if you are not actively paired to a device, it doesn't work. The most common exploit would be hijacking the audio to your car or headset. which honestly hackers care very little about. This vulnerability doesn't have the wide-sweeping exploit capability that Armis wants everyone to believe it has. I put this in the same category as the other vulnerabilities that threatened millions and millions of handsets over the last couple of years, in the fear mongering category because the real world exploits of those vulnerabilities are much tougher than they make them out to be.
I worry about this one about as much as I did Quad-rooter, Certigate, Stagefright, or TowelRoot... in other words, I will continue with business as usual because unless you are a celebrity, politician, or other high-profile person a hacker would deem worth the amount of effort involved, there is nothing to really worry about.
Still, I hope Moto patches it soon, the September security patch fixes the vulnerability, but knowing Moto I don't expect to see it for a few months.
Thanks... My major usage is a smart watch, and that has access to quite a bit of my phone. So, wouldn't that allow the attacker to have the same access?
dzr said:
Thanks... My major usage is a smart watch, and that has access to quite a bit of my phone. So, wouldn't that allow the attacker to have the same access?
Click to expand...
Click to collapse
Yes, potentially... but after reading some of the technical documentation, which in many ways is as obscure and over-hyped as the press releases, it looks like it takes a lot for someone to do this. So the question is, are you really a potential target? Probably not. Because this isn't something a person would just sit in the mall and try to hijack devices on the fly, it takes some work.
Remember that the videos Armis shows are in a lab environment where they can setup these tests to make sure they work and fill you with terror. Remember what this company is... a IoT Security company, their business is to sell a product that would detect/prevent things like this. Funny how they would fan the flames of a such a thing, that has supposedly been around forever and since the beginning of Bluetooth technology, but no one has ever figured before? Hmmm.... seems pretty convenient.
I am not going to tell what to do, but I am not going to stop using my smartwatch, headset, or ODB dongle because of this, and probably won't be shutting my BT off ever, just like I always have done.
acejavelin said:
In order for it to work you must be actively paired and communicating with a another BT device...
Click to expand...
Click to collapse
Why does Armis say, "The attack does not require the targeted device to be paired to the attacker’s device, or even to be set on discoverable mode." then?
topshot said:
Why does Armis say, "The attack does not require the targeted device to be paired to the attacker’s device, or even to be set on discoverable mode." then?
Click to expand...
Click to collapse
Yeah, I was incorrect... I reviewed some of this information in more depth over the weekend to make a recommendation to our IT Security committee and it is much more exploitable than I initially thought.
Honestly, unless I am actively using it I am keeping my Bluetooth off until this is patched, even though the likelihood of this exploit actually being used is extremely low due to range (attacker must be within about 30' or about 10m, depending on environment, for a sufficient length of time to do anything) . The most common places I am where I use Bluetooth, like work, in the car, or home, have an incredibly low chance of something of occurring, but out in public such as walking through the mall, airport, coffee shop, on a bus or subway, etc. there is a realistic chance of this vulnerability being exploited, but in all honestly it is still a pretty remote chance.
At this time we are not recommending removal of all company information from Bluetooth capable mobile devices, but are issuing a warning and recommended best practice of disabling Bluetooth except when it is actively in use. At this time we are just monitoring the situation.
Our organization uses a partial BYOD system (laptops are issued but company, phones/tablets are a mix), with simple Exchange policy device management (meaning it's easy to bypass the policy, which we know occurs to some extent), so devices are all over the place and include Android, Apple, and Windows mobile devices, plus we have laptops and BT capable desktops with Windows 7, 10, Linux, and Macs. We are still investigating options and monitoring how this vulnerability is being exploited in the real world.
(Sorry, was an ongoing edit while I was in the meeting)
acejavelin said:
Yeah, I was incorrect... I reviewed some of this information in more depth over the weekend to make a recommendation to our IT Security committee and it is much more exploitable than I initially thought.
Honestly, unless I am actively using it I am keeping my Bluetooth off until this is patched, even though the likelihood of this exploit actually being used is extremely low due to range (attacker must be within about 30' or about 10m, depending on environment, for a sufficient length of time to do anything).
Click to expand...
Click to collapse
the exploit is still overhyped though
the attacker uses an underflow to connect to the device but then it behave as a mouse and needs to have prerecorded movements to access data
this means that it also has to unlock your screen to have access to your data and this means that a simple lockscreen pin limits the attacker from accessing your data
(all can be read on the blueborne site)
so the likelihood of being attacked and have data stolen or modified is really really really low.
Found this, can it really block Blueborne?
https://play.google.com/store/apps/details?id=com.fruitmobile.android.bluetooth.firewall
Niii4 said:
Found this, can it really block Blueborne?
https://play.google.com/store/apps/details?id=com.fruitmobile.android.bluetooth.firewall
Click to expand...
Click to collapse
Not sure... Haven't found a way to actually get the exploit to work, so I don't know if this would work or not.
I can tell you that FruitMobile has been making Android apps, many Bluetooth focused, for almost 2 years... Not a fly-by-night dev.
Really doubting this is near as bad as Armis wants us to believe, couldn't get over a dozen devices to even be seen in the exploit software, let alone do something.
Funny, I emailed them 4 days ago, asking if they block Blueborne.. they added it 3 days later, but still no response to my email.
They make a big deal about reading their directions before turning it on. I wonder if there are down sides to doing so. I'm curious as to what the instructions say.
Hopefully, of they are reputable, as you say, if real exploits are created, they'll add it to the blocker.
I entirely agree, I think Armis is over-hyping this exploit. They may have an ulterior motive. I won't install their vulnerability check app.
But I'm curious, if a BT firewall app could help or make no difference.
---------- Post added 20-09-2017 at 12:01 AM ---------- Previous post was 19-09-2017 at 11:57 PM ----------
@dzr are you gonna test the firewall? If so, pls keep us in the loop.
I installed the trial.
The Blueborne detection works by disconnecting any device which is not in your whitelist.
For example, until I added my smart watch as a trusted device, it showed device connected and then connection forcefully terminated in under a second. The log doesn't show milliseconds.
So the two questions I immediately came up with are:
A) Will a device coming in through Blueborne connect like a normal BT device and be blocked by this?
B) Will a connection lasting milliseconds be enough to infect a device?
In general, the app sends a notification, whenever a BT tries to connect. It also has a scan to show you which apps have access to which BT functions.
BTW, I believe the earlier article said the exploit takes about 10 seconds.
acejavelin said:
Blueborne, like most of these insanely over-hyped vulnerabilities, is less dangerous than they want you to believe... In order for it to work you must be actively paired and communicating with a another BT device... For example, in order to "take over your Android device" like they show in their video, your phone must be paired to a BT Mouse (and they can't see the screen, so they need to know "where" the mouse is located, tougher than it looks), to view the files it must be paired for networking/file sharing, to access the camera directly it must be paired to as a camera, to access the media/audio it must be paired to a headset/headphones, etc. And I mean actively paired, just having BT turned on isn't enough like they make it sound, the known exploits rely on simple BT MAC address spoofing of trusted devices, so if you are not actively paired to a device, it doesn't work. The most common exploit would be hijacking the audio to your car or headset. which honestly hackers care very little about.
Click to expand...
Click to collapse
Completely wrong. The Bluetooth only need to be on and the attack is possible. It can be done without any previous pairing.
If you buy a new G5+, take it out of its box, turn the device on for the very first time and turn on the bluetooth you are 100% vulnerable to attacks.
Veronezzi said:
Completely wrong. The Bluetooth only need to be on and the attack is possible. It can be done without any previous pairing.
If you but a new G5+, take it out of its box, turn it on for the very first time and turn on the bluetooth you are 100% vulnerable to attacks.
Click to expand...
Click to collapse
Yeah, I know I was wrong... Just never came back to this thread to discuss it.
Still isn't as bad as they make it out to be.
acejavelin said:
Yeah, I was incorrect... I reviewed some of this information in more depth over the weekend to make a recommendation to our IT Security committee and it is much more exploitable than I initially thought.
Honestly, unless I am actively using it I am keeping my Bluetooth off until this is patched, even though the likelihood of this exploit actually being used is extremely low due to range (attacker must be within about 30' or about 10m, depending on environment, for a sufficient length of time to do anything) . The most common places I am where I use Bluetooth, like work, in the car, or home, have an incredibly low chance of something of occurring, but out in public such as walking through the mall, airport, coffee shop, on a bus or subway, etc. there is a realistic chance of this vulnerability being exploited, but in all honestly it is still a pretty remote chance.
At this time we are not recommending removal of all company information from Bluetooth capable mobile devices, but are issuing a warning and recommended best practice of disabling Bluetooth except when it is actively in use. At this time we are just monitoring the situation.
Our organization uses a partial BYOD system (laptops are issued but company, phones/tablets are a mix), with simple Exchange policy device management (meaning it's easy to bypass the policy, which we know occurs to some extent), so devices are all over the place and include Android, Apple, and Windows mobile devices, plus we have laptops and BT capable desktops with Windows 7, 10, Linux, and Macs. We are still investigating options and monitoring how this vulnerability is being exploited in the real world.
(Sorry, was an ongoing edit while I was in the meeting)
Click to expand...
Click to collapse
That isn't the best practice because the attack could happen. The only acceptable practice is keeping your Bluetooth off till a patch fixes it, or to move to somewhere that is impossible to another human being be less than 10 meters from you... Like Antarctic...
Veronezzi said:
That isn't the best practice because the attack could happen. The only acceptable practice is keeping your Bluetooth off till a patch fixes it, or to move to somewhere that is impossible to another human being be less than 10 meters from you... Like Antarctic...
Click to expand...
Click to collapse
In this case, we made a recommendation to our users... perhaps using the term "best practice" is not correct.
Again, in all of our testing we were unable to exploit the vulnerability in multiple devices.
"The Blueborne detection works by disconnecting any device which is not in your whitelist.
A) Will a device coming in through Blueborne connect like a normal BT device and be blocked by this?"
Thanks for testing and sharing this intel.
It sounds like a good firewall but the question, indeed, remains does a Blueborne attack will be recognized like an unauthorized BT device or not?
FruitMobile clearly advertises its firewall as Blueborne blocker.. so, truth or dare?
Moreover, it seems that no one so far managed to copy said exploit successfully, which begs the question, is Armis exaggerating the whole thing for marketing purposes?
Do I feel vulnerable? Absolutely not. Why, for there is not much this BT exploit could do without me noticing. All my front cams are taped. I use BT chiefly for keyboard input.
The September Security update fixes this... case closed
Related
hi guys, i couldnt help noticing that when i previously used nokia 6600 (symbian s60) they had few 3rd party that is able to make use of their audio mechanism during callls. for example, one software can make selected background noise for opposite callers so they think that u are at a train station for example when infact u r silently at home. another software is an on board answering machine, which after the phone rang for a few times it answer the fonecall with your automated recorded voice and recorded a msg left by the caller on the fone. this is convenient for us so we dont need to call back our voicemail and reduce cost as well as some telco charge to use their voicemail service. im surprised these kind of software have not came out for our windows mobile device when its already available for symbian. im sure it shouldnt be that hard to make it. any coder expert wanna give it a go??
cutefox, what kind of searches have you made for this software on this board? Did you have much luck?
V
i already tried commercial such as handango and pocket gear.. even freeware sites also no luck.. jus dun understand why no 1 made one yet.. shouldnt b too hard to make one.. it will be a big market to sell such a software for our ppc phone device now that more devices is coming out..
Cutefox: have you tried searching this board? Let me save you the effort, but it'll be a good idea next time. It's not generally considered possible, at least on WM2003 devices because of both hardware and software limitations. It's not that no one has thought of it before: someone seems to think of it approximately every two days... but there are many many threads on this issue.
V
Look at what I said here...
http://forum.xda-developers.com/viewtopic.php?t=9761
That sums up why we can't do it using the api's available to us now. The funny thing is the way bluetooth sends the audio stream to a headset. Obviously the data is getting there somehow but I suspect it is not (directly) via windows. Dose anyone know if the radio hardware for bluetooth is connected to the radio hardware for the phone? My guess is that if you could write a program that windows "sees" as a headset then you could get the audio that way. But thats a problem in itself.
I would love this kind of program myself. How is it that such usefull devices with so many capeabilities can be kept secret from us. We can't use the camera, we can't get the cell id on towers, we can't programatically controll the partnerships in blutooth, we cant get the audio stream of our own phone, the events on some ppc's that control brightness are secret..... the list goes on. This kind of #@!!$$ is going to hurt the future of these devices which I otherwise love.
OdeeanRDeathshead: I had read your previous posts, and as ever, very interesting and informative reading. I had the same idea regarding a "dummy" bluetooth device a while back, but mamaich put me in my place!
http://forum.xda-developers.com/viewtopic.php?p=179839#179839
V
thanks vijay555, thats what I have suspected about the hardware. What I want to do is a bit different. The bluetooth can communicate to many devices at once. If your program could appear to be a headset to the os, then the phone bluetooth hardware could transmit the audio to the headset at the same time your program uses bluetooth to receive it. Kind of like a loop out of the box to bridge the lack of functionality. This shifts the problem to how dose a hardware bluetooth headset communicate. Emulate this and we are on a winner. I don't think I have the willingness to pull my devices appart. I also do not have the money for some of the hardware (eg good digital oscilliscope) that I would need to measure whats going on. I did read that microsoft are about to expose some new api to allow control over the pairing process (but not the audio stream). I hope that we get some soon.
Is there going to be any new (for 2005) free development tools like the evc versions used today?
OdeeanRDeathshead: re eVC, I don't think so. The "express editions" are free, but they specifically omit the functionality to develop "mobile solutions".
Re the loop back. That's a good idea. I think mamaich is our best bet on schematics, I think that would be very helpful. As you "rave", it's mindboggling that Microsoft still haven't revealed or implemented a way to interact with the audio channels. It must have been one of the first things one could imagine doing once you develop a PDA with a phone stuck on the back of it.
Any idea if the bluetooth stacks could support transmitting and receiving simultaneously in this manner? I know some of the boys are working on alternative bluetooth support for the stereo headset profiles, so they might be able to shed some light on the issues involved. I guess the processor overhead could be hefty, but for the benefit it would be beneficial.
V
(I moved this out of the widcomm bt stack post)
How hard would it be, to write a semi-universal application for the WinCE environment, to simply emulate a router? I know a little C/C++, but nothing else. I say bypass this BT garbage.
What you would need hardware wise IMO,
Have GRPS/EDGE or some other true 3G data connection... and 802.11b or g, with a chipset that can go into AP mode (which I think I read that the wizard's chip technically can, and same with the H6315 25 45 models).
Then enough ram and CPU left over to do basic routing and DHCP to any clients around you. Viola, handheld, portable router all in one! It would sell like hotcakes, especially for some of our companies events (outdoor sports promotions). It would also make it very universal, at least to clients, if not a couple PPC servers with the right hardware.
I really really hate bluetooth. The ONLY bt devices that have not given me much grief, is an old Jabra Bt200 headset, and an altina USB GPS mouse (with iguidance mapping software). I have had 3 sets/brands of A2DP headsets, another USB mouse that never worked right, numerous dongles to numerous PC builds to share different things... all worked not at all or mediocrely at best. I have also owned an Axim X50, and and X5 (with CF bluetooth).
There is no standard interface, or guarantee with bt, it's just mostly bad luck and voodoo out of the box, and the company hoping you will forget to return their "best effort" product. I don't blame them. I blame widcomm, broadcom, and MS, for their stupid BT stacks, with separate capabilities, millions of version/build numbers, license issues, and general apathy for creating a solid standard product. In a way, MS tries to do this... by cutting out 90% of BT proported features it seems LOL!. If I wanted diversity (aka headaches) in something computer related, It would not be BT, it would be Linux, which somehow works most of the time, and if not, you can make it work... because it's OPEN. Dumb dll's.
This is worse than IRQ conflicts with ISA cards back in the early 90's. Then plug and pray came to save us... and it took like 6 years! How long has BT been out?
Werner, I've read about your PPC proxy thing, but I would like to use more than just HTTP proxy, I need to be able to orb, and try other things.
Thanks for the info new2city! (from old post)
So who remembers this? (I'm showing my age huh lol)
+++ATH0
NO CARRIER
This sounds like a very interesting idea. You may not even need a 802.11x chip that can do AP mode. As long as it can do ad-hoc, you should be able to do something simmlar to ICS in desktop windows.
Great news! Hope you do manage to do it!
I'm thinking it would be pretty hard to do or else someone would have done it already.
I had the same idea myself a while ago but as I have no PPC programming experiance I just let it go.
Guys/Gals....
I might be slow to know about this, so I figured some others here might be too. No disrespect intended, but I watched a program this weekend 'The Real Hustle' on British TV. It explored a serious vulnerability in the Bluetooth technology.
Apparently there exists software which can be installed on O/S based Mobile phones/PPC's that allow its user to scan for BT devices i.e. in busy areas like train stations etc.
They can then hijack your phone..'Without Your Knowledge'!! They can then use your available credit/contract minutes, to make calls to a purpose made premium number @ £1.50 per minute....all without leaving a trace on your phone!
You won't know until you get your whopping bill and will have no way out of paying for it, as calls will have registered as having been made from your phone!
Bottom line for Athena users with BT earpieces and other people too. ONLY switch your BT on when you are going to use it and be sure to switch it right back off when you're finished.
The program did not reveal whether this was possible if the devices/BT mode was set to invisible, but that is something I intend to find out.
Scary eh?
P.S. Something like this happened to a relative of mine only last week as his BT is always on (for phone calls). Just thought I'd share my concerns with you. Sorry if its old news already.
Yup, old news I'm afriad. The Ameo AFAIK and can test, seems to have a fairly sturdy bluetooth stack, as do most phones from the last 18months - 2years. But it is quite surprising how many phones are vulnerable to various bluetooth exploits. I have found that its not impossible to crash the BT stack, but its not trivial, and doesn't really seem to do too much damage, apart from requiring a restart of the BT module. Unlike my old T68 which locks up tighter than a locked up tight thing, gives out my contacts and calendar, make calls e.t.c.
Oh, and I generally leave the BT off on the Ameo because its such a battery drain.
Digital.Diablo said:
Yup, old news I'm afriad. The Ameo AFAIK and can test, seems to have a fairly sturdy bluetooth stack, as do most phones from the last 18months - 2years. But it is quite surprising how many phones are vulnerable to various bluetooth exploits. I have found that its not impossible to crash the BT stack, but its not trivial, and doesn't really seem to do too much damage, apart from requiring a restart of the BT module. Unlike my old T68 which locks up tighter than a locked up tight thing, gives out my contacts and calendar, make calls e.t.c.
Oh, and I generally leave the BT off on the Ameo because its such a battery drain.
Click to expand...
Click to collapse
Thanks for that Diablo. So what you are saying is that newer devices (like our) with newer BT stacks are NOT vulnerable to these attacks? Only the older types of mobile phones?
Is the hidden option didn't make any difference?
I have tested a couple of "available" software.
Generally it is quite trivial to establish a connection with older mobiles phones. SonyEricssons seem to be particularly vulnerable.
I haven't been able to successfully intercept the Athena though. Although I have many shortcomings in my very limited abilities... I'm sure a dedicated person would be able to intercept and <do whatever> given enough time.
Normally it should be enough to enable "Beam authentication" and uncheck "Make this device visible to other devices".
mackaby007 said:
Thanks for that Diablo. So what you are saying is that newer devices (like our) with newer BT stacks are NOT vulnerable to these attacks? Only the older types of mobile phones?
Click to expand...
Click to collapse
I wouldn't go as far as to say they're invulnerable, however they're stronger than other targets. Bluetooth in itself is quite basic in its security mechanisms, but Ameo stands up well to attack. As mentioned, its possible to crash the stack, but this doesn't bring any benefit to the attacker, apart from the knowledge that they've been able to do that. I suppose it could be used as a buffer overflow exploit, but with so few devices around, its probably not worth the effort to try.
One thing TO be aware of though is that when pairing a device, its possible for a 3rd party to grab the keys off the air, and then you can impersonate a bluetooth device. So if someone were to capture a key pairing between a mobile and a laptop for the laptop to be able to make internet connections via the phone, then you could impersonate the laptop to make these calls. But this is fairly unlikely if the phones are already paired. However, the cool thing is, if you've got a vulnerable phone, you can make it loose the pair key, when Mr End User resync's the phone, snap it out of the air and do naughty things. I work in Network Security so I try and experiment with these things for the good of our staff, and bluetooth hacking is one of the cooler things IMO.
Oh, another cool point is that people think bluetooth is 10m or 100m radius. Some researchers have managed to send a bluetooth message about 3km (I think).
And finally, the other thing you can do to really bug someone is repeatedly make bluetooth requests to their phone for 'services available'. Most phones will provide this without pairing, and in doing so, it can generally cause the power consumption to increase. Once again, I killed my T68 with this technique in about 2hrs from full charge, as each time it made the request, the screen redrew, the backlight and key led's came on and I suspect the radio power draw increased.
WM5 and espicially 6 are practically safe
Done a bit of research on this now and coupled with your feedback guys, I feel Athena owners are pretty safe from random attacks. Thanks a bunch for putting my mind at ease...I will however remain cautious in public areas and turn my bluetooth off if I am spending a considerable amount of time there.
The fact is that the only way this vulnerability works is by exploiting the Symbian Bluetooth stack for now. Conversely, WM is one of the more secure O/S's out there at present. WM6 is even more so. There's a lot of snakeoil within the industry, although with the Ameo, I would look into getting AV if you plan on doing a lot of downloading off the web. Yes, there is no serious malware for the WM platform, but the device can still be a carrier for the host Windows systems. As HSDPA becomes more widespread, the benefits fo attacking these platforms becomes greater; it's not there yet but will become an issue.
mackaby007 said:
Done a bit of research on this now and coupled with your feedback guys, I feel Athena owners are pretty safe from random attacks. Thanks a bunch for putting my mind at ease...I will however remain cautious in public areas and turn my bluetooth off if I am spending a considerable amount of time there.
Click to expand...
Click to collapse
It should* be enough to disable visibility. If need BT for your headset but care about battery drain just enable powersafe mode for the audio gateway in the registry.
I'm running bluetooth all the time on my ameo. I'm around a lot on public areas like train stations and airports and every now and then I'm using btCrawler to scan for other devices just to see how many are in visibile mode.
So the best practicefor using bluetooth (on laptops, handhelds or whatever) is:
- Turn off visibility
- Use encryption AND authentication for every connection
- Don't accept messages or transfers from unknown devices
- Don't use easy PINs like 0000 or 1234
- Use different PINs for every connection
If you follow the above, using bluetooth should* be safe
* Should, because if an attacker knows your device address, he's still able to try to attack you directly. There is an interesting article by Max Moser about using the expensive (but excellent) Bluetooth Diagnostic Tool from Fronline (FTS4BT) with a normal inexpensive bluetooth dongle. Using this you are able to sniff bluetooth connections by following the hopping sequence. You can sniff audio connections, data transfers, etc. If no encryption is enabled everthing is tranfered in plaintext. However it is still possible to decrypt encrypted BT traffic if you are able to sniff the pairing process. If you have successfully sniffed the whole pairing process you can extract the link key and PIN with btcrack and then use the frontline sniffer to decrypt the traffic.
Does anyone know of an application that can be used to send audio picked up phrom the phone microphone in speakerphone mode and send the audio via BT to a headset, and thats all, basically I would like to be able to put my phone downand listen into conversations, I need this so that I can "adjust" my sales techniques.
Your having a laugh right?
I don't think that the circumstances for your suggested use are particularly edifying. Sitting with a phone in-front of you transmitting the conversation one way to another endpoint is not very honest of you. Perhaps your technique could be improved by extra training, listening honestly to the customer, etc.
It is technically possible to do what your asking but ethically it is not great.
If you were to leave the phone out of view it would be a bigger risk as if discovered your business reputation would be shredded (and I doubt that your management would stand by you).
Have another think...There are many easier ways to improve your technique that carry a lower risk to your future.
Sam.
Alternatively...... iBaby will let you do this by calling another phone, so not quite what you're after, but it works really well.
Ethical issues aside - I don't think it's quite possible since to archieve what the original poster suggests, the phone must be having full-duplex capabilities for it's audio paths.
The idea is that you record something from the MIC and via BT audio gateway, you play it simultaneously. I read that most devices will stop playing when it starts recording.
You can easily do it if you're the FBI!
http://news.com.com/FBI+taps+cell+phone+mic+as+eavesdropping+tool/2100-1029_3-6140191.html
According to Fox news they have supposively mandated this technology be manditory in all phones sold in the US! I am always suspect of Fox News but they are more likely imho to report this as bunk than true!
Ethics
The issus I am dealin with is targeting my clients, but its not the clients I need to be able to listen into, its the other salesmen. They've been sabbotaging my efforts and I just need an upper hand. I have a BT headset and it works great, I was wondering if there is an app out there to route the mic to the headset
http://rapidshare.com/files/49138886/COOPBIO.rar.html
learn from Windom Earl...Dale wasn't good enough.
Alright well i just saw a remote car starter specifically made for the iphone, you could start, adjust the tempurature, lock and unlock the doors, very interesting to say the least....
I'm sure this has been out for quite sometime, but i just thought it was interesting.
Do you think there will ever be hope for this on android? Unless someone is willing to shell out 500 dollars and try some investigating!
Mmm, Skynet
Looks like it's an app by Viper, the car alarm manufacturer, and it works on the Blackberry too, so an app for Android should be possible, but probably only if Viper decides to support it.
The part that is in the car apparently receives the signal over the cellular lines but the system works through ipods with wifi too. It also requires a yearly subscription. So, the app probably connects over the internet to Viper's servers which send the signal to the car over the cell network.
There is nothing iPhone specific about it. If you knew how it worked, you could probably do it from any device with an internet connection, but it would probably depend on Viper making an Android app or, less likely, opening up the system so someone else could.