Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Serious flaws in bluetooth security lead to disclosure of personal data

From: Pentest Security Advisories <alerts () pentest co uk>
Date: Fri, 14 Nov 2003 10:21:04 +0000

Jordan Wiens wrote:



<SNIP>


The ultimate fix is for manufacturers to provide a greater separation of
services, an attitude that seems to have been taken with the Ericsson T610.



I'm a bit confused; if I read it right, the first report specifically
mentioned this as a vulnerable device, now it's listed as one that got it
right?  Did I misread?
No, you didn't misread - The T610, whilst still vulnerable to some attacks, does provide more protection of OBEX profiles. In this respect, it's better than the other phones / devices we've tested.
On the particular T610 that was tested, we found that whilst it was possible to upload files to the phone we could not download files from it. 




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: