Vulnerability Development mailing list archives
RE: Wireless device vulnerability?
From: "Toni Heinonen" <Toni.Heinonen () teleware fi>
Date: Mon, 25 Mar 2002 21:29:27 +0200
Evening.
On Mon, 25 Mar 2002, Toni Heinonen wrote:In the US and Europe, Bluetooth uses frequencies 2.400 MHzto 2.483,5MHz, with 79 different bands to hop on, each 80 MHz wide orsometimesmore. Seeing as you would not try to synchronize yourjammer with the I suspect you mean 2.4000 GHz to 2.4835 GHz. That's a total of 83.5 Mhz of bandwidth. I fail to see how you can get 79 *different* bands each 80 MHz wide in an 83.5 MHz space.
Ehh, sorry. One megahertz in between, and 79 bands, as said.
hop sequence, do you think it would really be capable ofjamming thatwhole band? After all, even a square wave won't producethat much of adisturbance to the neighbouring bands. I mean, of course you couldBlotting out a signal is always easier than detecting it. Generating 83.5 Mhz of noise at 2.4 GHz isn't hard at all.
Okay.
Of course, the whole idea is that the protective safeguards for a system do not cost more than the protected assets. Seeing as how a Bluetooth chip is supposed to cost 5$ (of course not yet,but probablyso after mass production), would it really be possible to build a jamming device of this magnitude for 10$ (the cost of a two-machine Bluetooth network)?Would it really be possible to build a Bluetooth network for $10? I'll bet teleware.fi will never bill $10 for building one.
I wonder what you mean. Are you talking about a network infrastructure? After all, isn't the idea of Bluetooth that you have two devices, such as a laptop and a mobile phone, that are interconnected with Bluetooth transceivers instead of, say, a serial cable? And, being an ad-hoc wireless network, it doesn't require base infrastructure. Instead, if you join your Bluetooth devices to some fixed network, e.g. Ethernet, you will have some sort of a gateway device (a router, a laptop computer) that has both Ethernet connectivity and a Bluetooth transceiver. So in essence, you won't have to get new network elements into your existing Ethernet network. How could I "sell a Bluetooth network"? Are you talking about the routers and other gateways that interjoin an ad-hoc Bluetooth network into a company's fixed network? And, as I stated in my previous post, my company has no financial interest in WLAN installations or the like.
While not a law of nature, it has been consistently demonstrated that wireless networks cost more than the vendor claimed and aren't as reliable as the vendor claimed.
Yes, indeed so. But with Bluetooth, aren't we talking simply about the transceivers and perhaps firmware/software?
Bluetooth is the 'latest and greatest' in a long line of solutions that have consistently failed to live up to their claims. Here's a great example; Motorola sold a communications system to my state, making the same claims you make for bluetooth. It carries Police, Fire, EMS and government voice and data traffic. It is used for dispatching, Mobile Data Terminals and control of MOSCAD devices such as traffic lights.
But that doesn't sound anything like Bluetooth. Bluetooth is meant for personal area networks, whereas the network you describe is a wide area mobile phone network with data capabilities.
It was finished several years late, 200% over budget, and has never achieved more than 95% reliability. Worse, it would cost about $100 to disable this multi-million dollar system. It uses a small number of frequencies in the 800Mhz band for digital frequency hopping. The frequencies are fixed, and the PSN is so weak you can break it in realtime.
Indeed. I assume the technology was proprietary? When it comes to Bluetooth, I think the cipher and underlying encryption infrastructure is sound (as sound as WLANs were before they were deployed :) TONI HEINONEN, CISSP TELEWARE OY Telephone +358 (9) 3434 9123 * Fax +358 (9) 3431 321 Wireless +358 40 836 1815 Kauppakartanonkatu 7, 00930 Helsinki, Finland toni.heinonen () teleware fi * www.teleware.fi
Current thread:
- RE: Wireless device vulnerability? Toni Heinonen (Mar 23)
- Re: Wireless device vulnerability? John Lampe (Mar 23)
- RE: Wireless device vulnerability? J Edgar Hoover (Mar 24)
- <Possible follow-ups>
- RE: Wireless device vulnerability? Toni Heinonen (Mar 25)
- RE: Wireless device vulnerability? J Edgar Hoover (Mar 25)
- Re: Wireless device vulnerability? Bill Pennington (Mar 25)
- Re: Wireless device vulnerability? Kurt Seifried (Mar 26)
- RE: Wireless device vulnerability? J Edgar Hoover (Mar 25)
- RE: Wireless device vulnerability? Toni Heinonen (Mar 25)
- RE: Wireless device vulnerability? J Edgar Hoover (Mar 25)
- RE: Wireless device vulnerability? Toni Heinonen (Mar 25)
- RE: Wireless device vulnerability? Toni Heinonen (Mar 26)
- Re: Wireless device vulnerability? John Lampe (Mar 26)