Nokia has admitted that some of its Bluetooth-enabled mobile phones are vulnerable to "bluesnarfing", which is where an attacker could read, modify and copy a phone's address book and calendar without leaving any trace of the intrusion.
Following networking and security firm AL Digital's revelation that at least ten handsets from Nokia, Sony Ericsson and Ericsson were vulnerable to a bluesnarfing attack, a Nokia spokesperson told ZDNet UK that the company is aware of "security issues" relating to Bluetooth devices that "makes it possible to download and modify phone book, calendar and other information on the phone without the owner's knowledge or consent, if Bluetooth is turned on."
However, the spokesperson said the attack was only possible if the phone was in 'visible mode' where it is set to actively search for other Bluetooth devices. The company admitted that a bluesnarf attack "may happen in public places, if a device is in the 'visible' mode, and the Bluetooth functionality is switched on. The phones vulnerable to 'snarf' attack include the Nokia 6310, 6310i, 8910 and 8910i phones as well as devices from another manufacturer."
According to Nokia, if an attacker had physical access to the 7650, the bluesnarf attack would not only be possible, but it would also allow the attacker's Bluetooth device to "read the data on the attacked device and also send SMS messages and browse the Web via it." The company said it had not been able to recreate this "backdoor" attack on the 6310, but would not confirm if the other models were vulnerable.
Nokia also admitted that its 6310i handset is vulnerable to a Denial of Service attack when it receives a "corrupted" Bluetooth message: "A DoS attack would happen if a malicious party sends a malformatted Bluetooth... message to re-boot a victim's Nokia 6310(i). We have repeated the attacks and found that there are some corrupted Bluetooth messages that could crash the Nokia 6310(i) phone," said the spokesperson, who sought to reassure customers by saying that following the crash, the phone will reset and function normally.
Nokia will not be releasing a fix for the devices in the near future because it said the attacks are limited to "only a few models" and it does not expect them to "happen at large".
The company advises customers in public places to set their phones to "invisible" or switch the Bluetooth functionality off: "In public places, where the above mentioned devices with Bluetooth technology might be targets of malicious attacks, at least in theory, the safest way to prevent hackers is to set the device in non-discoverable mode -- 'hidden' -- or switch off the Bluetooth functionality. This does not affect other functionalities of the phone," the spokesperson said.
A Sony Ericsson spokesperson told ZDNet UK the company is "looking into" the matter and expected to make a statement on Tuesday.
Talkback
It would be a start if the phones did not have bluetooth setting as default 'on' mode!
So if you are in public, don't use bluetooth!
why would anyone want to take their mobile phone into public?
just leave it at home and use a pay phone...
Unfortunately, the only way to 'fix' this bug is to disable the Bluetooth on the phone. Setting the phone to non-discoverable does not help, as tools such as @stake's Redfang or Shmoo Group's Bluesniff can still find the phone.
If I owned one of the affected phones I'd be very much annoyed at Nokia for taking so long to admit to the problem. Never mind the fact that they're not actually going to do anything about it.
Shouldn't a refund be in order?
I have a Nokia 6310i. It seems ok that there are few of us out there who might be affected, but Nokia's this kind of treatment of its customers cannot be fair. Nokia 6310i is the high end of its class and I have paid more to purchase this high-end device. I simply don't understand why Nokia is not fixing the firmware of my device. Eventually this will make me upgrade my phone unless it's fixed. Next time I will think twice before buying a newer model communication device and avoid 'some' vendors, those who ignore 'some' of its customers.
I believe that there is a good protective measure on the market. When you want to ensure maximum protection, use an E2X bag. They are at www.e2xgear and originate from technology used to counter electronic espionage efforts directed against the US intelligence community.
Since the manufacturers of wireless technologies seem uninterested in correcting product design vulnerabilities, it may be necessary for consumers to step in and take measures to ensure their privacy is protected. One thing is for certain, this is only the beginning of privacy issues for consumers who find wireless electronics becoming an integral part of daily life.