[Full-Disclosure] Re: Serious flaws in bluetooth security lead to disclosure of personal data
Pentest Security Advisories
alerts at pentest.co.uk
Fri Nov 14 10:21:04 GMT 2003
Jordan Wiens wrote:
>>The ultimate fix is for manufacturers to provide a greater separation of
>>services, an attitude that seems to have been taken with the Ericsson T610.
> I'm a bit confused; if I read it right, the first report specifically
> mentioned this as a vulnerable device, now it's listed as one that got it
> right? Did I misread?
No, you didn't misread - The T610, whilst still vulnerable to some
attacks, does provide more protection
of OBEX profiles. In this respect, it's better than the other phones /
devices we've tested.
On the particular T610 that was tested, we found that whilst it was
possible to upload files to the phone we could not download files from it.
Full-Disclosure is hosted and sponsored by Secunia.