June 22, 2005
Attacking Phones over Long Distance in Salzburg
Three weeks ago, a hacker with the handle 'Dagobert' was able to retrieve numbers from the phones of three policemen via the BlueBug vulnerability in the area of the german government buildings. Due to a report of this incidence in the german news magazine Spiegel, the german television channel Sat-1 requested a demonstration of the long distance snarf experiment.
Yesterday, a team of three people visited me in Salzburg in order to document the long-distance attacking experiment. In the experiment, we used a bluetoooned Bluetooth Class-1 adaptor together with a home-made helical antenna. This antenna was build together with students of the technical program of the Salzburg University of Applied Sciences and Technologies that also helped us during the experiment.
From the Salzburg Fortress, we were attacking a phone that was located on the big chess-board on the 600 meter away Kapitelplatz. The weather on this day was just perfect and the experiment worked out better than expected.
Pictures of that experiment are in the trifinite.album and the show that this experiment was filmed for is called Planetopia and will air on Sunday the 26th of June 2005 at about 10:45 pm on the german television channel Sat-1.
June 15, 2005
Caught a Worm
As I was arriving at the Salzburg Airport coming back from the trip to Singapore, a message popped up on my Series60 phone while I was waiting for my luggage. I was disappointed to just receive a funny-named .sis (Symbian application) file instead of getting 'toothed'.
Of course I didn't install the received file but saved it to my phone's filesystem. Using the very cool and handy FExplorer tool (Thanks to Dominique Hugo (and his patient girl-friend ;) )) I found out that some infected phone at the very small Salzburg Airport tried to spread the CommWarrior Worm over to my phone via Bluetooth.
This was the first time that my device was subject of a Bluetooth Worm 'attack'. It is too bad that there is still a fairly big amount of people out there that are not aware of this kind of threat and infect their phones by repeatedly hitting the 'Yes'-Button (as tought by Microsoft).
Last week, Adam, Marcel and I spent a week in Singapore in order to follow up with our activities to help manufacturers to build secure devices. During the UnPlugFest we were actively testing with several device manufacturers providing them information and recommendations in point of Bluetooth device security.
There are pictures of our activities besides the event in the trifinite.album.
June 02, 2005
Last weekend, I have been to Berlin in order to participate Phenoelit's yearly event called ph-neutral. This event/party took place in the famous cBase. Interesting talks, an international crowd of geeks and a lot of beer made this event very special.
The pictures of ph-neutral 0x7d5 can be found in the trifinite.album