<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
    <title>vulnerability on trifinite.org</title>
    <link>https://trifinite.org/tags/vulnerability/</link>
    <description>Recent content in vulnerability on trifinite.org</description>
    <generator>Hugo -- gohugo.io</generator>
    <language>en-us</language>
    <lastBuildDate>Fri, 01 May 2015 00:00:00 +0000</lastBuildDate><atom:link href="https://trifinite.org/tags/vulnerability/index.xml" rel="self" type="application/rss+xml" />
    <item>
      <title>Tricking Android Smart Lock with Bluetooth</title>
      <link>https://trifinite.org/stuff/android_smart_lock/</link>
      <pubDate>Fri, 01 May 2015 00:00:00 +0000</pubDate>
      
      <guid>https://trifinite.org/stuff/android_smart_lock/</guid>
      <description>The Smart Lock Feature allows Android users (Android version 5.0 and later) to automatically unlock their smartphone whenever a trusted device, Wi-Fi network or geo location is in close proximity. Trusted devices could either be NFC tags or Bluetooth devices. Looking at Bluetooth devices, it turned out that the Smart Lock implementation had at least one security issue that got resolved.</description>
    </item>
    
    <item>
      <title>BlueChop</title>
      <link>https://trifinite.org/stuff/bluechop/</link>
      <pubDate>Sun, 01 Jan 2006 00:00:00 +0000</pubDate>
      
      <guid>https://trifinite.org/stuff/bluechop/</guid>
      <description>BlueChop is an attack that the disrupts any established bluetooth piconet by means of a device that is not participating the piconet. A precondition for this attack is that the master of the piconet supports multiple connections (a feature that is necessary for building up scatternets).</description>
    </item>
    
    <item>
      <title>BlueDump</title>
      <link>https://trifinite.org/stuff/bluedump/</link>
      <pubDate>Wed, 01 Jun 2005 00:00:00 +0000</pubDate>
      
      <guid>https://trifinite.org/stuff/bluedump/</guid>
      <description>BlueDumping is the act of causing a Bluetooth device to &amp;lsquo;dump&amp;rsquo; it&amp;rsquo;s stored link key, thereby creating an opportunity for key-exchange sniffing to take place. The attacks on link keys and PINs were first publicised by Ollie Whitehouse, at CanSecWest, in which he describes a method by which the PIN and link-keys can be obtained if a pairing event can be witnessed with a Bluetooth sniffer.</description>
    </item>
    
    <item>
      <title>BlueBump</title>
      <link>https://trifinite.org/stuff/bluebump/</link>
      <pubDate>Fri, 01 Apr 2005 00:00:00 +0000</pubDate>
      
      <guid>https://trifinite.org/stuff/bluebump/</guid>
      <description>The BlueBump attack is the Bluetooth equivalent to a very cool physical security thread called key bumping. When used correctly, an appropriate bump key can be used to open any lock in seconds. Since the BlueBump attack is also about keys (link keys in this case) we named this attack after this amazing technique.</description>
    </item>
    
    <item>
      <title>BlueSnarf&#43;&#43;</title>
      <link>https://trifinite.org/stuff/bluesnarfpp/</link>
      <pubDate>Fri, 01 Apr 2005 00:00:00 +0000</pubDate>
      
      <guid>https://trifinite.org/stuff/bluesnarfpp/</guid>
      <description>BlueSnarf++ is an attack that is very similar to the famous BlueSnarf attack. The main difference is that BlueSnarf++ is an attack where the attacker has full read/write access to the device&amp;rsquo;s filesystem. The manufacturers of the devices that are known to be vulnerable have been informed about this issue.</description>
    </item>
    
    <item>
      <title>HeloMoto</title>
      <link>https://trifinite.org/stuff/helomoto/</link>
      <pubDate>Fri, 01 Apr 2005 00:00:00 +0000</pubDate>
      
      <guid>https://trifinite.org/stuff/helomoto/</guid>
      <description>The HeloMoto attack has been discovered by Adam Laurie and is a combination of the BlueSnarf attack and the BlueBug attack. The attack is called HeloMoto, since it was discovered on Motorola phones.
Method The HeloMoto attack takes advantage of the incorrect implementation of the &amp;lsquo;trusted device&amp;rsquo; handling on some Motorola devices.</description>
    </item>
    
    <item>
      <title>BlueSmack</title>
      <link>https://trifinite.org/stuff/bluesmack/</link>
      <pubDate>Wed, 01 Dec 2004 00:00:00 +0000</pubDate>
      
      <guid>https://trifinite.org/stuff/bluesmack/</guid>
      <description>BlueSmack is a Bluetooth attack that knocks out some Bluetooth-enabled devices immediately. This Denial of Service attack can be conducted using standard tools that ship with the official Linux Bluez utils package.
Introduction The &amp;lsquo;Ping of Death&amp;rsquo; is basically a network ping packet that used to knock out early versions of Microsoft Windows 95.</description>
    </item>
    
    <item>
      <title>BlueBug</title>
      <link>https://trifinite.org/stuff/bluebug/</link>
      <pubDate>Thu, 01 Apr 2004 00:00:00 +0000</pubDate>
      
      <guid>https://trifinite.org/stuff/bluebug/</guid>
      <description>BlueBug is the name of a bluetooth security loophole on some bluetooth-enabled cell phones. Exploiting this loophole allows the unauthorized downloading phone books and call lists, the sending and reading of SMS messages from the attacked phone and many more things.</description>
    </item>
    
    <item>
      <title>BlueSnarf</title>
      <link>https://trifinite.org/stuff/bluesnarf/</link>
      <pubDate>Sat, 01 Nov 2003 00:00:00 +0000</pubDate>
      
      <guid>https://trifinite.org/stuff/bluesnarf/</guid>
      <description>The BlueSnarf attack is probably the most famous Bluetooth attack, since it is the first major security issue related to Bluetooth enabled devices. BlueSnarf has been identified by Marcel Holtmann in September 2003. Independently, Adam Laurie discovered the same vulneralbility in November 2003 posted the issue on Bugtraq and got in touch with the respective device manufacturers.</description>
    </item>
    
  </channel>
</rss>
