Nokia 諾基亞等 設備系統漏洞

SNARF attack: Ericsson: T68, T68i, T610 Nokia: 6310i, 7650

BACKDOOR attack: Nokia: 6310i, 7650

There are serious flaws in the authentication and/or data transfer mechanisms on some bluetooth enabled devices. Specifically, two vulnerabilities have been found:

Firstly, confidential data can be obtained, anonymously, and without the owner's knowledge or consent, from some bluetooth enabled mobile phones. This data includes, at least, the entire phonebook and calendar.

Secondly, it has been found that the complete memory contents of some mobile phones can be accessed by a previously trusted ("paired") device that has since been removed from the trusted list. This data includes not only the phonebook and calendar, but media files such as pictures and text messages. In essence, the entire device can be "backed up" to an attacker's own system.

Finally, the current trend for "Bluejacking" is promoting an environment which puts consumer devices at greater risk from the above attacks.

文多恕略 :D 請找 GOOGLE :D ;)