Bluetooth chipped by hacker tools

The security of Bluetooth has been called into question once again following the release of new tools which could be used to hack into Bluetooth-enabled devices.

The tools appeared in the wake of the Chaos Communications Congress in Berlin, which finished late last week.

Security consultant Thierry Zoller released a PIN recovery tool called BTCrack, which is based on a vulnerability originally discovered in 2005. The tool allows the user to listen into the pairing of two Bluetooth devices and then hijack the devices with full access.

However, Zoller concedes that the lack of an affordable sniffer makes this an unlikely attack to be carried out by all except the most determined of hackers.

On another note, HIDattack, created by programmer Colin Mulliner potentially exploits the Human Interface Device (HID) server function that is installed along with many Bluetooth keyboards. This tool could allow a user to bypass the PIN request when pairing and pretend to be the keyboard.

Again, the short range connectivity of Bluetooth makes this a difficult, but not impossible, attack tangent.