this activity in my area would secure a sever beating

whether he did it under optimal conditions (which hackers do not get very often) or not, the point is that "it's out there and plausible". Ooooooor the guy is trying to sell classes at his website... either or!

he has the voice of a fucking 12 year old

i love how u named the injected adio eargasm

If this was real, this guy looks like the perfect lonely creep that would do it.

gay!!!!!!!!!!!!!!!!!!!

This will only work if you know the address. Although, he does have a point that this displays some insecurities of the bluetooth technology, simply because it is a "security by obscurity" design, which has been shown to fail time and time again.

eargasm?

thayerr!!!



@shanethemainman Would that stop you?

if you know the password (he says 0000 is standard), you can break in in all bluetooth headset devices with a regular phone

what phone does he have? pleasee//

very good information

la traduccion anda mal pero el video esta bueno!

you should have said'' fortunatly'' istead of ''unfortunatly thats not true'' at 0:51

Bluetooth RF can be extended 7-10+ miles depending on the custom RF front-end and 26+ miles from SIGINT satellites.

@TheMightyKinkle ...I disagree with you. His sentence was grammatically correct. Furthermore, I will not comment on YOUR spelling.

Fear not. He cannot listen in on your phone conversations. This is mostly BS. Notice he already had the BT address of the target device. You cannot get this unless the target device is discoverable. Headsets do NOT stay discoverable. This was staged to make you afraid. While it is technologically possible, an attacker is going to have to capture the headsets BT address. This is NOT possible in the setting he is describing.

@maxfli58 - Many devices become briefly discoverable when first turned on. A common instance would be such as in an airport where lots of people are turning their device on as they get off a plane. If you wanted to target a specific person, you might stake out their house until they get up and head out to work. You're likely to see their headset turn on then. Other scenarios may be less common, but possible.

@maxfli58 I don't think this was mad to really make people afraid, I see it more as pay attention to your bluetooth settings.

@maxfli58: You can easily get the BT address, google Car Whisperer on trifinite website.

Please next time, learn a little more about a subject before responding, especially on expert IT topics.

TO ALL: SANS Institute is the world's top security training company, and this video is not just from a hacker, average IT person or a journalist trying to prove their point.

@maxfli58 Very true, it has to be discoverable... and you have to put it in that mode.. although I'm curious if it'd be possible to find it by sniffing the bluetooth traffic in the air the same as you can sniff wifi and get a hidden ssid.. regardless even if you could do that you'd need a bluetooth scanner, they're expensive.. the D-link DBT-120 is modable but most people would never be able to successfully mod the firmware of the device and get it to work.

so basically people need to change the pin code from the default one... makes sense.

This is a quality video man

interesting video,good awareness for people that use bluetooth

Arbitrary audio.

Let's hope this becomes so common. Whenever I see some self-important asshole wearing one of those dorky things, I want to slap them.

Absolutely excellent video! Shows practical use of this exploit, while showing the commands in clear view too. I'm duplicating your strategy right now. Much appreciated, thanks!

Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs. This allows access to a calendar, contact list, emails and text messages, and on some phones users can copy pictures and private videos. Currently available programs must allow connection and to be 'paired' to another phone to copy content.

Would this work from osx?  Where is bluetooth installed on osx?

Tooooo funny. Linux rules!!!!

I'll have a cafe mocha please

Hottie!! @ 24 seconds (in white)

bluetooth headsets, by default, won't accept remote connections unless you manually switch the device into "connect mode"

in reply to pepeddu, every time a call connects to the phone, the phone connects to the headset, the laptop poses as a phone

Unless you know the headset's MAC address your PC will be idling there for a long time.

And even then, when the phone receives request from two devices with the same MAC addresses all sorts of errors starts to happen.

Wow you just commit a crime and record it and put in on internet with detail information on how you did it, great job genius!

lol... ur dumb. it was clearly him making an example using his blue tooth... he commited no crime GENIUS!

this is very cool and worked on my fathers phone :) it was hilarous to inject some strange sound while in convo :d

private investigators have devices available to them to monitor anyone's cellphone conversation legally. no hack needed. we are speaking about non-governmental or police work here. if you are a registered investigator you can do this, but then they have a need for it. why do you need to do this anyway if it isn't for legit reasons, entertainment?

turned my bluetooth off

what are you, 100, retard, as if he is gonna show u exactly how to do it, if he did u would try and fail, dumbshit

are you from the past?

I know exactly where you are! There's the SciLi and Thayer Street, and the bus tunnel! Right outside Brown.

If you watch carefully, when he's listening to the conversation, the words "dramatization" appears on the bottom. In reality he was probably just hearing a guy drinking his coffee. To search for a bluetooth device in the first place, i'd need to be in paring mode. It's more likely that people's phones are being hacked more than the bluetooth headset itself. Don't believe me? Try going to a mall and searching for bluetooth devices on your phone.

I am doing Prom work about Bluetooth technology and. Bluetooth uses frequency of 1600Hz and operates in frequency range of 2.4GHz - 2.43 GHz which is equal to microwave oven. Bluetooth is safest communication technology and even US army uses it on short range. So my opinion is that BT can not be hacked.... or if it can, that is very slow process and difficult.

o thats nice TEACH us how to evesdrop and for those out there attack with this nice

i wanna know how to control the linux laptop with the phone :P

WiFi/VPN + SSH

and yes he runs linux

Yes, bluetooth is not a secure protocol, this is but one simple tool and technique used against such devices, one of many, yes it works, no its not a spoof, carwhisperer is a freely and openly distributed, proof of concept tool. Criminals have tools that have a much greater impact, this is just a fun tool to play with. Sans is simply demonstrating, and by that, making you aware about this wide-spread and simple to implement exploit, and there are many more... Be careful with bluetooth!

Or just use a CB radio *shrugs*

BT can be hacked !BEWARE someone can be hearing YOUR CONVERSATION!!

I think what mahammar1 had in mind was that the Bluetooth may have been NAMED after a 9th Century viking",not that it was invented by one.And he's correct,it's on Wikipedia.

BTW,this video is fake,but Bluetooth's technology CAN BE hacked.

wow...?

*According to wikipedia the reason why its called Bluetooth due to the fact it was an American viking in the early 9th Century who invented it.

That's some funny shit there mahammar1.Did Amerigo Vespucci invent the internet?Oops,I forgot,that was Al Gore.Nevermind.

: D

lol i dont need this cuz im all ready the emperor of evesdroping

u dumbass, u just told the criminals how to do it >:(

Dude he didnt even show how to hook up the antena, let alone getting all the software.

This was vauge and general using ideas that a child could come up with. The technical bits were left out

@se7en1976 UTFG

Antenna: youtube(dot)com/watch?v=cwKWOd­OHiWY

Software: trifinite(dot)org/trifinite_st­uff_carwhisperer.html

Installation: mediakey(dot)dk/~cc/howto-inst­all-carwhisperer-on-ubuntu-9-1­0/

is this illegal?

most likely

i hav a moto ht820.. how do i change the password

Well, suppose that you are a person in charge of a very sensitive project for a business. The competition (or anyone else) could listen in on your potentially important conversation.

hmmm exactly

Answer: Do Not Use Wireless

that has nothing to do with bluetooth, that's wifi

LOL

@unadulterateddagger ????????

@unadulterateddagger how is that wifi, do you actually know anything?

@joejc07 Back when I replied to this video a year ago, someone had said that you can use a WEP key to encrypt the traffic from your bluetooth. Since then, the thread of replies has been lost.

@unadulterateddagger WIFI and bluetooth are standards. They both use the same technology, it's only the control of the technology which differs. This is how you can use wifi hardware with bluetooth standards and vice versa. Its all EM, you see?

@jacksawild Yes, they are the same general technology, EM spectrum, however, that doesn't mean that I can use my WiFi card or bluetooth dongle to capture visible light which is also part of the electromagnetic spectrum (If I'm wrong, I'd love to see that hack). My original comment only had to do with the fact that someone said to use WEP encryption to secure their bluetooth communication.

@involutaryhaxor My mistake. And very good point.

@involutaryhaxor wifi card light shows would be friggin' amazing!

who would go through all of that just to listen to what would most likely be a pointless conversation.

Really this video is a very sneaky NOKIA commercial. O.o

ZOMG! Viral marketing!

LOL! i feel a prank coming on... *uses ubuntu and his bluetooth dongle with his dad's ear piece*

Nice

This works! Now to turn that cross at the top of the hill into an antenna :D

I love how simple this is, I use it to rick-roll yuppies...epic lulz...

Haha... did anyone notice the part that said eargasm.rav

...lol

i did it to my dad and listened in to a conversation but it wasn't on the phone. I used the blutooth of a mac and it was very simple. But you can't do it unless you steal the blue tooth headset and connect it to your computer.

1.42, what program is that? how to use a bluetooth on pc? my labtop has a bluetooth but how to activate it?

Buy a enhanced blue tooth on ebay item# 380011507970

and ofcourse you can do it with VoIP over wifi also

I saw this guy demo this technique at a SANS conference. It took an hour, during which time he showed us exactly how to determine the bdaddr of the target device, which is the only thing you need to know, since the PIN is always 0000. (Turns out that half the bdaddr is transmitted in the clear; the other half is easy to guess because it is the manufacturer ID and there are only about 30 of these, as I recall). This guy is brilliant and teaches the SANS wireless course.

smart, ive personallly tried it on my sister but not the same way and all of you people who think he is faking you all suck just cause you cant do it dosent mean that its not possible

One of the guys who worked for Marks and Spencers was caught insider dealing by bluetoothing his text messages and phone calls.

anything going over the air can be hacked if you know what your doing

this guy is like beyond genius.

yeh im not going to hack anyone but where do i get all this files and does this run on vista

how come? summat to do with it will only accept a device connection upto one minute after switch on, of the head-set or summat?

This is not bull. I saw Josh Wright's hour-long technical demo showing exactly how it is done. Since then I have avoided bluetooth completely, and won't buy a phone or GPS that supports it.

no, for headsets it's automatic sometimes mostly

oh sure

There are Linux programs for everything, duh!

bad

Error: Can't connect RFCOMM channel: host is down

any help?

thanks

Ok. questions ,,, How did you scan for the bd:address for that bluetooth headset, Is there an app to scan for the bt headsets around me..

I hope someone will answer these

Thanks

i dont care cuz its not like im saying where the secret treasure is when im talking to my mom.

yea.. they all have the same signal...

Big, big brother :S

People who wear BlueTooth headsets when not on a call look like idiots to everyone else.

"People who wear BlueTooth headsets at any time look like idiots to everyone else."

Fixed.

is this because you cant afford one, or is it you are "to Cool" to wear one... dude shut the hell up if you dont know what you are talking about. the blutooth is not just for looks ats to better convienence the average person, and to keep your hands on the steering wheel... so think twice before you say somthing that stupid.

THEY ARE FOR RETARDS

I never mentioned driving. I'm talking about people who walk around the city wearing a headset but not talking to anyone. It's not even a minor inconvenience to just keep the stupid thing in your pocket and pull it out to take a call.

Speakerphone, learn to use it. lol.

i kno you can hack it but im not sure if you can inject audio

nice.but how can i stop ppl from Eavesdropping my BT headset???tell me pls.

You can't unless you can change the PIN number. Even if you can, it is still possible to scan for all values between 0000-9999, so the best way to secure your communications would be encryption.