[Discuss] A Little OT: The Password Post-It

[Richard Pieri]

Regarding the Bluetooth proximity unlock, there is a way to exploit such a system without the victim ever being without his fob.  It's a simple exploit.  Car thieves have been using it for several years with RFID-based start and unlock fobs: use a pair of transceivers to extend the RFID range.  In networking terms, the paired transceivers form a bridge between car and fob.

A similar attack against a Bt proximity unlock could work the same way.  The transceivers need to be a little more sophisticated to handle the frequency hopping that Bt uses but that isn't difficult: just gang together enough transceivers to handle the full spectrum and run them in parallel.

--Rich P.