1 |
On 27 Jan 2010, at 12:28, Neil Bothwick wrote: |
2 |
|
3 |
> On Wed, 27 Jan 2010 08:33:57 +0000, Stroller wrote: |
4 |
> |
5 |
>>> You mentioned that the headset's PIN can't be changed. Couldn't |
6 |
>>> anybody pair with it if they enter 0000? |
7 |
> |
8 |
>> They can't because you have to hold the button down to initiate the |
9 |
>> pairing process. |
10 |
> |
11 |
> Even if they could, what's the point? It would only mean that you |
12 |
> would |
13 |
> be able to make and receive calls using their phone :-O |
14 |
|
15 |
I have this notion that the security implications are a little wider |
16 |
than this. |
17 |
|
18 |
If one could pair with any arbitrary headset, without the requirement |
19 |
to hold the button down, one could surely (?) pair with that headset |
20 |
and use it as a bugging device when it wasn't in use by the owner. |
21 |
|
22 |
Stroller. |