| 1 |
On 27 Jan 2010, at 12:28, Neil Bothwick wrote: |
| 2 |
|
| 3 |
> On Wed, 27 Jan 2010 08:33:57 +0000, Stroller wrote: |
| 4 |
> |
| 5 |
>>> You mentioned that the headset's PIN can't be changed. Couldn't |
| 6 |
>>> anybody pair with it if they enter 0000? |
| 7 |
> |
| 8 |
>> They can't because you have to hold the button down to initiate the |
| 9 |
>> pairing process. |
| 10 |
> |
| 11 |
> Even if they could, what's the point? It would only mean that you |
| 12 |
> would |
| 13 |
> be able to make and receive calls using their phone :-O |
| 14 |
|
| 15 |
I have this notion that the security implications are a little wider |
| 16 |
than this. |
| 17 |
|
| 18 |
If one could pair with any arbitrary headset, without the requirement |
| 19 |
to hold the button down, one could surely (?) pair with that headset |
| 20 |
and use it as a bugging device when it wasn't in use by the owner. |
| 21 |
|
| 22 |
Stroller. |
Archives