Bluejacking Tools

Bluejacking in 2011

admin — Thu, 05 May 2011 10:38:58 +0000

This is a personal article. I have not shared my bluejacking experienced online for a long time. Many people has been asking me if bluejacking is dead. Some say that smartphones and iphones cannot be bluejacked. Others says that it is very difficult to do so. I often have my doubts.
A recent holiday to thailands points out otherwise. Bluejacking is well and alive in the city of Bangkok. While on thei city train, I saw a bunch of teenages playing with their phone. And guess what, there were bluejacking other people on the trains (Not in English). I got to see a few amused, confused or even angry faces of people who recieved messages which I cannot see, nor will comprehend if I get to see them.
Of course, the small group of teenages were making looking so suspicious, intently looking and typing into their phones that they are the prime suspect. No on confronted them and even if they do, bluejacking is mere fun, nothing illegal.
What pleased me was some of these boys were carrying smartphones, iphones and yes they can be bluejacked. I have not tried a blackberry.

A reminder to all that bluejacking is the fun of sending messages through bluetooth to another phone, often a unsuspecting person. But there is no stealing of data or usagge of the phone. That is bluesnarfing and bluebugging and is certainly not encouraged.

So go ahead and enjoy bluejacking in 2011

iphone security flaw

admin — Fri, 22 Apr 2011 09:28:07 +0000

iphone and ipad contains hidden file that tracts and store user location secretly.

A recent technology conference in United States reveal a report that is going to invoke a lot of questions. The report shows that iphones and ipads contains a hidden file in the operating software. This hidden file stores a person geographical location and marks them with a time stamp. This information is stored onto any local computer that the iphone syncs with and is stored as an non encrypted file, which means anyone can access the data.
While this has raised privacy issues with iphone and ipad users, Apple might not be legally wrong as it has disclosed in it’s privavy policy that it would collect, use and share real time geographical location of your apple computer or device.

It is not clear why Apple is collecting this data, how it is collecting it and what it plans to do with it. But this has riled many users who feel that their rights has been compromised, especially when the file was a hidden one.

The other problem is that, having the data stored onto any local computer the iphone syncs with, the data can easily fall prey to anyone easily.

Given iphone’s popularity, will this revelation affect the sales of it’s devices? Time will tell.

Android Securities 2011

admin — Fri, 15 Apr 2011 14:41:37 +0000

Google release security patch for Android Market

Goodle has deleted more than 50 apps for the android market and released a security patch after there has been several accounts of malicious attacks on android systems. Google has not stated clearly what kind of data has been compromised.

The infected apps contain a malware called DroidDream. In order to combat this malware, googlde released an Anfroid Market security tool.

According to google, it is reported that the DroidDream malware will not affect Android versions 2.2.2 and above.

Magic Blue HAck Bluejacking Software

admin — Fri, 14 Jan 2011 11:57:20 +0000

Magic Blue HAck Bluejacking Software is one of the newwer software to help bluejack mobile phones. While the security backdoor has been patached in the newer phones, as long as pairing was previoudly done, the software can gain easy access the the device.

Features:

Jar file compatible with most mobile phones
Browse and check the device details of people around
Stand alone tool tht allow access to most function of the phone
Does not require pairing for the older phone models

iphone Mobile security flaw

admin — Thu, 02 Dec 2010 12:18:45 +0000

A Brazillian iphone 4 user found a security flaw in the iphone4 that allows uers to bypass the phone’s locking system to access the phone. The user have full access to the phone including all it’s stored data and being able to use the phone to make phone calls.

The method is simple enough:

1) Tab the emergency button

2) put in 3 punt sign.

3) Tab the call button and tab the lock button right after that.

The user has created a video to show how it is done. Apple has responded by providing the fix for the flaw in the November update.

Mobile Spy software updates

admin — Sun, 07 Nov 2010 03:47:18 +0000

In the year of 2010, several software companies has offered updates to their Mobile spy software which gives its user even more access to the “compromised” mobile phone.

One of them is Retina-X Studios studios, who annouced an update to their Mobile Spy software today which now offers a complete monitoring solution geared towards parents and employers. The service which cost about $100 per year had previously allowed users to monitor the calls, SMS, browser and GPS of the device. The new updates allows users to monitor all email, photos and videos that is captured by the device.

Whether this is legal especially when it comes to employers who uses it to montor their employees is a questionable question. But there is no question that increased understanding of the mobile phone security process by these companies are allowing more and more information to be captured by their users.

While the biggest users of these monitoring software are employers, increasing number of parents use it to monitor their children, and an increasing number os spouses are using it to monitor their partner. There has been no incidents of people using the information captured in legal proceedings yet, but it will be interesting when that eventually happens.

For now, users can get easy access to these software over the Internet.

Firesheep exploits Wi-Fi loophole

admin — Wed, 27 Oct 2010 07:11:34 +0000

A new firefox add-on called firesheep allows users to exploit a flaw in public wifi network. This add on was released by Mr Eric Butler according to computer world. This add-on exploits the same loophole which goggle uses for it’s Google street view cars.

With firesheep, a user can see other users who are connected using an unsecured wi-fi network. They can then go in their facebook, twitter or google account using the user’s cookie which is freely available. Users are then free to do anything to the account as though it was their own.

BH Bluejack Bluejacking Software

admin — Mon, 06 Sep 2010 15:31:41 +0000

BH BlueJack is an open-source bluejacking software. It simplifies the process of bluejacking to a simple press of the buttons

Features:

Witten in Python
For Symbian S60 phones

Templates included
Help menu included

UAE to suspend blackberry services

admin — Wed, 04 Aug 2010 07:51:31 +0000

The United Arab Emirates (UAE) and Saudi Arabia has threatened to suspend blackberry services. Their concern is the inability for the government to monitor encrypted data transmitted via blackberry. Blackberry devices has always been concern about mobile security and all data transmitted are encrypted. Data area only decrypted within the sever and the blackberry device with the private decryption key stored.

UAE is now in private talks with the blackberry service provider RIM. No information is available as to what the UAE are actually requesting, but RIM has assured it’s customer that the service will continue to be provided.

The moral of the story is, you can’t enjoy your privacy, even if you are willing to pay for it.

Short notes:WPA2 Vulnerability

admin — Wed, 28 Jul 2010 05:56:43 +0000

WPA2 Security protocol is one of the best and commonly used Wi-Fi encryption and authentication standards. According to PCWorld, security experts has uncovered a vulnerability that could compromise the Wi-Fi security. Wi-Fi users in the same network and logged in can potentially decrypt the private data of another user. They can also install malware into the network.