Out-Law / Your Daily Need-To-Know

Security experts claim that some Bluetooth-enabled phones and PDAs allow unauthorised individuals to access personal contacts and appointments and even make phone calls using the owner’s identity, according to ZDNet. This is because the security features on these devices are sometimes disabled by default.

Under Bluetooth’s security specification, before two devices will communicate, a matching code number must be entered into both devices. However, Magnus Nystrom, technical Director of RSA Security, told ZDNet that many Bluetooth-enabled devices allow access without demanding a “pairing” code.

The vulnerability could be used to steal phone numbers from a victim’s contacts list and to make calls which are charged to the victim’s account and which use the victim’s identity.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.