From: Nathan Keltner (shiftnato@gmail.com)
Date: Mon Sep 25 2006 - 15:53:17 EDT
I'm sure you don't want to elaborate too much when you're giving a
talk on this topic next month, but can you elaborate any?
> Just FYI:
> No need to capture anything, you only need to (physicaly, I mean on
> the HD) grab the Link key and your set. No need for a pin code either.
If you have physical access to the HD, what extra does possessing the
link key get you? You already have complete control of the device.
The link key would allow you to decrypt captured packets, but you're
not talking about captured traffic, so I'm confused.
> Again, sorry for the cheap plug, but Kevin Finistere and myself are
> going to demonstrate both approaches (and a lot more) at Hack.lu
> this octobre. If everything goes well I might aswell release some
> 0day stuff - reconstructing the link key from a pairing exchange
> sniff. (In other words 0wnage)
How did you perform the sniff? Physical tap of some sort?
> See you at: http://www.hack.lu
>
>
> --
> http://secdev.zoller.lu
> Thierry Zoller
> Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
Regards,
N
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:01 EDT