From: Shenk, Jerry A (jshenk@decommunications.com)
Date: Wed Mar 15 2006 - 22:29:06 EST
Wow! That seems a little risky to me. What he's saying may be
true...there is no expectation of privacy in the BlueTooth, WiFi and
some other specific spectrums. While there may not be an expectation of
privacy (from a legal perspective...the user may not know that), what
gets done with the data may clearly be illegal. I would think the act
of displaying the private information of people at the conference would
be a violation of something.
This whole debate has been doing on for years in the WiFi world and a
lot of people argue strongly on both sides. The place people get into
trouble is what they do. In one case, a "security practitioner"
modified some files on a network to demonstrate a vulnerability...that
was a mistake. I've seen credit card numbers in the clear...obviously
using them would clearly be illegal. I have demonstrated information
that I've found but prior to demonstrating it, I'm been careful to
obfuscate it to the point that I wasn't telling anybody that somebody
else's network was vulnerable.
-----Original Message-----
From: mht3@earthlink.net [mailto:mht3@earthlink.net]
Sent: Wednesday, March 15, 2006 8:48 AM
To: pen-test@securityfocus.com
Subject: Legality of blue tooth hacking
What is the current legality of blue tooth hacking?
At a recent Cisco security product meeting, I observed a security
practice director outside snarfing phone numbers and addresses from the
various people who were attending the meeting. He got up and presented
the information saying there was no law preventing him from snarfing
information. I seem to recall attending a conference a while back where
the laws regarding this type of blue tooth snarfing was discussed.
thanks for the assistance
/m
------------------------------------------------------------------------
------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to
proactively
protect your applications from hackers. Cenzic has the most
comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic
Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm
your
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------
------
**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this communication in error, please notify the sender and delete this e-mail message. The contents do not represent the opinion of D&E except to the extent that it relates to their official business.
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:41 EDT