The Car Whisperer
Bluetooth technology, though a useful tool, can be quite an ugly thing. Many cars, or most new cars anyway, have built-in bluetooth devices. With proper enumeration tools, such as the software package The Car Whisperer, from TriFinite.org, anyone can tap into these devices.
See, the problem is that bluetooth manufacturers use null (0000) or simple (1234) PINs for their devices to authenticate to the bluetooth network. Once you can tap that device, you can send messages through the car’s bluetooth audio device (usually tied into the car’s speaker sytem) and record what the people in the car are saying, even if they don’t know they have the bluetooth device on. Just like you can hear what people are saying through their bluetooth earpieces without the necessity for them to be on phone. Once that device is connected to their PAN (Personal Area Network), it is a hot device. If it is on, we can tap it, hack it, snarf it, whatever.
The bluetooth manufacturers need to avoid using those simple PINs for better protection.
Oh, and if you don’t need your bluetooth, turn it off.