Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-disclosure] Bluetooth Activesync - requesting test
From: Stan Bubrouski (stan.bubrouskigmail.com)
Date: Wed Feb 08 2006 - 21:30:55 CST
Ever since Greg disagreed with me in that ZoneAlarm thread Dave and I
were arguing in, Greg has been forwarding all messages I send to the
list back to me.
Childish and Annoying are great ways to describe it since he could
easily automatically trash my messages if he doesn't want to read
This started on the list, and hopefully this message will help end it
here. I don't want to trash anyone's messages, even Greg's because
they could contain useful information.
Greg stop being a jackass.
On 2/8/06, Greg <full-disclosure2pchandyman.com.au> wrote:
> OK this sounds screwy but if someone has the equipment, can you test and let
> us all know please?
> A PDA I was working on that had to be Activesync'd to one computer had the
> PDA name "John" rather than the standard name that comes with the PDA.
> Another PDA was already working Activesync. Both were over bluetooth
> encrypted. The other one was named "Cheryl" just for info's sake.
> Anyway, "John" was a new PDA of exactly the same make and model as "Cheryl"
> (Mortein syndrome) but what I didn't know and didn't look for, initially,
> was that the computer had been set up by someone else to ONLY allow
> connections from "Cheryl" and no other device and it was set in "non
> discovery" mode, that is, no other bluetooth device supposed to be able to
> find it. When I set John up, it autosync'd for 24 hours and stopped syncing
> again. I went back and did a thorough look and found that "Cheryl" was the
> only one allowed to connect bluetooth to the computer but "John" had,
> So this makes me wonder - and this is what I am asking help with - is it
> possible that bluetooth pairing, connection in total and autosync are all at
> risk if the same model PDA is used even though they are set up with
> different PDA names and even if settings are correct and are NOT supposed to
> allow connection from anything else? If it is, this is a worry.
> Of course, the alternative is that I stuffed something up, I know but for
> the life of me, I cant see what it is. If data is encrypted and only paired
> devices that are NAMED are allowed to connect, I would have thought that
> meant I shouldn't have been able to set the other PDA up but I did.
> Thanks for any info/help.
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/