Just when you felt comfortable about having your Bluetooth hands-free device with you in the car, along comes Car
Whisperer, software debuted at Defcon with one goal: to subvert your hands-free lifestyle. Sure, it's not much more
than a simple Bluesnarf attack, but what's
clever is that the software preys only on those most particularly weak of security Bluetooth devices, the hands-free.
Since most have a passkey of 0000 or 1234, the Car Whisperer merely waits sending out pings for hands-free devices.
When one comes into range, it tries to negotiate a connection wherein Car Whisperer will pass it the predicted passkey,
and allow the attacker to listen in on conversations in the car (but not calls), or inject audio into the line. Good
thing for everyone using Bluetooth that it's (relatively) short range—a car driving at 65mph using even longer range
Class I Bluetooth has come and gone in less than a few seconds.
[Via The Reg]