On Jan 8, 10:03*am, Steve Koerner wrote:
If the puck talks BT or similar to the handset then it's only a matter
of time until it is hacked.

Unless the link is properly encrypted.

Steve

Why would that be a problem? :-)

I've not heard for sure that the link is Bluetooth, but that makes the
most sense. On a new current device like this I'd expect Bluetooth 2.1
SSP with automatic pairing for ease of use.

ANd I'd guess the link protocol is likely just serial over Bluetooth.
You send known text from the keyboard unit over the link to the SPOT.
That makes reverse engineering the key relatively easy. Once you have
that it is just a matter of sniffing the control protocols for getting
the device to do stuff. You can also hack the initial paring exchange
with a man it the middle attack. Once you have their protocols for
sending text messages you go implement that in software on your
favorite PDA etc. and you can have that link equally encrypted as the
original device is.

I expect Gloablstar to be very careful about limiting transmission
rates and that kind of thing is embedded pretty deep inside the "puck"
not something you can mess with over bluetooth.

Like I said I expect this to be hacked. All kinds of folks might want
to play with this.

Darryl