http://news.zdnet.co.uk/communications/wir...39145881,00.htm
and for wappers. it looks like a new way of bluejacking with ftp bluetooth profile enabled phones lets you browse the inner folder/file structure of any bluetooth device, and this way you can actually "steal" ringtones, images... and contacts.
"
A serious Bluetooth security vulnerability allows mobile phone users' contact books to be stolen. You've heard of bluejacking - now meet 'bluesnarfing'
A security flaw has been discovered in Bluetooth that lets an attacker download all contact details along with other information from a vulnerable phone, while leaving no trace of the attack.
Unlike bluejacking, which is where users can send a message to Bluetooth phones without authorisation, this latest discovery for the wireless-data standard allows data, such as telephone numbers and diary entries, stored in a vulnerable device to be stolen by the attacker. The new exploit is called bluesnarfing.
Bluesnarfing is said to affect a number of Sony Ericsson, Ericsson and Nokia handsets, but some models are at greater risk because they invite attack even when in 'invisible mode' -- in which the handset is not supposed to broadcast its identity and should refuse connections from other Bluetooth devices.
Bookmarks