The Car Whisperer: Eavesdrop On and Take Part In Nearby Bluetooth Conversations (a/k/a Bluejacking)

The Internet Patrol default featured image
Share the knowledge

Meet the Car Whisperer. We told you it could happen. Remember the BlueSniper “Rifle” which could sniff out and Bluejack Bluetooth devices up to a half-mile away?

And the Bluetooth Bluespam being sent to movie-goer’s phones? [Oh sure, the company called it “ringtones” and “wallpaper”, but we all know better.]

So it’s not a far stretch at all to expect that someone would create a device which allows one to crack the passcode on a Bluetooth phone and/or Bluetooth headset, and listen in on conversations, and even participate in them.

And that’s exactly what the Car Whisperer does.

Explains Martin Herfurt, of Trifinite.org, where the tool was developed, on the Trifinite site, the Car Whisperer “allows people equipped with a Linux Laptop and a directional antenna to inject audio to, and record audio from bypassing cars that have an unconnected Bluetooth handsfree unit running.”

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

This is much simpler than it sounds because many, if not most, Bluetooth devices are “protected” (and I use the term loosely), by a simple 4-digit passkey which is almost always the exact same passkey, by default, from most major Bluetooth accessory manufacturers. And not only is the default passkey the same across manufacturers, but there is usually no way for a user (the owner of the accessory) to change that passkey. So those who wish to eavesdrop on or inject themselves into your conversation, with a Car Whisperer or otherwise, don’t even need to guess at the passkey for your Bluetooth system, as it’s almost certainly that default passkey.

Herfurt goes on, “This tool allows to interact with other drivers when traveling or maybe used in order to talk to that pushy Audi driver right behind you ;) . It also allows to eavesdrop conversations in the inside of the car by accessing the microphone.”

Wheee!

Tempting though it may be to give that Audi driver a piece of your mind, the implications for this are serious.

What can an end-user do to protect themselves? First, check your Bluetooth devices to see whether you can change the default passkey to something of your own devising. If you haven’t bought that Bluetooth device yet, consider the ability to change the passkey as a factor in your purchasing decision. Unfortunately, if you already have a Bluetooth device, with an unchangable default passkey, there’s not a whole lot you can do besides diligently monitoring your Bluetooth connections for unusual activity.

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 


Share the knowledge

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.