Bluetooth-enabled phones and PDAs with inadequate security could become the target of the next wave of security exploits, allowing phreakers to filch confidential information or even make calls using someone else's identity.
Such War Phoning exploits, as they have been dubbed, arise because security features on Bluetooth-enabled devices are sometimes turned off by default, ZDNet reports.
Early reports of the phenomenon come from this week's RSA Security conference, in Paris.
"I have stood at the RSA booth in conferences, with my phone paging for other devices, and watched other people's devices show up," Magnus Nystrom, technical director of RSA Security, told ZDNet.
He reports that many devices permitted access without requesting a "pairing code", opening the door to all manner of abuse - stealing personal data of passers-by or even making calls on other phones - in the hands of the unscrupulous.