Trifinite.org is offering a new tool that allows one to eavesdrop on individuals driving some high-tech cars with Bluetooth-enabled headsets and hands-free units. The "Car Whisperer attack," as it is known, takes advantage of a common flaw in Bluetooth implementation wherein some auto manufacturers simply use the same passkey of 0000 or 1234 for authentication and encryption. With the Car Whisperer tool from Trifinite, one can use a Linux laptop and a Bluetooth antenna to listen in on insecure, hands-free conversations or even talk directly to the individuals inside another car. Trifinite urges automakers to vary their passkeys; in the meantime, you should switch your hands-free unit to Invisible mode so that no unauthorized device can make a connection. The researchers at Trifinite also point out that not all Bluetooth car kits use default passkeys and that quite a few now use random passkeys or require users to enter a passkey of their own.