Wireless Security: The Trouble with Bluetooth

Although wireless security is a hot topic these days, you seldom hear any conversations about the vulnerabilities in Bluetooth technology. Perhaps the technology isn't touched on because of its short range, and the fact that it's primarily used with cellular communications. However, there are a few experts aware of the flaw in Bluetooth, believing that it is one the most inefficient technologies of modern times in regards to security.

Bluetooth was intended to be the basis of the PAN (personal area network) setting, providing a way for devices in close proximity to wirelessly communicate with each other. The range of these transmissions range from an estimated 1 to 100 meters, depending on the device's power. The most powerful class of Bluetooth devices have the ability to communicate at distances similar to a Wi-Fi network, which is typically more than 300 feet. Similar to a wireless computer network, Bluetooth is susceptible to a wide range of security threats.

Why Security Matters

While most people only use Bluetooth to connect a wireless headset or another device to a portable computer, this technology has many other uses as well. For instance, some people use Bluetooth to create temporary computer networks. This is commonly done in a corporate setting where staff members have a need to share files. When using Bluetooth to establish a network, computers interact directly with one another opposed to using a wireless access point. This means there is no centralized point of control, creating a major security concern as important data can be exposed to others using the Bluetooth network. Since the range for some classes of Bluetooth devices can be well over 300 feet, an outsider may be able to establish a link from your network even when not directly in the vicinity.

Bluetooth-enabled mobile phones are another concern. These devices often stored personal information such as calender information, home addresses, contact phone numbers and other sensitive data. Someone with a little knowledge on the technology can use it to hack into these phones and thieve that information, a practice more commonly termed as bluesnarfing.

Bluebugging is a similar Bluetooth hacking technique. It involves accessing a mobile phone's commands which allows an intruder to make calls, add, modify or delete contacts or eavesdrop on the victim's phone conversations. Bluetooth devices have also been targets of DoS attacks (denial-of-service) attacks. Similar to computer network exploits, this attack involves flooding a device with so may request it becomes inoperable as the battery quickly degrades.

Bluetooth technology has also been targeted by malware in the form of viruses and worms. One such infection is Cabir, a piece of malicious software that propagates to other Bluetooth-enabled devices using the Simbian OS. An attacker can use this type of exploit to erase phone numbers and contacts or completely seize control of someone else's phone.

Preventing Bluetooth Exploits

The relatively short range of these devices is a contributing factor to many of the security issues. These vulnerabilities are currently being addressed by several mobile phone manufacturers. Since this technology is so fragile and still relatively new, it is important that you frequently upgrade to the most recent Bluetooth-enabled devices and keep them updated with the latest software.

Log in or sign up to comment.

Post a comment

Log in or sign up to comment.
Identity theft comes in many forms.

A person\92s identity can be 'borrowed' for the purpose of creating fictional credit cards or a person\92s entire identity can be usurped to the point where they can have difficulty proving that they really are who they claim to be.

Up to 18% of identity theft victims take as long as four years to realize that their identity has been stolen.

There are many ways to protect your personal identity and many steps you can take to prevent your identity from being stolen:

*Never give out unnecessary personal information
*Never provide bank details or social security numbers over the Internet
*Always remain aware of who is standing behind you when you type in your personal credit codes at ATM machines and at supermarket checkout swipe machines.