Bluetooth® wireless technology is included with many
cell phones and PDAs. It was initially designed to let you
swap documents between other Bluetooth devices without the
use of annoying connecting cables, but has since expanded
to provide services such as Web connectivity and online
game playing. However, any time you transmit information
online, you can be vulnerable to online attack; and as the
popularity of Bluetooth increases, so does its interest to
cybercriminals.
On This Page
The Bluetooth process and vulnerability
When it's set to "discoverable" mode, your
Bluetooth cell phone or PDA sends a signal indicating that
it's available to "pair" with another Bluetooth
gadget and transmit data back and forth. However, an
attacker who detects this signal could also attempt to
pair with your device and hack in to steal your personal
identification number (PIN). You could remain blissfully
unaware, while the attacker, with your PIN in hand, could
be:
| • |
Stealing information stored on your
device, including contact lists, e-mail, and text
messages. |
| • |
Sending unsolicited text messages or images
to other Bluetooth-enabled gadgets. |
| • |
Accessing your mobile phone commands,
which allows the attacker to use your phone to
make phone calls, sent text messages, read and
write phonebook contacts, eavesdrop on
conversations, and connect to the Internet. |
| • |
Installing a virus on your device that
could wreak the same kind of havoc as a virus
could on your computer—for example, slowing or
disabling your service, or destroying or stealing
information. |
Criminals have also been known to drive around with
Bluetooth detectors, looking for cell phones and PDAs to
infiltrate; and to outfit laptop computers with powerful
antennas in order to pick up Bluetooth signals from as far
as a half-mile away. The latest forms of high-tech attack
even include forcing Bluetooth devices to pair with the
attacker's device when they are not in the
discoverable mode. (It's also very labor-intensive, so
targets tend to be individuals known to have a very large
bank account or hold expensive secrets.)
Tips to improve your Bluetooth security
| • |
Keep your Bluetooth setting to
"non-discoverable"
(transmission-disabled) and only switch it to
"discoverable" when you're using it.
Just leaving your cell phone or PDA in the
discoverable mode keeps it dangerously open for
Bluetooth transmission—a Bluetooth user within
up to a 30-foot range can receive your signal and
potentially use it to access your device as you
walk around town, drive, or even walk through your
office. |
| • |
Use a strong PIN code. Codes of five
digits or longer are harder
to crack. |
| • |
Avoid storing sensitive data such as
your social security number, credit card numbers,
and passwords on any wireless device. |
| • |
Stay up-to-date on Bluetooth
developments and security issues, and regularly
check with the manufacturer of your device for
news on software updates or any specific security
vulnerabilities. |
More Bluetooth tidbits
Q: Why is this technology called Bluetooth?
A: Just as Bluetooth wireless technology links
two different gadgets together, the 10th century Danish
king Harald "Blatand" united the separate
kingdoms of Denmark and Norway. "Blatand"
loosely translates to "Bluetooth" in English.
Q: What does it mean when someone gets "Bluejacked"?
A: "Bluejacking" is one of many terms
of Bluetooth attack jargon:
| • |
Bluejacking: sending unsolicited text
messages |
| • |
Bluesnarfing: stealing information |
| • |
Bluebugging: stealing mobile phone
commands |
| • |
War-nibbling: driving around looking for
Bluetooth signals to attack |
| • |
Bluesniping: using a laptop and powerful
antenna to attack from a distance |
The Bluetooth trademarks are owned by Bluetooth
SIG, Inc.
top of page |
Hotmail
HISTORY
TODAY
