NOW READ THIS
("Security Advisory")

Go Back

Submitted by: Bill Hickey
NCVA List Master

NRT-0300 Bluetooth Security Risks:


Owners of Bluetooth-equipped devices are typically not aware of potential exploits of the technology, according to a newly-released study. Most mobile devices, including mobile phones and laptop computers come with Bluetooth capability embedded in them. The article warns of three primary types of Bluetooth exploit operations: bluejacking, bluesnarfing, and bluebugging.

Bluejacking, also known as "bluespamming", is a technique used to send anonymous text messages to mobile users via Bluetooth. Despite the name, it does not hijack the phone it simply presents a message, similar to e-mail spam. Bluejacking can be annoying, but is generally condsidered a minimal security risk.

Bluesnarfing is a more invasive and interactive capability that involves gaining access to information stored on a mobile device without the owner's knowledge. This operation exploits a security flaw in some older versions of Bluetooth-enabled handsets. The flaw makes it possible to connect to such devices even if the users have configured them to be in "non-discovery" mode.

Bluebugging is possibly the most serious threat. It involves gaining the ability to issue commands via the Bluetooth connection, and using that ability to manipulate the device and, as implied by the name, eavesdrop via the device.

(www.zdnet.com.au 24SEP07)


Valid XHTML 1.0! Valid CSS! Counter Image
Last Modified: Tuesday, 09-Oct-2007 07:20:11 EDT