As Bluetooth has continued to penetrate daily life and daily lexicon, it was only a matter of time until the seedy side of blue life reared its head. What has come about is a flurry of jargon associated with Bluetooth’s security flaws.
Bluejacking, bluehacking and bluesnarfing are some of the most talked about security snafus associated with Bluetooth technology. The following is a primer in what the terms mean and also what they mean to Bluetooth users.
Bluetooth-enabled devices can wirelessly send information to and from each other, such as contact information, messages, photos, etc.
Bluejacking occurs when one uses a Bluetooth device to send a random, unsolicited message to another Bluetooth device. It sounds more detrimental than it actually is, as no data from the recipient device is extracted. Usually, bluejacking is done for fun and involves one user sending a generic (or targeted message) to a recipient with the Bluetooth search function.
For example, you could create a phone book entry and call it something along the lines of “Hello, you have been bluejacked!” You could then search for other Bluetooth devices and send that “contact” info to the other devices.
The result is nothing more detrimental than annoyance on the receiver’s end. But, it might make you rethink the security of your own device.
Bluesnarfing (sometimes called bluebugging) is somewhat more invasive than bluejacking. This is when a Bluetooth device is hacked into in order to retrieve data, and it mainly occurs in early model Bluetooth devices and is not as common with newer models, since manufacturers have added in additional security features to help prevent this type of unsolicited attack.
Bluesniping is what one does in order to identify devices open to bluesnarfing.
Users of early model devices should contact the service provider and requesting software upgrades to help protect against these attacks.
A denial of service (DoS) attack occurs when a Bluetooth device is sent multiple requests to pair up. It continues with the constant influx of requests until the device runs out of battery power. While this is annoying, it is not detrimental.
Protecting your device
Even the most useful technology comes with its own set of flaws and quirks. However, there are some common sense steps you can take to protect your Bluetooth devices. First off, when not in use, disable the Bluetooth option. It only takes a few seconds, and it really can prevent any problem.
Another step is to make sure the device is set to nondiscovery mode when you don’t need it. When the device is actively in discovery mode, it is constantly searching for other devices it could potentially pair up with. That little “invitation” is all a hacker, even a mediocre one, needs.
Things start to get dicey when you use more advanced Bluetooth devices, such as the Palm Treo that has Windows Mobile. It takes the threat level to new heights, since those devices sometimes are used to tap back into other servers, such as e-mail. This is when the ability of a hacker to get in to the device becomes more detrimental. In theory, the hacker would then have access to the server with which the device was communicating.
Take comfort in the fact that no major attacks have yet to occur this way. The operative word is “yet.” Most security experts agree it is only a matter of time until someone uses the Bluetooth weaknesses to obtain information for malicious purposes.
While most Bluetooth attacks are twisted forms of entertainment, they have the ability to turn more serious if users do not educate themselves on just how susceptible they make themselves when being completely wireless.
In the end, hacks and attacks are part of daily life in the technology world. When it comes to Bluetooth, one simple step can make all the difference: When you are not using your Bluetooth function, simply turn it off. EC
STONG-MICHAS, a freelance writer, lives in central Pennsylvania. She can be reached at JenLeahS@msn.com.