Bluetooth is a high-speed but very short-range wireless technology
developed for use at home, office and Personal Area Networks.
Over the years Bluetooth integration has been achieved in mobile phones,
Personal Digital Assistants (PDAs) and other consumer devices.
When bluetooth was conceived, an essential element of the technology
was its requirement for a low expectation of end user technical ability
and minimum levels of user setup and configuration for ease of use.
This was adopted to ensure that widespread adoption and utilization of
Bluetooth technology by the general public could be achieved.
A direct consequence of this requirement some users are not aware of the
functionality Bluetooth offers and its potential for exploitation and in many
cases leave the default settings on their devices unchanged. Bluetooth
enabled devices are vulnerable to exploitation using a range of methods
including Bluesnarf, Backdoor and Bluebug.
Bluetooth vulnerabilities
Bluesnarfing is the theft of information from a wireless device
through a Bluetooth connection By exploiting a vulnerability in the way Bluetooth
is implemented on a mobile phone, an attacker can access information --
such as the user's calendar, contact list, lists of missed, received or dialed calls,
e-mail,the device’s International Mobile Equipment Identity (IMEI) and
text messages -- without leaving any evidence of the attack. Other devices
that use Bluetooth, such as laptop computers, may also be vulnerable,
although to a lesser extent, by virtue of their more complex systems.
Operating in invisible mode protects some devices, but others are
vulnerable as long as Bluetooth is enabled. Bluesnarfing works by using the push
profile of the Object Exchange protocol (OBEX) which is a built-in Bluetooth
functionality for exchanging electronic business cards.
This is sometimes confused with bluejacking in which users can send anomynous
messages to the victims devices, which is esentially harmless.
How to Protect yourself from Bluesnarfing
Here are several Advice on proctecting yourself and your mobile devices.
1) Turn off Bluetooth
This is the most foolproof way. If you don't need bluetooh, don't turn in on.
only leave it on when you need it. There is no way anyone can access your
phone via bluetooth if it is switched off.
2) Keep yourself Invisible.
This usually prevents common softwares from "detecting" your device.
Do note that this will not hinder the experienced bluesnafers.
Most of them can detect your device despite it being in "invisible" mode.
3) Password protect
Passwording your devices cannot stop all bluesnarfing. But i can make
things more difficult for them, and esentially stop the amateurs.
I would suggest at least a 5 digit password.
4) Verify Verify Verify
Never pair with an unknown device. This is simply opening the door to an attack.
Once open it may never be closed again.
If you ever suspect anyone is bluesnarfing you, simply switch off your device.
Since it is an invasion of privacy, Bluesnarfing is illegal in many countries.
Over the years Bluetooth integration has been achieved in mobile phones,
Personal Digital Assistants (PDAs) and other consumer devices.
When bluetooth was conceived, an essential element of the technology
was its requirement for a low expectation of end user technical ability
and minimum levels of user setup and configuration for ease of use.
This was adopted to ensure that widespread adoption and utilization of
Bluetooth technology by the general public could be achieved.
A direct consequence of this requirement some users are not aware of the
functionality Bluetooth offers and its potential for exploitation and in many
cases leave the default settings on their devices unchanged. Bluetooth
enabled devices are vulnerable to exploitation using a range of methods
including Bluesnarf, Backdoor and Bluebug.
Bluetooth vulnerabilities
Bluesnarfing is the theft of information from a wireless device
through a Bluetooth connection By exploiting a vulnerability in the way Bluetooth
is implemented on a mobile phone, an attacker can access information --
such as the user's calendar, contact list, lists of missed, received or dialed calls,
e-mail,the device’s International Mobile Equipment Identity (IMEI) and
text messages -- without leaving any evidence of the attack. Other devices
that use Bluetooth, such as laptop computers, may also be vulnerable,
although to a lesser extent, by virtue of their more complex systems.
Operating in invisible mode protects some devices, but others are
vulnerable as long as Bluetooth is enabled. Bluesnarfing works by using the push
profile of the Object Exchange protocol (OBEX) which is a built-in Bluetooth
functionality for exchanging electronic business cards.
This is sometimes confused with bluejacking in which users can send anomynous
messages to the victims devices, which is esentially harmless.
How to Protect yourself from Bluesnarfing
Here are several Advice on proctecting yourself and your mobile devices.
1) Turn off Bluetooth
This is the most foolproof way. If you don't need bluetooh, don't turn in on.
only leave it on when you need it. There is no way anyone can access your
phone via bluetooth if it is switched off.
2) Keep yourself Invisible.
This usually prevents common softwares from "detecting" your device.
Do note that this will not hinder the experienced bluesnafers.
Most of them can detect your device despite it being in "invisible" mode.
3) Password protect
Passwording your devices cannot stop all bluesnarfing. But i can make
things more difficult for them, and esentially stop the amateurs.
I would suggest at least a 5 digit password.
4) Verify Verify Verify
Never pair with an unknown device. This is simply opening the door to an attack.
Once open it may never be closed again.
If you ever suspect anyone is bluesnarfing you, simply switch off your device.
Since it is an invasion of privacy, Bluesnarfing is illegal in many countries.
Comments :
Post a Comment