Bluetooth Resource Center

Home
Search
Market Research
Add a Link

Bluetooth
Access Points
Antennas
Articles
Audio
Bluejacking
Car Kits
Cathal's Corner
Consultants
Design Tools
Dev Tools
Downloads
FAQ
Forums
Glossary
Headsets
InfoTooth
News
Phones
Printers
Products
Profiles
Research
Security
Shop
SIG
Software
Technology
Testing
Training
Tutorial
USB
WLANs & BT

What Is Bluetooth?

Members

Forgot your
password?

New Member

[ Also see: Bluejacking Wireless Security WLAN Security Java Security Cathal's Corner ]

Recent Security Headlines

FreshPatents.com Customized bluetooth enabled identification device
A customized Bluetooth enabled identification device for Bluetooth based identification, communication and tracking system is described. The device uses a customized Bluetooth hardware as identification of location is done through its 48 bit unique hardware address by providing password based security over identification....

Network World PCI Security Standards Council readying new payment-card security standard
The Payment Card Industry data security standards, which influence design of networks where sensitive payment-card account data is stored, are expected to be further revised by the PCI Security Standards Council over the next few months.

Network World Comcast launches first public U.S. trial of advanced DNS security
Comcast unveiled on Tuesday an aggressive plan to deploy new DNS security mechanisms that are designed to protect Web site operators and consumers from a specific type of hacking attack that involves hijacking Web traffic and redirecting it to bogus sites.

Network World Average annual cost of PCI compliance audit? $225k
Merchants that undergo network audits to ensure compliance with the Payment Card Industry Data Security Standards are paying an average of $225,000 each year.

Infrared News LightPath Technologies To Highlight Molded Infrared Aspheric...
LightPath Technologies Will Be Showcasing Its Black Diamond Molded Infrared Aspheric Lenses at the SPIE Defense and Security Symposium Navy Opportunity Forum in Orlando, FL From April 5th - 9th Orlando, FL - (Marketwire) - LightPath Technologies, Inc.

Rootsecure.net H Security: Dispute about Virtual PC security holes

Rootsecure.net H Security: Security vulnerability in SpamAssassin filter module

Rootsecure.net Computer World: What Are the Most Underrated Security Technologies?

BBC Spammers survive botnet shutdowns
A series of strikes against botnets has not dented cyber criminals' appetite for sending spam, say security experts.

ITtoolbox Voice Network Security - Strategies for Control
With voice traffic now running across the data network, the burden of safeguarding voice systems now lies in the hands of the networking team. Read this white paper to learn to secure your voice network now.

About our headline feed

Research Reports

Wireless Communications Technologies And Solutions
Mind Commerce Publishing, Jan 2008

Wireless Personal Area Networks: Applications, Assessment Technologies and Markets
Practel, Inc., Jan 2009

Home Automation Solutions and Business Issues 2009
Mind Commerce Publishing, Jan 2009

Wireless in Healthcare (Hospital, Physician Office, Pharmaceutical and other Healthcare Markets for Bluetooth, RFID, Zigbee and other technologies)
Kalorama Information, Jan 2008

More Research Reports

Bluetooth Security

Welcome to our summary of Bluetooth security information, tips, encryption, techniques, news and tools.

Featured Research Reports

Mobile Content and Services (7th edition)

Mobile Content and Services (7th edition) answers key questions, illuminating case studies from around the globe and future roadmaps for players across the value chain - backed by detailed forecasts to 2013. The report provides you with critical information on which to base your strategy.

Key Coverage

The major industry analysis covered within the Mobile Content and Services report includes:

Mobile enterprise analysis: evaluation of the mobile applications and solutions employed in these sectors.

Business models: Coverage of key areas, including mobile messaging, music, games, Mobile TV and video, mobile web browsing and search, location based services, mobile advertising and social networking, and m-commerce and mobile financial services.

Strategic issues: analyses the impact of the evolving content value chain on all industry players. Evaluates high level business and marketing issues, and the critical considerations for addressing the mobile content and services market. Looks at the impact of disruptive technologies such as VoIP. Assesses the impact of the growth of the handset market including smartphones and the impact of devices like the iPhone on the industry.

Key Issues Addressed
The report details
Global industry forecasts
Value chain and competitive analysis
New services available
Revenue and business models
Pricing strategies
Technology launches
Major players’ strategies
Future roadmap scenarios

Please Note: Informa requires that clients sign a confidentiality agreement prior to fulfillment of PDF email delivery for all PDF orders. Fulfillment may take 2-3 days after receipt of form.
Published By: Informa Media and Telecom
Date Published: Jan 2009
* * * * * *

RFID for Airports and Airlines 2008-2018

RFID is an extremely powerful enabling technology in airports and aircraft, serving to improve security against criminal attack, safety against general hazards, efficiency, error prevention and data capture and to remove tedious tasks. It can even create new earning streams where it makes tolling feasible without causing congestion and where new airport "touch and go" cards offer new paid services without delays.

Please note, the PDF Email From Publisher version of this report allows five users.
Published By: IDTechEx Ltd
Date Published: Jan 2008
* * * * * *

Software Tools

n.runs

BTCrack a Bluetooth PIN Recovery tool. Thierry Zoller, a security consultant, developed BTCrack, an implementation of a flaw disclosed in 2005 by Israeli security researchers. The tool takes advantage of weak PINs in Bluetooth devices, allowing an attacker to listen in on a pairing session and gain access to both paired devices.

WM-soft

The Real Bluejack is software for smartphones and Pocket PCs, that use Bluetooth. It extends your device’s Bluetooth functions. This program can: send Bluetooth messages, browse target-device’s filesystem via OBEX protocol, send AT commands, get phonebook, send SMS via target-phone, send files up to 2x faster then file managers, receive files directly into the Storage Card and other features.
"THE REAL BLUEJACK" IS NOT INTENDED FOR GETTING UNAUTHORIZED ACCESS TO PERSONAL DATA! Authentication is required! (But after you can do everything that you want)

Useful Resources:

Cathal's Corner - Bluetooth Security Three part overview of Bluetooth security.
Wireless Security Our section on wireless news, tips and techniques.
InfoTooth Bluetooth Tutorial Our detailed guide to Bluetooth technology.
Repeat Packet Encryption InfoTooth FAQ article.
Security/Protection Issues in Bluetooth InfoTooth FAQ article.
Bluetooth Device Personalization InfoTooth FAQ article.
Encryption Sample Data Problem InfoTooth FAQ article.
Bluetooth Stack SoftTooth article on the Bluetooth protocol stack.
Bluescanner.org
- Free Windows tool for Bluetooth vulnerability assessment. Discovers and catalogues all Bluetooth devices in range.

Microsoft Bluetooth Security Issues
- Windows CE Features for Platform Developers Bluetooth Security Issues.

Bluetooth SIG
- Bluetooth SIG Response to Recent Analysis of Pairing and Security (6/05) New Scientist reported a new security threat to Bluetooth technology in June 2005 (New hack cracks 'secure' Bluetooth devices) from two Israeli researchers who suggested a way to subvert one of the built-in Bluetooth security mechanisms. Bluetooth devices generate a secure connection by means of the initial pairing process. During this process one or both devices need a PIN code to be entered, which is used by internal algorithms to generate a secure key which is then used to authenticate the devices whenever they connect in the future. The new academic paper puts forward a theoretical process that could potentially “guess” the security settings on a pair of Bluetooth devices. To do this the attacking device would need to listen in to the initial one-time pairing process. From this point it can use an algorithm to guess the security key and masquerade as the other Bluetooth device. What is new in this paper is an approach that forces a new pairing sequence to be conducted between the two devices and an improved method of performing the guessing process, which brings the time down significantly from previous attacks.

Java Security Our new listing on Java-related security.
WAP Security Our listings of WAP security news, tips, tools and techniques.
The Bunker Serious flaws in bluetooth security lead to disclosure of personal data In November 2003, Adam Laurie of A.L. Digital Ltd. discovered that there are serious flaws in the authentication and/or data transfer mechanisms on some Bluetooth enabled devices. Specifically, three vulnerabilities have been found: Firstly, confidential data can be obtained, anonymously, and without the owner's knowledge or consent, from some Bluetooth enabled mobile phones. Secondly, it has been found that the complete memory contents of some mobile phones can be accessed by a previously trusted ("paired") device that has since been removed from the trusted list. Thirdly, access can be gained to the AT command set of the device, giving full access to the higher level commands and channels, such as data, voice and messaging.