|[ Also see: Bluetooth
Security Bluetooth Testing
Wireless Security ]
our section on "Bluejacking" and related topics.
CIO Update Bluetooth:
Plugging the Latest Enterprise Security Loophole (10/05)
Bluetooth is everywhere today and needs to be secured just like the
mini WiFi hub it is. Now that Bluetooth has gained significant
deployment and is being used to power real-world business solutions,
it faces a problem common to all fast-emerging communications
Whisperer' Puts Hackers in the Driver's Seat (8/05) Software
connects car Bluetooth systems with a remote PC so hackers can
eavesdrop. If you happen to hear a disembodied computer voice tell
you to "drive carefully" next time you're behind the
wheel, you've probably met the Car Whisperer. Released at the What
the Hack computer security conference, Car Whisperer is software
that tricks the hands-free Bluetooth systems installed in some cars
into connecting with a Linux computer. The software takes advantage
of the fact that many of these hands-free systems require only a
very simple four-digit security key--often a number such as 1234 or
0000--in order to grant a device access to the system.
Bluetooth SIG Bluetooth SIG Response to Recent Analysis of
Pairing and Security (6/05) New Scientist reported a new
security threat to Bluetooth technology in June 2005 (New
hack cracks 'secure' Bluetooth devices) from two Israeli
researchers who suggested a way to subvert one of the built-in
Bluetooth security mechanisms. Bluetooth devices generate a secure
connection by means of the initial pairing process. During this
process one or both devices need a PIN code to be entered, which is
used by internal algorithms to generate a secure key which is then
used to authenticate the devices whenever they connect in the
future. The new academic paper puts forward a theoretical process
that could potentially “guess” the security settings on a pair
of Bluetooth devices. To do this the attacking device would need to
listen in to the initial one-time pairing process. From this point
it can use an algorithm to guess the security key and masquerade as
the other Bluetooth device....
Forbes Bluetooth cell phones susceptible to hacker attacks
(6/04) The technology information Web portal Xonio recommends
owners of Bluetooth cell phones to exercise caution. Cell phones
equipped with the wireless data transference technology are
relatively susceptible to attacks from hackers, the Stuttgart based
online magazine warns. Xonio tested 23 models from various
manufacturers, with 13 turning up security problems. For four of the
Bluetooth cell phones, it was even possible for a hacker to take
complete control of the device and, unbeknown to the owner, do
things like dial any desired number.
The Advertiser World's
first mobile phone virus strikes (6/04) The world's first virus
which infects mobile phones has been found – prompting fears of a
new generation of assaults on information technology systems. Known
as Cabir, the virus infects phones by inscribing Caribe on mobile
phone screens each time they are switched on. It was found in
France, but mobile users have reported being infected in Adelaide.
2006 Wireless Broadband Technology
This report introduces managers, investors and technical people to the major wireless broadband technologies IEEE 802.11 (WiFi) and IEEE 802.16 (WiMAX) - and to a number of related technologies. These include short-distance Bluetooth and Ultra Wideband (UWB) and several short distance low-rate systems such as RFID (Radio Frequency Identification), ZigBee (IEEE 802.15.4) and Near-Field Communications (NFCIP).
Principles of operation
Critical analysis of strengths and weaknesses
Competition with other technologies
Opportunities for new services
Industry consortia, standards bodies, regulators and key vendors
Explaining established technologies in detail
Published By: Paul Budde Communication Pty Ltd
Date Published: Sep 2006
* * * * * *
Useful Sites and Resources
mobile message craze spreads (11/03) Are you being bluejacked?
Phone owners now have something else to do with their handset:
bluejacking. This involves sending anonymous text messages to other
phone users via Bluetooth short-range radio. Mobile phone buffs have
been bluejacking for months but it now looks set to become much more
||The world's first website dedicated to bluejacking:
||News and information about Bluejacking.
||Free Windows tool for Bluetooth vulnerability assessment.
Discovers and catalogues all Bluetooth devices in range.
Tips and tricks, Bluejacking:
did something naughty today!, bluejacking
and now bluesnarfing and other topics.
spawns 'toothing' on trains (4/04) Bored commuters are employing
Bluetooth phones to set up sex with strangers. British commuters
take note -- the respectable person sitting next to you on the train
fumbling with their cell phone might be a "toother'' looking
for sex with a stranger. "Toothing'' is a new craze where
strangers on trains, buses, in bars and even supermarkets hook up
for illicit meetings using messages sent via the latest in phone
hits the mainstream (11/03) People with Bluetooth-enable mobile
phones can send messages anonymously to those with similar phones
nearby, creating a new craze. Bluetooth enables devices within a few
metres of each other to exchange information wirelessly - a
technology that users with Bluetooth-enabled mobiles are making the
most of to send text messages to strangers anonymously. This
drive-by messaging has been dubbed 'bluejacking'.
Bluetooth PIN Recovery tool developed by Thierry
Real Bluejack is software for smartphones and Pocket PCs, that
use Bluetooth. It extends your device’s Bluetooth functions. This
program can: send Bluetooth messages, browse target-device’s
filesystem via OBEX protocol, send AT commands, get phonebook, send
SMS via target-phone, send files up to 2x faster then file managers,
receive files directly into the Storage Card and other features.
"THE REAL BLUEJACK" IS NOT INTENDED FOR GETTING
UNAUTHORIZED ACCESS TO PERSONAL DATA! Authentication is required!
(But after you can do everything that you want)
This section is still growing. Click
here to add a link.