Bluetooth is everywhere, from our laptops to our cell phones to our PDAs. But you need to know some important facts about its security issues. The following can be found here:
Bluetooth Security
Security has played a major role in the invention of Bluetooth. The Bluetooth SIG has put much effort into making Bluetooth a secure technology and has security experts who provide critical security information. In general, Bluetooth security is divided into three modes:
· Non-secure
· Service level enforced security
· Link level enforced security
In non-secure, a Bluetooth device does not initiate any security measures. In service-level enforced security mode, two Bluetooth devices can establish a non-secure Asynchronous Connection-Less (ACL) link. Security procedures, namely authentication, authorization and optional encryption, are initiated when a L2CAP (Logical Link Control and Adaptation Protocol) Connection-Oriented or Connection-Less channel request is made. (Haataja, 2006). The difference between service level enforced security and link level enforced security is that in the latter, the Bluetooth device initiates security procedures before the channel is established.
As mentioned above, Bluetooth‘s security procedures include authorization, authentication and optional encryption. Authentication involves proving the identity of a computer or computer user, or in Bluetooth‘s case, proving the identity of one piconet member to another. Authorization is the process of granting or denying access to a network resource. Encryption is the translation of data into secret code. It is used between Bluetooth devices so that eavesdroppers can not read its contents. However, even with all of these defense mechanisms in place, Bluetooth has shown to have some security risks. The next section of this paper will describe some of these vulnerabilities associated with Bluetooth technology.
Bluetooth Vulnerabilities and Security Risks
Bluejacking: Bluejacking is the process of sending unsolicited messages, or business cards, to Bluetooth-enabled devices. This does not involve altering any data from the device, but nonetheless, it is unsolicited. Devices that are set in non-discoverable mode are not susceptible to bluejacking. In order for bluejacking to work, the sending and receiving devices must be within 10 meters of one another. While this method has been widely used for promotional purposes, Bluetooth device-owners should be careful never to add the contact to their address book. While bluejacking is usually not done with malicious intent, repetitive bogus messages can be annoying to the user, and in some cases, can render the product inoperable. This can also open the door to a variety of social engineering attacks.
Bluesnarfing: Bluesnarfing is a method of hacking into a Bluetooth-enabled mobile phone and copying its entire contact book, calendar or anything else stored in the phone‘s memory. By setting the device in non-discoverable, it becomes significantly more difficult to find and attack the device. However, the software tools required to steal information from Bluetooth-enabled mobile phones are widely available on the Web, and knowledge of how to use them is growing. (Kotadia, 2004)
The backdoor attack: This attack involves establishing a trust relationship through the “pairing” mechanism, but ensuring that it no longer appears in the target‘s register of paired devices. In this way, unless the owner is actually observing their devices at the precise moment a connection is established, they are unlikely to notice anything untoward, and the attacker may be free to continue to use any resource that a trusted relationship with that device grants access to…This means that not only can data be retrieved from the phone, but other services, such as modems, or Internet, WAP and GPRS gateways may be accessed without the owner‘s knowledge or consent. (The Bunker, 2003)
The cabir worm: The cabir worm is malicious software that uses Bluetooth technology to seek out available Bluetooth devices and send itself to them. According to Bluetooth SIG (2006), The cabir worm currently only affects mobile phones that use the Symbian series 60 user interface platform and feature Bluetooth wireless technology. Furthermore, the user has to manually accept the worm and install the malware in order to infect the phone. Although this may be the case, this shows that it is achievable to write mobile viruses that spread via Bluetooth and may cause other hackers to explore the possibilities of writing Bluetooth viruses.
The Mabir worm is essentially a variant of the Cabir worm where it uses Bluetooth and Multimedia Messaging Service messages (MMS) to replicate.
Bluetooth wireless is constantly growing in popularity because of the convenience of exchanging information between mobile devices. As Bluetooth usage rises, so do the security risks associated with the technology. Advantages to Bluetooth include the ability to simultaneously handle both data and voice transmissions which enables users to enjoy a variety of innovative solutions such as a hands-free headset for voice calls, wireless printing and fax capabilities, and synchronizing PDA, laptop, and mobile phone applications. (Bluetooth SIG, 2006) Bluetooth users should familiarize themselves with Bluetooth security issues before using Bluetooth devices, and especially before they bring these devices into the work place.
Friday, August 24, 2007
What You Need To Know About Bluetooth Security
Subscribe to:
Comment Feed (RSS)
|