Step-by-Step Guide

Step 1: Know Bluetooth vulnerability lingo

Bluetooth has spawned a number of terms that highlight Bluetooth-related vulnerabilities. Being aware of these threats

    Requires Free Membership to View

is the first step in keeping handhelds secure. The following are the terms you should know:

Bluejacking means anonymously sending an electronic business card or photo to another Bluetooth user. This enables an attack called "bluesnarfing," which allows an attacker to access the address book, contact information, e-mail and text messages on another user's mobile phone. Phone manufacturers released a patch when this threat was announced, but it has not been determined if Bluetooth-enabled PCs are vulnerable.

War nibbling is a take-off on war driving. Instead of cruising for open 802.11 networks, nibbling refers to finding unsecured or unpatched Bluetooth connections.

Bluesniping was recently coined by security researchers who used a highly directional antenna and a laptop running inexpensive software to establish connections with Bluetooth-enabled devices from over a half-mile away. Although the research wasn't malicious, attackers could use this technique to steal information from a distance, without leaving any signs of the attack.


 Home: Introduction
 Step 1: Learn the lingo
 Step 2: Disable devices
 Step 3: Authentication and encryption
 Step 4: Acceptable use
 Step 5: User education

Mathew Schwartz is a freelance writer, editor, and photographer based in Paris, France. He regularly contributes information security and corporate compliance stories to Enterprise Systems, Information Security magazine, and IT Compliance Now. His work also appears in numerous other publications, including the Times of London and Wired News. Other recent work includes a 235-page usability report on the world's top 10 intranets, coauthored for the Nielsen Norman Group. Corporate writing clients have included life-insurance firm SBLI, and Intel.

This was first published in May 2005

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: