Allwebco Web Templates · Build your own toolbar · Site Building Articles · Audio, Fonts, Clipart
powered by
bravenet.com
|
|
Bluetooth
Security |
Security measures
Bluetooth uses the SAFER+ algorithm for authentication and key generation. The E0 stream cipher is used for encrypting packets. This makes eavesdropping on bluetooth-enabled devices more difficult.
Security concerns
2003:
In November 2003, Ben and Adam Laurie from A.L. Digital Ltd. discovered that serious flaws in Bluetooth security may lead to disclosure of personal data (see http://bluestumbler.org). It should be noted however that the reported security problems concerned some poor implementations of Bluetooth, rather than the protocol itself.
In a subsequent experiment, Martin Herfurt from the trifinite.group was able to do a field-trial at the CeBIT fairgrounds showing the importance of the problem to the world. A new attack called BlueBug was used for this experiment.
2004:
In April 2004, security consultants @Stake revealed a security flaw that makes it possible to crack into conversations on Bluetooth based wireless headsets by reverse engineering the PIN.
This is one of a number of concerns that have been raised over the security of Bluetooth communications. In 2004 the first purported virus using Bluetooth to spread itself among mobile phones appeared for the Symbian OS. The virus was first described by Kaspersky Lab and requires users to confirm the installation of unknown software before it can propagate.
Note: the virus was written as a proof-of-concept by a group of virus writers
known as 29a and sent to anti-virus groups. Thus it should be regarded as a
potential (but NOT real) security threat of Bluetooth or Symbian OS as the virus
has never spread in the wild.
In August 2004, a world-record-setting experiment (see also Bluetooth sniping)
showed that the range of class 2 Bluetooth radios could be extended to 1.78
km (1.08 mile) with directional antennas. This poses a potential security threat
as it enables attackers to access vulnerable Bluetooth-devices from a distance
beyond expectation. However such experiments will not work using signal amplifiers
as the attacker must also be able to receive information from its victim in
order to set up a connection. No attack can be made against a Bluetooth device
unless the attacker knows its Bluetooth address and which channels to transmit
on.
2005:
In June 2005 Yaniv Shaked and Avishai Wool published the paper "Cracking the Bluetooth PIN1", which shows both passive and active methods for obtaining the PIN for a Bluetooth Link. The passive attack would allow a suitably equipped attacker to eavesdrop on communications and spoof if they were present at the time of initial pairing. The active method makes use of a specially constructed message that must be inserted at a specific point in the protocol, to make the master and slave repeat the pairing process. After that the first method may be used to crack the PIN. This attack's major weakness is that it requires the user of the devices under attack to re-enter their PIN during the attack when their device prompts them to. Also, this active attack will most likely require custom hardware, as most commercially available Bluetooth Devices are not capable of the timing necessary.
In August 2005, police in Cambridgeshire, England, issued warnings about thieves using Bluetooth-enabled phones to track other devices left in cars. Police are advising users to ensure any mobile networking connections are de-activated if laptops and other devices are left in this way. However the best way is to not leave any valuable devices in cars.
Index Page1 Page2 Page3 Page4 Page5
bravenet.com