Bluetooth-enabled devices allow creation of point-to-point or multipoint wireless
personal area networks (WPANs) or “ piconets ” on an ad hoc or as-needed basis.Bluetooth is intended to provide a fl exible network topology, low energy consumption,
robust data capacity, and high-quality voice transmission. Bluetooth is a low-cost radio
solution that can provide links between devices at distances of up to 10 meters. Bluetooth
has access speeds of 1 Mbps, considerably slower than the various 802.11 standards;
however, the Bluetooth chips required to connect to the WLAN are considerably cheaper
and have lower power requirements. Bluetooth technology is embedded in a wide
range of devices. The Bluetooth wireless transport specifi cation is meant to be used
for bridging mobile computing devices, fi xed telecom, tethered LAN computing, and
consumer equipment together using low-cost, miniaturized RF components. Transport
of both data and voice is supported in Bluetooth. Originally, Bluetooth was envisioned
as a methodology to connect cellular or PCS telephones to other devices without
wires. Examples of these other applications include USB “ dongles, ” peripheral device
connections, and PDA extensions.
Bluetooth, as a WPAN, should not be confused with a WLAN because it is not intended
to do the same job. Bluetooth is primarily used as a wireless replacement for a cable to
connect a handheld, mobile phone, MP3 player, printer, or digital camera to a PC or to
each other, assuming the various devices are confi gured to share data. The Bluetooth
standard is relatively complex; therefore, it is not always easy to determine if any two
devices will communicate. Any device should be successfully tested before a purchase
is made. Bluetooth is an open specifi cation made available to Bluetooth SIG members
on a royalty-free basis. More than 2,000 companies worldwide have declared interest
in Bluetooth-enabled devices (for more information about the Bluetooth SIG,
see http://www.bluetooth.org).
According to a
(August 11, 2003), Ollie Whitehouse, a researcher based in the United Kingdom and
employed by the computer security company @Stake, created an eavesdropping tool
to demonstrate just how vulnerable Bluetooth-enabled devices such as laptops, mobile
phones, and handheld computers are to someone attempting to pilfer data from them.
Whitehouse claimed his “ Red Fang ” program can be used in any setting where it is
common to see users with mobile devices, such as while riding airplanes or trains or
sitting in coffee shops. The Red Fang system can be used to scan these devices and
determine if they are unprotected. Whitehouse sees his program as being similar to those
used for “ war-driving ” activities (where people seek out poorly secured 802.11 wireless
networks.) Ollie claims many people do not even know Bluetooth wireless technologyis installed on their mobile devices, let alone the fact that the corresponding Bluetooth
security settings are often turned off by default.
A report issued by research fi rm Gartner in September 2002 indicated that many people
do not activate Bluetooth security features, and this inaction potentially exposes their
devices to exploitation by hackers. Red Fang was unveiled in August 2003 at the Defcon
computer security conference held in Las Vegas, Nevada. Bruce Potter, a security expert
with U.S. think tank the Shmoo Group, improved the tool by making it more user
friendly, according to Knight in his aforementioned article, which went on to state that
“ Potter expects Bluetooth security to become a growing concern, considering the high
penetration of Bluetooth-enabled devices and the lack of knowledge about Bluetooth
security in corporate security departments. ”New Scientist article about Bluetooth gadgetry written by Will Knight
No comments:
Post a Comment