What is bluejacking?
Why 'bluejacking'?
Talk the talk
Guides & Tips
How to bluejack
Code of ethics
Tips and tricks
Bluejacking FAQ
Bluejacking stories
bluejackQ forums
Forum hot pics
Bluejacking software
blueJackQ clothing
Bluetooth headsets
Sim free mobiles
Advertise on bluejackQ.com
Media links
Site map
Contact us
page views since
mn7th october '03

The world's first and most authoritative website dedicated to bluejacking
Bluejacking Frequently Asked Questions - Bluesnarfing

Being the authoritative source of bluejacking information, we thought it would be a good idea to write a short piece summarising bluesnarfing and how it affects bluejacking.

Bluesnarfing: You're more than likey to have read something about it in the news recently, whether it was an in-depth report like Click Online's (including an interview with bluejackQ's jellyellie about bluejacking) or a question asked by a worried consumer in a magazine.

Security expert Adam Laurie originally brought bluesnarfing to the attention of the public through his website www.bluestumbler.org. As he explains, bluesnarfing is the theft of data - calendar information and phonebook contacts - from a discoverable Bluetooth phone. But what does this mean? In theory, it means if you have one of the affected phones (see below) and your Bluetooth is on and 'discoverable*' , somebody with the right program on their laptop/computer in range of your Bluetooth device (10 metres) can remotely discover your device, create a connection with no confirmation or code-input needed from you and 'download' your phonebook to their computer. Any pictures attached to contacts will be downloaded too - oh, and they can steal your calendar too.

Sounds worrying, doesn't it - and after all, you've every right to worry - your data is not safe. So what are the recommendations? Sony Ericsson advise customers with vulnerable Bluetooth phones to switch off their Bluetooth in areas regarded as "unsafe". Nokia have issued a rather long-winded statement which can be read in Click Oline's bluesnarfing article. Other organisations are advising customers to either turn off their Bluetooth or set it to 'undiscoverable'. This undiscoverable setting allows you to keep Bluetooth on so you can use compatible Bluetooth products, e.g. headsets, computer dongles, but other Bluetooth devices won't discover your device when they're searching for devices.

Many of you bluejackers will be groaning by this point. We all know what this means - highly regarded media figures advising people to turn their Bluetooth off equals less 'victims' for us to bluejack. So is that really the right thing to be advising at this moment in time? My personal opinion is I am fully aware of the risks bluesnarfing brings, but at the same time bluesnarfers have to keep a connection - within 10m of their target - for 2 or 3 minutes. Now it's hard enough for bluejackers to keep our 'victims' in range for a couple of seconds, just long enough to push a contact across to them. On the other hand, many of the contacts in my phonebook are private and if in the wrong hands damage could be done. At the end of the day, you wouldn't give a copy of your phonebook to a complete stranger, would you? So why leave yourself open to these sorts of things?

In conclusion, different organisations will be telling customers different things. Some may say set your Bluetooth to undiscoverable, some will tell you to turn Bluetooth off completely, others may disregard the whole situation as something that will never really affect the public. Make up your own mind, just don't come crying to me when hooligans are phoning your mother at 2am every morning.

Vulnerable handsets:
- Motorola V80
- Motorola V800
- Nokia 6310i
- Nokia 7650
- Nokia 8910i
- Ericsson T39
- Ericsson R520m
- Ericsson T68
- Siemens S55
- Siemens SX1
- Sony Ericsson T68i
- Sony Ericsson T610
- Sony Ericsson T630
- Sony Ericsson Z600
- Sony Ericsson Z1010

* Discoverable: Your device can be found by others searching for Bluetooth devices in range







©2003/2004 jellyellie, all rights reserved.
Terms and conditions of quoting/taking excerpts from this site