 |
| Home |
| Information |
| What is bluejacking? |
| Why 'bluejacking'? |
| Talk the talk |
| Guides & Tips |
| How to bluejack |
| Code of ethics |
| Tips and tricks |
| Bluejacking FAQ |
| Interactive |
| Bluejacking stories |
| bluejackQ forums |
| Forum hot pics |
| Bluejacking software |
| Guestbook |
| Shopping |
| blueJackQ clothing |
| Bluetooth headsets |
| Sim free mobiles |
| General |
| Advertise on bluejackQ.com |
| Media links |
| Site map |
| Contact us |
| page views since mn7th october '03 |
The world's first and most authoritative website dedicated to bluejacking |
|
| Bluejacking
Frequently Asked Questions - Bluesnarfing
Being the authoritative source of bluejacking information, we thought it would be a good idea to write a short piece summarising bluesnarfing and how it affects bluejacking. Bluesnarfing: You're more than likey to have read something about it in the news recently, whether it was an in-depth report like Click Online's (including an interview with bluejackQ's jellyellie about bluejacking) or a question asked by a worried consumer in a magazine. Security expert Adam Laurie originally brought bluesnarfing to the attention of the public through his website www.bluestumbler.org. As he explains, bluesnarfing is the theft of data - calendar information and phonebook contacts - from a discoverable Bluetooth phone. But what does this mean? In theory, it means if you have one of the affected phones (see below) and your Bluetooth is on and 'discoverable*' , somebody with the right program on their laptop/computer in range of your Bluetooth device (10 metres) can remotely discover your device, create a connection with no confirmation or code-input needed from you and 'download' your phonebook to their computer. Any pictures attached to contacts will be downloaded too - oh, and they can steal your calendar too. Sounds worrying, doesn't it - and after all, you've every right to worry - your data is not safe. So what are the recommendations? Sony Ericsson advise customers with vulnerable Bluetooth phones to switch off their Bluetooth in areas regarded as "unsafe". Nokia have issued a rather long-winded statement which can be read in Click Oline's bluesnarfing article. Other organisations are advising customers to either turn off their Bluetooth or set it to 'undiscoverable'. This undiscoverable setting allows you to keep Bluetooth on so you can use compatible Bluetooth products, e.g. headsets, computer dongles, but other Bluetooth devices won't discover your device when they're searching for devices. Many of you bluejackers will be groaning by this point. We all know what this means - highly regarded media figures advising people to turn their Bluetooth off equals less 'victims' for us to bluejack. So is that really the right thing to be advising at this moment in time? My personal opinion is I am fully aware of the risks bluesnarfing brings, but at the same time bluesnarfers have to keep a connection - within 10m of their target - for 2 or 3 minutes. Now it's hard enough for bluejackers to keep our 'victims' in range for a couple of seconds, just long enough to push a contact across to them. On the other hand, many of the contacts in my phonebook are private and if in the wrong hands damage could be done. At the end of the day, you wouldn't give a copy of your phonebook to a complete stranger, would you? So why leave yourself open to these sorts of things? In conclusion, different organisations will be telling customers different things. Some may say set your Bluetooth to undiscoverable, some will tell you to turn Bluetooth off completely, others may disregard the whole situation as something that will never really affect the public. Make up your own mind, just don't come crying to me when hooligans are phoning your mother at 2am every morning. Vulnerable handsets: * Discoverable: Your device
can be found by others searching for Bluetooth devices in range |
|
|