| Introduction | | | | to address the device by its unique 48-bit |
| Bluetooth a short range wireless communication | | | | Bluetooth device name. For example, uncovering |
| technology developed for use at home, office and | | | | the device name is possible using software |
| Personal Area Networks. Over the years | | | | applications such as RedFang. This application uses |
| Bluetooth integration has been achieved in mobile | | | | a brute-force approach to discover device |
| phones, Personal Digital Assistants (PDAs) and | | | | addresses by systematically generating every |
| other consumer devices. When blue tooth was | | | | possible combination of characters and recording |
| conceived, an essential element of the technology | | | | those combinations which get a response. |
| was its requirement for a low expectation of end | | | | Fortunately this approach is time consuming, |
| user technical ability and minimum levels of user | | | | potentially taking hours of computation. |
| setup and configuration for ease of use. This was | | | | Current scenario |
| adopted to ensure that widespread adoption and | | | | The subsequent release of the Bluetooth |
| utilization of Bluetooth technology by the general | | | | specification 1.2 has addressed this problem by |
| public could be achieved | | | | adding an anonymity mode that masks a device's |
| A direct consequence of this requirement some | | | | Bluetooth physical address. In addition a major |
| users are not aware of the functionality Bluetooth | | | | privacy concern related to this type of attack is |
| offers and its potential for exploitation and in | | | | the possibility of obtaining the IMEI of a device |
| many cases leave the default settings on their | | | | which can then be utilized to uniquely identify a |
| devices unchanged. Bluetooth enabled devices are | | | | phone on a mobile network and could also be |
| vulnerable to exploitation using a range of | | | | used in illegal phone cloning. This could give |
| methods including Bluesnarf, Backdoor and | | | | someone the ability to use a cloned subscriber |
| Bluebug. | | | | identity module (SIM) card to track a mobile |
| Bluetooth vulnerabilities | | | | device and by inference the user carrier without |
| The use of Bluetooth technology to access | | | | their knowledge. Recent firmware upgrades have |
| restricted areas of a users' device without their | | | | corrected this problem but many phone owners |
| knowledge or approval for the purpose of | | | | have not installed them |
| capturing data e.g. contacts, images, lists of called | | | | Nokia the World leading Mobile phone |
| missed, received or dialed, calendars, business | | | | manufacturer recently made this announcement |
| cards and the device's International Mobile | | | | "Nokia is aware of claims that there are security |
| Equipment Identity (IMEI) is known as Bluesnarf. | | | | issues relating to malicious attempts by hackers |
| Bluesnarfing works by using the push profile of | | | | to access another user's mobile device featuring |
| the Object Exchange protocol (OBEX) which is a | | | | Bluetooth technology, an act currently referred to |
| built-in Bluetooth functionality for exchanging | | | | as "Bluesnarfing". Affected models include the |
| electronic business cards. | | | | Nokia 6310, 6310i, 8910, 8910i mobile phones. " |
| Instead of pushing a business card the Bluesnarf | | | | Nokia recommends the following in order to |
| attack pulls using a "get" request looking for files | | | | prevent "Bluesnarfing". In public places, where |
| with known names e.g. phonebook file (telecom | | | | phones with Bluetooth technology might |
| pb.vcf) or calendar file (telecom/cal.vcs). This | | | | theoretically be targets of malicious attacks, |
| vulnerability exists due to the manner in which the | | | | reliable ways to foil potential hackers are: |
| OBEX push profile was implemented in some of | | | | To set the device to "hidden" mode using the |
| the early Bluetooth enabled phones, which did not | | | | Bluetooth menu. Personal devices like headsets |
| require authentication from other Bluetooth | | | | can still connect to the phone, but intrusion is |
| devices attempting to communicate with it. | | | | much more difficult since the hacker will have to |
| Accessing information by Bluesnarfing was | | | | know or guess the Bluetooth address before |
| thought to only be possible if the users device is | | | | establishing a connection. |
| in "discoverable" or "visible" mode, but Bluesnarf | | | | If a user wants absolute security, they can simply |
| attacks have being carried out on devices set to | | | | "switch off" the Bluetooth functionality of their |
| "non-discoverable" mode. | | | | mobile phone. This will not affect other |
| To achieve this the Bluesnarfing software needs | | | | functionalities of the phone. |