Explore the TechTarget Network at SearchTechTarget.com. Activate your FREE membership today | Log-in


Search this site and the Web
powered by Google
HomeNewsTopicsAsk the ExpertsTipsDiscussionsWebcastsWhite PapersProductsCareersSite Map
Home > News >

Bluetooth: Secu...

EMAIL THIS PAGE TO A FRIEND

Networking News:

Search for:   in   Full TargetSearch with Google

Bluetooth: Security's 'silent killer'

By Jim Rendon, News Writer
10 Aug 2004 | SearchNetworking.com
 SOUND OFF! Post your comments

Bluetooth's flaws were in the spotlight at last week's Black Hat and Defcon security conferences in Las Vegas. Security professionals demonstrated vulnerabilities in the wireless technology by downloading contact information and reading text messages on the devices of unsuspecting bystanders.

This comes on the heels of software upgrades from device makers Nokia Corp. and Sony Ericsson that address Bluetooth's security problems. Even though Bluetooth is seemingly more insecure than ever, it is infiltrating businesses at a tremendous rate.

"Bluetooth is a silent killer," said Stan Schatt, a vice president and research director with Cambridge, Mass.-based Forrester Research Inc. "You can look at someone and not know that they have a Bluetooth device, yet they can still do damage."

The short-range 2.45 GHz wireless technology is being embedded in more manufacturers' mobile devices. Wireless phones and headsets are most popular, but it is also being embedded in printers, PDAs, laptops and other devices. It is most often used to replace cords for headsets, synch mobile devices with PCs or share contact information between devices.

According to the Scottsdale, Ariz.-based research firm In-Stat/MDR, 69 million Bluetooth chips shipped in 2003. By 2008, the firm expects 720 million units to ship each year.

While Bluetooth is prevalent, it has very little use in a business context and therefore is rarely managed by IT departments, Schatt said. Generally, the technology is embedded in the devices that employees bring into the office. Now that these devices are becoming more commonplace, hackers are finding ways to exploit the technology's weakness.

For instance, Bluetooth can be used to download information stored on a mobile device, including contact lists and passwords. It can also be used to make calls using another person's device. Bluetooth can even be used to take over another device and send SMS messages, or to listen in on conversations.

For more information

Learn how Red-M's WLAN monitor helps avoid Bluetooth danger.

 

Read our exclusive: Gartner advises firms to deactivate Bluetooth.

Mobile device data is typically not pivotal to an enterprise's security, said Craig Mathias, a principal with Framingham, Mass.-based research firm, Farpoint Group. Nonetheless, he said businesses should determine whether they are at risk by learning how much sensitive business data is stored on workers' handheld devices.

"Bluetooth needs to be on the radar screen of IT departments," he said.

Bluetooth also complicates patch management, Schatt said, because it is tougher to push out updates to cell phones and other handheld devices than it is to PCs.

Despite its problems, Bluetooth is becoming so prevalent that it is not practical to ban the technology. Businesses should therefore incorporate it into their wireless strategies.

Employees also need to be educated on how to use Bluetooth and on the kinds of security vulnerabilities it may present. Mathias recommends handing out a card with Bluetooth information to every cell phone user.


RELEVANT SPONSORED LINKS
Bluetooth Serial Modules
Bluetooth UART/RS232 serial modules
Fully qualified OEM solutions.
www.wirelessfutures.co.uk
Handheld Device Info
Find the latest Handheld Device
product info & collateral
www.itproductalert.com
Handheld Devices at ZDNet
Compare up-to-the-minute prices
from hundreds of trusted stores.
shopper.zdnet.com
Handheld Devices
Find, compare and buy PDAs!
Simply Fast Savings
www.Shopping.com
Buy Bluetooth Products
Get Bluetooth devices, accessories,
and more at the MobilePlanet store!
www.MobilePlanet.com

SOUND OFF! - Post your comments


EMAIL A FRIEND
Send the article you've just read to a friend
LATEST HEADLINES  
>>  New AIM Trojan steals financial data (SearchSecurity.com)
>>  Nortel slashes 3,500 jobs (CBS MarketWatch)
>>  Avaya adds to VoIP lead (Bloomberg News)
>>  Dell to challenge Cisco in low-end switching (ITP)
>>  New Mydoom leads to 'Backdoor' (eWEEK)

  WHAT'S NEW
on SearchNetworking
1. Register now for Networking Decisions
2. Take the salary survey!
3. Chapter of the Week - Download Here
4. Viruses, worms and Trojan horses
HomeNewsTopicsAsk the ExpertsTipsDiscussionsWebcastsWhite PapersProductsCareersSite Map
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Reprints
SEARCH 
SearchNetworking.com is part of the TechTarget network of industry-specific IT Web sitesSearchNetworking.com is part of the TechTarget network of industry-specific IT Web sites
WINDOWS
SearchExchange.com
SearchVB.com
SearchWin2000.com
SearchWindowsSecurity.com
Labmice.net
MyITForum.com

APPLICATIONS
SearchCRM.com
SearchSAP.com

ENTERPRISE IT MANAGEMENT
SearchCIO.com
SearchSmallBizIT.com

CORE TECHNOLOGIES
SearchDatabase.com
SearchMobileComputing.com
SearchNetworking.com
SearchOracle.com
SearchSecurity.com
SearchStorage.com
SearchWebServices.com
WhatIs.com

PLATFORMS
Search390.com
Search400.com
SearchDomino.com
SearchEnterpriseLinux.com
TechTarget Expert Answer Center  |  TechTarget Enterprise IT Conferences  |  TechTarget Corporate Web Site  |  Media Kit

Explore SearchTechTarget.com, the guide to the TechTarget network of industry-specific IT Web sites.

All Rights Reserved, Copyright 2000 - 2004, TechTarget Read our Privacy Statement