bluesnarfing

Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection.

Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability in the way Bluetooth is implemented on a mobile phone, an attacker can access information -- such as the user's calendar, contact list and e-mail and text messages -- without leaving any evidence of the attack. Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser extent, by virtue of their more complex systems. Operating in invisible mode protects some devices, but others are vulnerable as long as Bluetooth is enabled.

 

According to a ZDNet UK article, attackers are exploiting a problem with some implementations of the object exchange (OBEX) protocol, which is commonly used to exchange information between wireless devices. An attacker can synchronize with the victim's device (this is known as pairing) and gain access to any information or service available to the legitimate user. The article claims that bluesnarfing tools are widely available on the Internet, along with information about how to use them.

Adam Laurie, of A.L. Digital, discovered the vulnerability that enables bluesnarfing in November 2003, when he was testing the security of Bluetooth devices. Laurie released a vulnerability disclosure notification about the problem immediately afterward. According to Laurie's bluesnarf-tracking blog, the only way to protect yourself from a bluesnarf attack is to turn off Bluetooth on your mobile device.

This was first published in September 2005

Continue Reading About bluesnarfing

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchConsumerization

SearchNetworking

SearchTelecom

SearchUnifiedCommunications

SearchSecurity

Close