Definition

bluesnarfing

Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability in the way Bluetooth is implemented on a mobile phone, an attacker can access information -- such as the user's calendar, contact list and e-mail and text messages -- without leaving any evidence of the attack. Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser extent, by virtue of their more complex systems. Operating in invisible mode protects some devices, but others are vulnerable as long as Bluetooth is enabled.

 

According to a ZDNet UK article, attackers are exploiting a problem with some implementations of the object exchange (OBEX) protocol, which is commonly used to exchange information between wireless devices. An attacker can synchronize with the victim's device (this is known as pairing) and gain access to any information or service available to the legitimate user. The article claims that bluesnarfing tools are widely available on the Internet, along with information about how to use them.

Adam Laurie, of A.L. Digital, discovered the vulnerability that enables bluesnarfing in November 2003, when he was testing the security of Bluetooth devices. Laurie released a vulnerability disclosure notification about the problem immediately afterward. According to Laurie's bluesnarf-tracking blog, the only way to protect yourself from a bluesnarf attack is to turn off Bluetooth on your mobile device.

This was last updated in September 2005
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchMobileComputing.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

  • Fuel cells still years away for mobile devices

    While fuel cell manufacturers have long fought to consumerize the technology, they're finally finding success in niche professional markets.

  • PDA review: HP iPAQ 210

    Keeping to the standard, HP recently released the iPAQ 210 which retains the standard features and design of the traditional handheld.

  • Mobile devices: Upgrade considerations

    Mobile device upgrades can be a minefield involving a number of considerations. This tip focuses on how to evaluate a device's age, capability and adaptability for potential hardware or software updates.

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: