News Stay informed about the latest enterprise technology news and product updates.

Hackers to feast on data via Bluetooth 'war nibbling'

Bluetooth is beginning to appear in more and more devices, from PDAs and laptops to cell phones. Unlike 802.11-based wireless LANs, which have a range of as much as 100 yards or more, Bluetooth is a short-range wireless technology that generally transmits only up to 30 feet. Nonetheless, security experts are beginning to raise concerns about Bluetooth. The Cambridge, Mass.-based consultancy AtStake Inc. recently released a report documenting its surprisingly successful efforts to gain unauthorized access into devices via Bluetooth.

Recently, Ollie Whitehouse, AtStake's director of security architecture, told more about Bluetooth's vulnerabilities, and about how businesses can best defend themselves.

Will security fears stymie the growth of Bluetooth, like they did with wireless LANs?
Bluetooth does not face similar problems, because it is showing up in consumer products, which people will be bringing to work. Businesses will adapt to the security issues, as they have done with Wi-Fi. Is Bluetooth being changed to address these potential security problems?
We already have Bluetooth 1.2, which fixes the issue of being able to discover non-discoverable devices. But the problem is upgrading the Bluetooth devices that are already out there. Some Bluetooth-embedded products have a long shelf life, so new standards always need to be backward compatible.


Browse our Topics on Bluetooth.

Get expert advice regarding where Bluetooth fits in the enterprise.

Should businesses ban Bluetooth?
Businesses will obviously gain from using Bluetooth. They should not ban it outright, but they should understand the risks. They need to deploy it in a controlled manner, not just automatically adopt it. It is hard to do, because this is a consumer technology, so it is going to enter the workplace no matter what you do. But businesses should educate their employees and explain the risks. Employees are not willingly malicious. People would not willingly expose themselves or their co-workers. Does anyone do this today?
No one is doing this now. This is all based on work we are doing in our research lab. We are trying to better understand what Bluetooth is, and the security issues around it. We are trying to look forward 12 or 18 months. We have released a proof of concept on our Web site that shows how Bluetooth can be compromised in just 11 hours. We will release a white paper in the next few weeks that demonstrates a faster attack. Is Bluetooth a major security concern for organizations?
In Europe, Bluetooth has been actively deployed for the last three years, and in the U.S. Bluetooth usage is growing as well. It's found in cell phones and PDAs that carry sensitive personal information. Given that, there should be concern. Since Bluetooth does not tie directly into the network -- it only moves data between devices -- are security vulnerabilities in Bluetooth less of a concern than threats facing wireless LANs?
I think that, to the individual, the impact is greater. If I have a PDA, it might contain my credit card information or my burglar alarm code. Also, there is often a lot of corporate data that is downloaded onto these devices. Think of a mobile salesperson who is likely to have all of his client contact information on his PDA, for example. What can businesses do to protect themselves?
For starters, devices should be set to non-detectable mode. Users should develop software-based firewalls for PDAs that will help. Also, shut the air interface down when they are not using it. Where are the vulnerabilities in Bluetooth?
One of the vulnerabilities is in the non-discovery mode. If your Bluetooth-enabled device is in non-discovery mode when someone else's device is looking for available connections, it should not be able to detect you. But we have found that, by brute force, you can detect the address and query. That gets you past the first layer of security. Then you can discover what class of device it is, and you can narrow it to the vendor and the chip set. But right now, encryption is not an issue. But because Bluetooth is such a short-range technology, you generally can't sit in an organization's parking lot and use it to tap into the network. Since a hacker needs to be almost sitting next to someone using Bluetooth, doesn't that diminish the risks?
Bluetooth becomes a high security risk where there are large groups of people using it for an extended period of time, like when you are taking the train to work, or sitting in an airport. Then, you can go war nibbling. What is 'war nibbling'?
'War nibbling' is taking lots of small bits of data, while in close proximity to the Bluetooth user. The software we developed to war nibble runs on Linux, on either a laptop or a PDA. The type of information that is exposed ranges from your address book on a cell phone to your hard drive on a laptop. The range of information is quite extreme.

Dig Deeper on Mobile networking

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.