Unstrung News Feed
PR Newswire

Bluetooth Risks Security

LONDON -- @stake, Inc., the leading digital security consulting firm, today warned that the mass arrival of Class 1 Bluetooth devices, with a transmission range of up to 100 metres, might usher in a security crisis equivalent to that associated with the introduction of Wireless LANs based on the 802.11b (Wi-Fi) standard. Class 1 devices will appear on everything from laptops to mobile phones, meaning that rogue third parties may gain access to sensitive information and/or interfaces without the obstacles of hunting through corporate networks.

Ollie Whitehouse, Director of Security Architecture, @stake, said, “With this class of devices, wireless transmission of information leaves the office environment and travels anywhere an employee does. This means that third parties can access information without penetrating the physical security of an office or dealing with the problems of circumventing existing network security. The onus really is on vendors to ensure that all devices are optimised for security before they are put in the hands of customers.”

In a recent White Paper, @stake drew attention to the fact that devices released as non-discoverable still respond to direct name and services enquiry and were therefore open to detection and attack. Other common problems identified included: Windows 2000 hosts that were configured to connect to all Bluetooth devices; Windows registries that retained details of all devices to which it had connected; and mobile phones set by their manufacturers to retain pairing information details when SIM cards are swapped, meaning that a third party that has access to a phone for even a few minutes can place a bond upon it and use it as a platform for future attacks.

Whitehouse continued, “The very real risks of Bluetooth will only multiply as adoption increases and the drivers vary from their default configurations. Many vendors release Bluetooth products with a best effort approach to security that can only compromise the integrity of the information held on those devices. Vendors should understand these issues and risks and develop mechanisms for delivering security out of the box. While it’s not a time to panic, it’s certainly a time to act.”

@stake Inc.
Newest Comments First       Display in Chronological Order
Be the first to post a comment regarding this story.
UNSTRUNG MARKET PLACE
SIP Trunking Advantages & Applications
Learn how SIP works and the benefits of implementation. Free White Paper by XO®
Simplify & Save with XO® Enterprise SIP
Reduce telephony costs by extending & managing VoIP across multiple locations
Used and Refurbished Nortel Routers
Purchase Your Routers From Network Liquidators. Savings of Up to 90% with a Lifetime Warranty!
Used and Refurbished Cisco Switches
Purchase Your Switches From Network Liquidators. Savings of Up to 90% with a Lifetime Warranty!
TruePulse Buys&Sell Central Office Equip
Nortel, Cisco, Alcatel, Lucent, Tellabs, Calix, Occam & Anda: GigE, DWDM, SONET
The blogs and comments are the opinions only of the writers and do not reflect the views of Unstrung. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Related Content
Events
Cable Next-Gen Broadband Strategies: Docsis 3.0, Wireless, Fiber & Beyond
 Thursday, February 25, 2010
The Cable Center, Denver
Tower Technology Summit
 March 23- 25, 2010
Las Vegas Convention Center, Las Vegas
Ethernet Europe
 Monday & Tuesday, April 12 & 13, 2010
London Marriott Hotel Grosvenor Square, London
OSS Virtual Event
 Tuesday, April 20, 2010
Webinars
Most Popular
Read
White Papers SPONSORED CONTENT
Featured
Companies
Alltel (102), Apple (453), Aruba Networks (97), AT&T (formerly Cingular) (910), Cisco (875), Clearwire (328), Google (418), Intel (696), Juniper (148), Microsoft (509), Motorola (1299), Nokia (1882), NTT DoCoMo (483), Palm (294), Qualcomm (500), Research In Motion (RIM) (344), Sprint Nextel (966), Symbol Technologies (169), T-Mobile (533), Texas Instruments (206), Verizon Wireless (808), Vodafone (1243)

Fixed/Mobile Convergence
ATM (10), Backhaul (51), Circuit Switch (13), Copper (3), Core Network (412), DWDM (6), Email/Personal Information Management (403), Ethernet (36), Finance & Banking (85), Fixed Mobile Convergence (335), Frame Relay (1), General Packet Radio Service (GPRS) (613), Global System for Mobile Communications (GSM) (1540), Handheld Computers (379), IP Multimedia Subsystem (IMS) (28), IPv6 (15), Media Gateways (19), Message Gateways (SMS, MMS) (718), Microwave (69), Mobile Data Gateways (104), Mobile Devices (790), Mobile Management (98), Mobile VPNs (61), MPLS (8), Packet Switch (109), Sales Force Apps (43), Session Border Controllers (3), Shop-Floor Apps (23), Smartphones & Handsets (2047), Sonet (8), Vertical Apps (235), Webpads (93), WiMax (33), Wireless Web Gateways (WAP, i-mode) (105)

Handhelds
Email/Personal Information Management (403), Finance & Banking (85), Fixed Mobile Convergence (335), Global Positioning System (GPS) (121), Global System for Mobile Communications (GSM) (1540), Handheld Computers (379), iDEN (74), Message Gateways (SMS, MMS) (718), Microbrowsers (66), Mobile Data Gateways (104), Mobile Databases (30), Mobile Devices (790), Mobile Java(J2ME) (104), Mobile Management (98), Mobile Operating Systems (Pocket PC, Palm, EPOC, RIM) (318), Mobile VPNs (61), Sales Force Apps (43), Security (293), Shop-Floor Apps (23), Smartphones & Handsets (2047), Univeral Mobile Telecommunications Service (UMTS) (1283), Vertical Apps (235), Webpads (93), Wireless Web Gateways (WAP, i-mode) (105)

Mobile Applications
Bluetooth (246), Email/Personal Information Management (403), Finance & Banking (85), Global Positioning System (GPS) (121), Handheld Computers (379), Message Gateways (SMS, MMS) (718), Mobile Data Gateways (104), Mobile Databases (30), Mobile Devices (790), Mobile Java(J2ME) (104), Mobile Management (98), Mobile Operating Systems (Pocket PC, Palm, EPOC, RIM) (318), Mobile VPNs (61), Sales Force Apps (43), Security (293), Service Gateways(GGSN/PDSN) (163), Shop-Floor Apps (23), Smartphones & Handsets (2047), Vertical Apps (235), Webpads (93), Wireless Applications (940), Wireless Web Gateways (WAP, i-mode) (105)

Mobile Workforce
Bluetooth (246), Email/Personal Information Management (403), Finance & Banking (85), Fixed Mobile Convergence (335), Global Positioning System (GPS) (121), Handheld Computers (379), Message Gateways (SMS, MMS) (718), Microbrowsers (66), Middleware (54), Mobile .Net (15), Mobile Databases (30), Mobile Devices (790), Mobile Java(J2ME) (104), Mobile Management (98), Mobile Operating Systems (Pocket PC, Palm, EPOC, RIM) (318), Mobile VPNs (61), Sales Force Apps (43), Security (293), Shop-Floor Apps (23), Smartphones & Handsets (2047), Vertical Apps (235), Webpads (93), Wireless Web Gateways (WAP, i-mode) (105)

Mobile/Wireless System (OS's)
Email/Personal Information Management (403), Fixed Mobile Convergence (335), Handheld Computers (379), Mobile .Net (15), Mobile Devices (790), Mobile Java(J2ME) (104), Mobile Management (98), Mobile Operating Systems (Pocket PC, Palm, EPOC, RIM) (318), Smartphones & Handsets (2047), Webpads (93)

RFID
Bluetooth (246), Global Positioning System (GPS) (121), Mobile Management (98), Radio (RF) Chips (79), Shop-Floor Apps (23), Vertical Apps (235)

Telco Wireless
802.16 (587), Access Points (722), Base Station Controller (BSC) (243), Base Transceiver Station (BTS) (281), Code Division Multiple Access (CDMA) (780), Enhanced Data GSM Environment (EDGE) (405), iDEN (74), IEEE 802.11 (a,b,g) (1190), OSS/Billing/CRM (646), Service Gateways(GGSN/PDSN) (163), Ultrawideband (UWB) (140), WLAN Bridges (71), WLAN Switches (480)

WiMax/Broadband Wireless
802.11 Chipsets (282), 802.16 (587), 802.20 (66), Antennas (63), Enhanced Data GSM Environment (EDGE) (405), Fixed WiMax (212), General Packet Radio Service (GPRS) (613), HiperLAN (11), Home Base Stations/Femtocells (392), Mobile WiMax (805), WiMax (751), Wireless Broadband (722)

Wireless VOIP
Email/Personal Information Management (403), Fixed Mobile Convergence (335), Handheld Computers (379), Smartphones & Handsets (2047)

WLANs/WiFi/802.11
802.11 Chipsets (282), 802.11 Single Chips (SOC) (39), Access Points (722), Antennas (63), Base Station Controller (BSC) (243), Base Transceiver Station (BTS) (281), Baseband Controller (49), Comms Chips & Wireless Components (1297), HiperLAN (11), IEEE 802.11 (a,b,g) (1190), Multimedia Mobile Access Communication (MMAC) (17), Power Amplifiers (75), Public Access Hotspots (986), Radio (RF) Chips (79), Security (404), Smart Antennas (61), Wireless LAN (1217), WLAN Bridges (71), WLAN cards (119), WLAN Switches (480)