Contemporary Bluetooth Threats
You May Be Bluer Than You Think
Whether you know it or not, Bluetooth is everywhere. A protocol intended to replace many types of data cables, Bluetooth is currently in wider deployment than WiFi; more than 2 million Bluetooth radios are integrated into devices each week. Bluetooth can be found in phones, cars, printers, laptops, and even some home automation equipment. Many people own Bluetooth-enabled devices and don’t even know it. Even with this huge user base, though, Bluetooth security is still a relatively unknown topic.
Over the last few years, the mass media has latched onto WiFi and its security problems. Most of the computing public knows that WEP, the protocol used to secure the early versions of WiFi, is weak and generally unfit for use in any situation requiring real security. Users are at least passingly familiar with safe WiFi computing practices, and more and more tools and programs work to secure systems on WiFi networks.
On the flip side, users may not even be aware that Bluetooth and WiFi are different technologies. Recently I gave a talk on Bluetooth security. At the end of the presentation, an audience member asked how to configure his WiFi card to do "this Bluetooth thing." Fortunately, most attackers are just as in the dark as such users; few tools are out there to make Bluetooth-based hacking as easy as WiFi hacking. That won’t be the case forever, though. To properly secure yourself and your systems, you need to understand how Bluetooth works and the current threats against your Bluetooth-enabled devices.