Sunday, February 15, 2009

Bluetooth Hacking and Its Prevention

Pin It What is Bluetooth Hacking?
Bluetooth hacking is a technique used to get information from another Bluetooth enabled device without any permissions from the host. This event takes place due to security flaws in the Bluetooth technology. It is also known as Bluesnarfing. Bluesnarfing is different from Bluejacking, Bluejacking is harmless as it does not expose your personal information. Bluetooth hacking is not limited to cell phones, but is also used to hack PDAs, Laptops and desktop computers. Bluetooth hacking is illegal and can lead to serious consequences.
Following are threats a person can face when his/her mobile phone gets bluesnarfed:
The hacker can steal, delete contacts
Hacker can extract personal files/pictures etc
Your cell phone can be used for making calls and using internet at your expense
The hacker my call or text your contacts to annoy them
You mobile phone can be reset to default factory settings hence deleting your personal settings
Hacker can even access your calendar, clock, International Mobile Equipment Identity (IMEI) number. IMEI number can be used to clone your cell phone so that your messages are also routed to another number. Cloning is also considered illegal.
How is it Done?
The most obvious way is the brute force technique. Normally the Bluetooth pins are 1-4 digits long, theoretically the can be as long as 126 digits. Suppose there is a 4 digit key then if we use brute force than the total number of combinations we need to try will be 10 x 10 x 10 x 10 = 10000. If you try these keys manually it may take you years! Using computer software the whole process can be automated and the whole process can be done in less than 0.1 second, even on a basic Pentium 4 processor without any cores.

Another technique in Bluetooth hacking is guessing the Media Access Control or MAC address of the host. MAC address is a 48-bit number and is unique among mobile devices. Being a 48 bit number, there are 280 trillion possible combinations if brute force technique is used. Even automation of this process on existing hardware can take a considerably long time.
There are lots of free utilities available online which can be used for Bluetooth hacking. Some of them are made for Unix platform while others can be used on Java or Symbian compatible cell phones.
How to Protect?
Normally people think that as the range for Bluetooth is limited to 10 meter so only a person near us can hack our device. This is a misconception. Bluetooth chips having a range of 100 meter are quite popular. So the hacker may not be near you. Here are a few tips that will protect your mobile phone from getting hacked:
The best way is to turn off Bluetooth, if you need to share data you can use internet or WiFi, both of them are quite common in cell phone world
If must use Bluetooth, then choose hard to guess passkey. Mostly people use abc, xyz, 123 all of them can be figured out easily. Don’t forget to turn off the Bluetooth when you are done.
Never accept an invitation from a device. There is no such thing as file sharing or free music among strangers in the cell phone world.
If possible, don’t keep your mobile phone in “visible” or “discoverable” mode
Important Notice
Bluetooth hacking and Bluesnarfing are illegal. This article is just to inform consumers about the risks posed by Bluetooth technology. Mobi Revolution team is not responsible for any illegal activities caused as a result of information contained in the article.

No comments:


Mobi Revolution | Telecommunication News | Latest Mobile Phones | Copyright © 2009 | Original Design By Deluxe Themes | Converted To Blogger By Technolizard