Friday, April 23, 2004
Holes appear in Bluetooth security
It seems we are right to be worried about the amount of personal information we store and share using personal devices - this week I have read about 2 security problems with the popular Bluetooth system that lets devices such as mobile phones, PDAs, headsets etc talk to each other using short-wave radio.
Adam Laurie has software that can pluck your contacts, appointments, and other files associated with these items, straight from your Bluetooth enabled phone, without you even being aware of it (see BBC NEWS | Technology | Taking a peek inside your mobile)
And this week's NewScientist (story in print only so far) reports on findings that Bluetooth headsets are vulnerable to snooping by hacking the PIN code used to establish a secure connection with the phone. (Security problems with Bluetooth devices have been reported before, but it's back in the news recently following the UK making it illegal to use mobile phones whilst driving, unless you have a proper handsfree headset, hence increased attention [and marketing] for Bluetooth devices)
There will always be problems with data security, and the more devices we have, carrying more and more personal information about, with the devices all talking to each other, the more we are at risk of people gaining unauthorised access to this data. Is it illegal to grab someone's calendar items from their phone and them use them to send them text message adverts related to their appointments?
It seems we are right to be worried about the amount of personal information we store and share using personal devices - this week I have read about 2 security problems with the popular Bluetooth system that lets devices such as mobile phones, PDAs, headsets etc talk to each other using short-wave radio.
Adam Laurie has software that can pluck your contacts, appointments, and other files associated with these items, straight from your Bluetooth enabled phone, without you even being aware of it (see BBC NEWS | Technology | Taking a peek inside your mobile)
And this week's NewScientist (story in print only so far) reports on findings that Bluetooth headsets are vulnerable to snooping by hacking the PIN code used to establish a secure connection with the phone. (Security problems with Bluetooth devices have been reported before, but it's back in the news recently following the UK making it illegal to use mobile phones whilst driving, unless you have a proper handsfree headset, hence increased attention [and marketing] for Bluetooth devices)
There will always be problems with data security, and the more devices we have, carrying more and more personal information about, with the devices all talking to each other, the more we are at risk of people gaining unauthorised access to this data. Is it illegal to grab someone's calendar items from their phone and them use them to send them text message adverts related to their appointments?
(c) 2003-2005 Russell Beale
Atom
RSS