News Archive
Events Calendar
Library
Activities
Advisors
About
Links
Contact Us
Search this site:
Country Links
Africa
Asia & Pacific
Europe
Latin America
Middle East
Global Policy Tools
Brought to you as a public service of the Open Spectrum Foundation (Stichting Open Spectrum), Amsterdam - Prague
NEWS
Bluetooth scanning goes mainstream
by Humphrey Cheung, for TomsNetworking, 31 October:
"In the last week, Network Chemistry and Airmagnet both released free Windows utilities that scan for Bluetooth devices. Several years ago, NetStumbler, a free 802.11 wireless scanning utility, ushered in the 'wardriving' era. With the release of these easy-to-use utilities, are we now on the verge of a 'BlueDriving' age? I interviewed Andrew Lockhart, BlueScanner's author and lead security analyst for Network Chemistry, to find out how he made the program and if we should worry about Bluetooth vulnerabilities.
"...In addition to writing BlueScanner, [Lockhart] has written a white paper on Bluetooth vulnerabilities and was the author of the O'Reilly book Network Security Hacks. He told us that BlueScanner wasn't that hard to write... and most of the Bluetooth scanning [is] handled by Microsoft's Bluetooth API and drivers. He told us that Bluetooth functionality is already there in Windows, adding, 'We just provide the interface to make it more friendly.'
"Bluetooth scanning is nothing new, as Linux scanners have been available for a few years. Earlier in the year, TomsNetworking brought you a two part series on how to build a 'BlueSniper' long-range Bluetooth gun. But this the first time that someone has written a Netstumbler-like program for finding Bluetooth devices with Windows-based systems.
"BlueScanner easily finds Bluetooth devices that have been placed in 'discoverable' mode and displays the device name, physical address, device type (such as cellphone or computer) and available services...
"In inital testing of BlueScanner, Lockhart found Bluetooth devices in places that he expected and some that he didn't, saying, 'I initially didn't expect to find many devices. Sure there were many in the airports, where you have a lot of business people, but I didn't expect them to be in restaurants...'
"I played with BlueScanner in the TG Publishing office and also in the press room of Blizzcon, Blizzard's recent gaming convention focusing on World of Warcraft. In our office, BlueScanner immediately found several devices including my Blackberry and another editor's T610 phone. Surprisingly, it also picked up a hands-free Bluetooth headset in a BMW car parked about 75 feet away. I didn't expect a Bluetooth signal to go that far and penetrate several walls. At Blizzcon, BlueScanner found six devices in thirty seconds.
"So why release such a program to the public? ...Lockhart isn't concerned about ill-intentioned people using BlueScanner, saying, 'We are only here to increase awareness and the nefarious people already knew about this stuff way way long ago.' He also told us that he wants people to realize just how many devices are in the environment.
"Lockhart also said that he has found many Bluetooth devices in conference rooms and around the office. He has even sent messages to people's phones telling them that their Bluetooth is on. Some people were shocked and Lockhart adds, 'They didn't know where this message was coming from. The phone beeps and they pull it out and see something on the screen.'
"What's next for Lockhart? He is pretty tight-lipped about future improvements of BlueScanner, but he has been playing around with a $17,000 Bluetooth sniffer that can pull raw Bluetooth data from the air. While the price tag may seem high, Lockhart told us that he has seen the sniffers sell for as low as $1600 on Ebay. With the sniffer, he has discovered that a popular brand of phone / PDA syncs via Bluetooth in clear text. Lockhart told us the model, but said, 'Please don't tell anyone because I want to call the company first.'
"So is it time to start worrying about Bluetooth? 'The normal person doesn't have to worry much, but it could be a concern for high-profile people,' says Lockhart. He explained that it might be possible to monitor a person by tracking their phone, but the average person is probably OK if they keep the phone in non-discoverable mode. Lockhart summed it up simply by saying, 'If you carry sensitive data, you may want to check if you have Bluetooth in discoverable mode and if you don't need Bluetooth, just turn it off. Just use common sense.' "
[Bluetooth: 31 October 2005]