John Hering and his BlueSniper rifle, which he says can sniff out and hack Bluetooth-enabled wireless devices more than a mile away.
If you've used your cell phone today — or any other wireless device that uses Bluetooth technology — someone could be watching you.
John Hering, a student at the University of Southern California, has developed the BlueSniper rifle, a tool that looks like a big gun which can "attack" a wireless device from more than a mile away — several times the 328-foot maximum range of Bluetooth.
· Do not accept files transmitted via Bluetooth wireless technology or any other technology from unknown or suspicious entities.
· Put your device into a non-discoverable state (most devices have this option) so that you are invisible to other Bluetooth devices.
· Smart phone and PDA users should install anti-virus software, and keep it updated.
· Check for security patches from your phone's manufacturer and use these fixes to minimize your phone's vulnerability.
· When you buy your mobile device, read the manual to discover how to turn Bluetooth on and off, how to adjust security settings, and how to "pair" with other devices.
· Typically, when using two Bluetooth enabled personal devices, you establish a secure connection between them. Such "pairing" allows you full access on one device to the shared services on the other. Do not pair with unknown devices. That will give the unknown device access to all your services.
· You may be required to enter a PIN code in the pairing process. Choose long PIN codes and pair the devices in a private setting. If you are asked in a message to enter a PIN code, but are not sure what device sent the message, don't enter the code. It could be a disguised pairing request sent from an unknown, malicious device.
· If one of your Bluetooth-enabled devices is lost or stolen, unpair that device from all the devices to which it was previously paired.
Source: Bluetooth Special Interest Group
Hering, cofounder of a wireless security think tank called Flexilis, says he uses the "rifle" only to determine security vulnerabilities, not to actually hack wireless devices to obtain personal information.
"Whenever we're working on these tests, we never access anyone's data," he tells Michele Norris. "We're simply assessing the vulnerabilities and what's possible."
Hering says his goal is to boost awareness of the vulnerabilities in Bluetooth. But in laboratory testing, Hering says, his company has been able to access SMS messages, passwords, phonebook contacts and camera phone photos from Bluetooth-enabled phones.
According to IMS Research, by the end of 2005, the market of installed Bluetooth products will total about 500 million, double the number at the beginning of 2004. In addition to cell phones, Bluetooth-enabled devices include PDAs, computers, printers and cameras.
The industry's Bluetooth Special Interest Group says it takes security "very seriously." In a statement, the group says that "so far no security holes have been discovered in the Bluetooth specification itself. Vulnerabilities that have come to light either exploit the Bluetooth link as a conduit, much like the Internet to the PC, or are a result of the implementation of Bluetooth technology within the device — as such, we constantly work with our members to assist in implementing Bluetooth technology more effectively." Security flaws that are revealed "are typically solved by new software builds and upgrades," it says.