Last year, Tyler and I got our knickers in twists over Bluejacking.

While it has become somehwt common in other countries, as Americans we likened Bluejacked messages right up there with sales calles during dinner and root canals.

And yet, it’s coming.

Bluejacking is become more and more standard in the world, and the US can only hold out so long against this sea of  messages. It’s like covering your eyes and swearing Simon Cowell doesn’t exist. He DOES. And he’s only getting more airtime.

Now the city of Stirling, one of my favorite Scottish cities, has Bluejack-enabled their train station.

Visitors to the station will be given information about the city via Bluetooth posters which activate a text message to phones.

The messages will feature information on events in the city as well as shopping offers.

The town thinks this is a grand way to “keep in touch” with its residents and let them know about sales in local shops and construction of a nearby mall.

Because THAT’S a good reason to be paying $.25 a text?

Or maybe the lads and lasses there have an inclusive plan!

Tags:airtime, bluejacking, city of stirling, scottish cities, station visitors, text message train station

Share This

Q. If people can broadcast TO my Bluetooth headset, does that mean they can listen in?

A. Ever since Tyler first posted about his dislike of ‘Bluecasting’ (also known as Bluejacking) , it’s got a lot of people asking me - if it’s so easy to push unwanted information TO a Bluetooth headset, does that mean people can PULL information through my Bluetooth device, too?

The simple answer is yes.

Since almost the very moment Bluetooth was released, hackers have been building ways to crack it.

The first Bluetooth breaches were through an early security hole. Nicknamed “Bluebugging: “, hackers took advantage of this backdoor to eavesdrop as well as access and even overwrite a phone’s address book and text message files. As with any Bluetooth security breach, the hacker had to be within 30 feet of your phone.

Starting in 2005, most new Bluetooth-enabled phones were cured of this, although hackers are always writing new code and new programs to breach security.

As that hole was being plugged, hackers discovered that Bluetooth phones in ‘Discoverable’ mode could be accessed . This is called “Bluesnarfing“.

Unauthorized users ‘pair up’ to your Bluetooth and once linked, can steal the whole of your phone book, that’s your whole contact list, your calendar, your stored pictures, even your ring tones.

There is also something called a ‘DoS’ attack. A Denial-of-Service is a malicious hacker who broadcasts a code that makes your device unavailable to you until it reboots (turned off and then turned on again). There’s usually no breach of your information in a DoS attack, or harm to your headset or phone. It’s just idiocy for idiocy’s sake.

Should these security concerns keep you from buying and using say… a new MoGo headset?No. The good news is that there are things you can do to keep your calls and information safer.

1) Turn off discoverable mode.

Most phones are “visible” (or set to ‘Discoverable mode’) by default when Bluetooth is switched on. The safest mode is ‘Non-discoverable’:

1. Non-discoverable mode: Does not respond to inquiry - highest safety for your phone. .
2. Limited discoverable mode (or ‘Hidden’): Discoverable only for a limited period of time, during temporary conditions or for a specific event - this provides medium safety.
3. General discoverable mode: Discoverable continuously or for no specific condition - no safety from Bluejacking or Bluesnarfing.

2) Use a strong PIN code for you headset.
Not only should you choose a strong PIN, you should also be careful not to use it in public where it can caught by someone watching. If your headset and phone become unpaired, go somewhere private to link them back up .... not standing in the middle of the mall.

3) Never, ever let an unknown device pair to your phone. Periodically watch the Bluetooth symbol on your phone. If it looks different, or you see an unexpected message appear on your device asking to pair up, well, to quote Nancy Reagan - just say NO.

Unsure what the Bluetooth symbol is supposed to look like? Apple has a great article showing all the Bluetooth icons and their meanings here.

4) Keep Moving. PC Today said it well: “Unless your attacker has invested vast amounts of time and money in a long-range Bluetooth transmitter/receiver, chances are great that they will be operating within standard Bluetooth range (within 10 meters [33 feet]). If you notice something wacky happening with your smartphone or PDA and don’t know what else to do, simply get up and move away.

“If you are on a bus, train, airplane, or other confined area, simply power off your device and wait to see who reacts. If you catch them, make sure to give them a dirty look. ”

————————————————————————————————

On Fridays, MoGo Mobility’s Elizabeth will seek to answer your MoGo (and non-MoGo) technical questions.

Elizabeth is a professional writer & geek with most of the last decade spent in senior management at a leading global IT provider. Thousands have attended her seminars in the US & Canada on subjects ranging from basic TCP/IP networking to high-end data storage solutions.

Got a question? Ask Elizabeth.

Tags:answer is yes, bluejacking, bluesnarfing, bluetooth device, bluetooth enabled phones, bluetooth headset, bluetooth security, breach security, cell phone, contact, dos attack, eavesdrop, even overwrite, hackers, headset, idiocy, malicious hacker, mogo, security, security breach, security hole, simple answer unauthorized users

Share This