Bluesnarfing

Bluesnarfing

Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs. This allows access to a calendar, contact list, emails and text messages, and on some phones users can steal pictures and private videos. Currently available programs must allow connection and to be 'paired' to another phone to steal content. There may be other programs that can break into the phones without any control, but if they exist they are not made publicly available by the developer. One instance of Bluesnarfing software that was demonstrated (but never made available for download) utilised weaknesses in the Bluetooth connection of some phones. This weakness has since been patched by the Bluetooth standard. There seems to be no available reports of phones being Bluesnarfed without pairing, since the patching of the Bluetooth standard.

Bluesnarfing is much more serious in relation to Bluejacking, but both exploit others' Bluetooth connections without their knowledge. Any device with its Bluetooth connection turned on and set to "discoverable" (able to be found by other Bluetooth devices in range) may be susceptible to Bluejacking, and possibly to Bluesnarfing when and if Bluesnarfing of the current Bluetooth security becomes possible. By turning off this feature, the potential victim can be safer from the possibility of being Bluesnarfed; although a device that is set to "hidden" may be Bluesnarfable by guessing the device's MAC address via brute force. However, this is difficult because Bluetooth uses a 48-bit unique MAC Address, so there are over 280 trillion possible addresses to guess (although the first 24 bits are common to a manufacturer [http://www.securityfocus.com/infocus/1830] which, so only 24 bits need be guessed). Because Bluesnarfing is an invasion of privacy, it is illegal in many countries.

It is important not to confuse Bluesnarfing with Bluejacking. While Bluejacking is essentially harmless and does not result in the exposure of any data in the victim's handset, Bluesnarfing is the stealing of information from the victim's Bluetooth device.

See also

*Bluebugging
*Pod slurping
*Snarfing

External links

* [http://trifinite.org/trifinite_stuff_blooover.html Blooover — A bluesnarfing proof-of-concept]
* [http://www.alighieri.org/project.html Bluesnarfer — A bluesnarfing tool for Linux]
* [http://www.bluesnarf.blogspot.com Bluesnarfing and more]


Wikimedia Foundation. 2010.

Игры ⚽ Нужно сделать НИР?

Look at other dictionaries:

  • Bluesnarfing — ist eine spezielle Form von Snarfing über eine Bluetooth Verbindung, oftmals von Mobiltelefonen unter Verwendung eines anderen Mobiltelefons, Computers, Laptops oder PDAs. Bluesnarfing erlaubt den Zugang auf den Kalender, das Adressbuch, E Mails… …   Deutsch Wikipedia

  • Bluesnarfing — Le bluesnarfing est le nom donné à une technique de piratage des informations contenues dans un appareil utilisant une connexion Bluetooth (tels qu un téléphone portable, un ordinateur portable ou un PDA). Cette technique ne laisse pas de traces …   Wikipédia en Français

  • bluesnarfing — noun The theft of information from a wireless device through a Bluetooth connexion, often between phones, desktops, laptops, or PDAs. Bluejacking and bluesnarfing are the two forms of new intrusion. Bluejacking is a technique of sending anonymous …   Wiktionary

  • Bluebugging — is a form of bluetooth attack.In progession of discovery date, bluetooth attack started with bluejacking, then bluesnarfing, and then bluebugging.Bluebugging was discovered by German researcher Herfurt. His Bluebug program allow the user to take… …   Wikipedia

  • Bluejacking — NOTOC Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e. for bluedating or… …   Wikipedia

  • Pod slurping — is the act of using a portable data storage device such as an iPod digital audio player to illicitly download large quantities of confidential data by directly plugging it into a computer where the data is held, and which may be on the inside of… …   Wikipedia

  • 802.15.1 — Das „Bluetooth“ Logo Logo auf einem Notebook (mit Status LED) …   Deutsch Wikipedia

  • Blue Tooth — Das „Bluetooth“ Logo Logo auf einem Notebook (mit Status LED) …   Deutsch Wikipedia

  • IEEE 802.15.1 — Das „Bluetooth“ Logo Logo auf einem Notebook (mit Status LED) …   Deutsch Wikipedia

  • IPod slurping — Podslurping (dt. etwa (i)Pod schlürfen) bezeichnet den Diebstahl von Daten mit Hilfe eines mobilen Massenspeichergeräts wie z.B. einem USB Stick, MP3 Player oder einem iPod. Hierbei installiert der Täter eine spezielle Software auf dem… …   Deutsch Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”