by Andy Spore
Bluetooth was an innovation that was sorely needed — the ability for devices within a close proximity to communicate wirelessly. Wireless headphones, tracking devices, fitness trackers, smartphones and even our cars have incorporated the Bluetooth protocol as a means of connecting people to each other and us to our technology.
But when it comes to wireless communication, we have to be careful about what we’re transmitting and who could receive it. Try this: The next time you’re in a crowded place — a restaurant, bar or concert venue — use your phone to see how many Bluetooth devices can be detected. Now check your settings to see if your phone is set to “discoverable.” If it is, you should set it to “undiscoverable” so hackers can’t sneak in.
Without proper protections, a skilled hacker can intercept these signals and discover more about you than you think you’re revealing. It is possible for someone to exploit a Bluetooth signal and access information on your device. An open Bluetooth signal can even allow your location to be tracked.
Potential risks of Bluetooth include:
- Bluebugging: Hackers are able to use Bluetooth-enabled phones belonging to someone else to place calls and send text messages without the owner being aware of it.
- Bluesnarfing: Hackers can access your mobile phone’s contacts, calendar and pictures without you knowing.
- Backdoor hacking: Devices that are no longer trusted can still gain access to your mobile phone through backdoor hacking. The hacker can also gain access to data through bluesnarfing or other services like Wireless Application Protocol (WAP).
- Worms and viruses: Some malware is built specifically to attack mobile phones.
So how do you know if your phone is secure? Let’s start with the basics:
There are four Bluetooth standards, creatively named levels 1, 2, 3 and 4. Any Bluetooth-enabled device will adhere to one of these standards. The lower the level, likely the less secure your device.
Level 1: Open conversation. Your devices are talking to each other without authentication, out in the open. Anyone can intercept your data. This is particularly bad with Bluetooth-enabled headphones and earbuds. You might not care if someone is listening to your music collection, but if you’re talking on the phone, you should lose whatever expectation of privacy you thought you had. Level 1 doesn’t afford you any.
Level 2: Pairing. Pairing Bluetooth devices is one of those activities complicated enough that it seems secure. You have to input codes and wait for acknowledgments. But at level 2, the devices pair before they authenticate. So there is a window where hackers can get into the mix.
Level 3: Authentication. In level 3, your Bluetooth devices authenticate before they pair, closing the level 2 window before a hacker can exploit it.
Level 4: Better Authentication. Level 4 is similar to level 3, but uses a stronger authentication protocol, leading to a more secure Bluetooth connection.
If your device is still on level 1 or 2, you should consider either replacing the device with a newer model or updating the firmware to increase security. You can purchase a firmware patch, typically available for download from the manufacturer’s website, which includes code that will update the security of your system.
What else can you do to increase the security of your Bluetooth-enabled devices?
First of all, if you don’t use it – or when you’re not using it – make sure it’s turned off. You can always turn it on if you need to connect a device. When you have enabled the Bluetooth functionality, keep your devices as close together as possible.
For extra measure, maintain physical control of devices at all times. Remove lost or stolen devices from paired device lists. I also suggest that you use device firewalls and keep device anti-virus software up to date.
Wireless headsets and ear buds are particularly vulnerable to exploitation, so it is advisable to choose models with signal encryption.
Some devices, such as fitness trackers, hearing aids or your car, might require a constant Bluetooth signal to function properly. If you need to keep it on, find out if there is a “discoverable” option and turn that off. Take what steps you can to keep other devices, and people, from knowing you have a Bluetooth-enabled device.
Cars are a major source of Bluetooth-enabled technology, and with their ability to connect to smartphones and tablets, they transmit and receive a lot of data. If your vehicle’s operating system isn’t secure enough, hackers could exploit that to access information, such as your location and driving information. Now even kitchen appliances are incorporating Bluetooth to allow you to control them wirelessly. And home security systems aren’t far behind. Think about that.
Bluetooth is a great technology, but like all of them, you have to be smart about how you use it.