Watch out for Bluetooth sniffers

Personal area protocol advice - and we don't mean whether to shake hands or kiss

A new software tool could allow confidential information to be stolen from mobile communication devices over the air, according to science magazine New Scientist. The tool, Red Fang, was created by Ollie Whitehouse, a UK-based researcher with computer security firm @Stake to stress the dangers of running badly configured Bluetooth devices. People are often unaware that Bluetooth is enabled on their devices and the security features are often inactivated. The program allows an intruder to identify neighbouring Bluetooth-enabled devices. If the device is unprotected by default security settings, information can be easily stolen, said the report. Bluetooth is a wireless protocol that connects devices within a range of up to 15 meters and has become a feature on some mobile phones, PC keyboards, mice, and printers. The growing prevalence of people using Bluetooth-enabled devices equipment is likely to follow the trend of Wi-Fi war driving, in which people try to identify inadequately secured networks by driving around with a laptop. Bluetooth security will grow in importance within the next two years, according to Bruce Potter, a security expert with US think tank the Shmoo Group quoted in the New Scientist report. Potter improved on Whitehouse's program by making it more user-friendly and more efficient to scan for potential target addresses. With the growth of Wi-Fi setups outpacing that of Wi-Fi security, there is growing fear that security vulnerabilities will be introduced into wireless networks, especially in the corporate networks. Recently, Johanson and Paul Holman from Shmoo Group designed a robot that sniffs out network vulnerabilities. CNET News.com’s Declan McCullagh contributed to this report.