It Might Be Wireless, But Is It Secure?

A Short Guide to Bluetooth Security

Wireless devices help us move our lives along faster and more efficiently. Let’s face it, they allow us to do more work, and have more fun along the way. However, security shouldn’t take a backseat to convenience, so take a few moments to think about Bluetooth security and how you can keep the convenience without sacrificing your information security:

• Turn off ALL unused features. Turn off any features that you are not using. If you have a Bluetooth-equipped device and do not need a certain function, be sure it is turned off. This includes the “discoverable” feature on your device. This setting is only meant to be used when you securely “pair”, or introduce two Bluetooth devices together. Once the pairing is complete, the devices should remember each other, so the user can turn ‘discoverable’ off. Some device pairing PINs are hard-coded into the device and are well known to criminals. Attackers have written several programs to enable automatic pairing of discoverable devices, for example your phone headset, and listen in on conversations.

• Verify incoming connections. Do not accept attachments or applications received on your phone or device if you weren’t expecting them, no matter how legitimate they may seem. If your device asks to pair and you didn’t initiate the pairing, deny it and check your ‘discoverable’ setting (it should be OFF or ‘hidden’).

• Use long PINs. Ideally, use Bluetooth passwords with a large number of digits. A 10-digit PIN is likely to take weeks to crack while shorter ones take less than a moment. A four-digit PIN or password can be broken in less than a second, and a six-digit PIN in about 10 seconds.

Technology is here to stay, and continues to change. Take time to enjoy the convenience of technology, but with the added assurance that your information stays as private as possible.

Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>