Today, Bluetooth® technology is employed in a wide variety of devices from mobile phones to laptop computers to luxury vehicles. Bluetooth® is a short range wireless connection which allows you to wirelessly connect headsets, keyboards, mice, and even share files with other computers and mobile devices. Many people use mobile phones with Bluetooth® enabled headsets to talk hands free, wirelessly. However, you need to be aware that your Bluetooth® connection can be vulnerable to intruders if certain precautions are not taken.

Because a Bluetooth® connection is a short range (about 30 feet) wireless connection many people believe that they do not have to worry about security. This is a scary thought since most folks, particularly real estate professionals, keep countless contacts, photographs, their entire calendar and other sensitive data on their mobile phones and laptop computers.

Bluejacking, bluebugging, bluesnarfing, and Denial of Service (DoS) attacks are just a few ways that a Bluetooth® connection may be exploited.

Bluejacking
With a Bluetooth® connection you can easily exchange electronic business cards with other devices, which is an easy way to gather contact information from new acquaintances. However, when a person is engaged in bluejacking they will send anonymous or unsolicited business cards to devices with an active Bluetooth® connection. With bluejacking, the data on the device is not altered, but it can be annoying to receive these anonymous messages. Setting your device to "non-discoverable" mode will, for the most part, prevent bluejacking. This is easy to do on most phones. Just go to the Bluetooth® menu on your phone and change the setting to "non-discoverable." Your Bluetooth® devices will still work, however you will have to make your device "discoverable" if you need to pair (connect) a new Bluetooth® device.

Bluebugging and Bluesnarfing
Bluebugging and bluesnarfing are names given to techniques used to hack into early-model Motorola, Nokia, Ericsson, Siemens, and Sony Ericsson Bluetooth® enabled mobile phones in order to make phone calls, access the phonebook, and even send text messages. Bluebugging and bluesnarfing have been largely eliminated with firmware updates for affected phones. If you have an older model mobile phone that uses Bluetooth® contact your service provider to see if you should update your phone.

DoS Attacks
Denial of Service (DoS) attacks can also be performed on Bluetooth® enabled devices. DoS attacks are performed by sending Bluetooth® enabled devices so many requests to pair (how two Bluetooth® devices become connected) or transfer files that these devices become inoperable, or the battery just wears down.

Now, do you still think that you do not have to worry about securing your Bluetooth® enabled device? Keep these tips in mind to help protect yourself:

• If you don't use Bluetooth®, keep it disabled. This is a very simple way to help protect your privacy.
• Keep your device in "non-discoverable" mode. This will keep your device invisible from people casually scanning for Bluetooth® enabled devices, and stop bluejacking. However, people with more sophisticated scanning devices may still be able to detect your device.
• Don't pair your devices in a public place. Hackers can monitor the pairing process and attempt to regenerate the PIN code that is exchanged.
• Don't pair with unknown devices. If a device suddenly asks you to pair with it, and input a PIN code, and you don't recognize the device, don't acknowledge the pairing.
• Use a strong PIN code. Four character PIN codes are relatively easy to crack. Use a PIN code with 8 or more characters.
• Don't accept files from unknown sources. Files can be sent over a Bluetooth® connection. These files can contain viruses. Do not open files sent to you by someone that you do not know.

Bluetooth® wireless technology is fast becoming the standard to help free ourselves from cumbersome wired devices, making it easier to do business on the go. However, you must keep the above tips in mind to help protect yourself when using your Bluetooth® device.

Steve Wede is a Certified Information Privacy Professional and Privacy Guru at Privacy Solutions, Inc. a San Diego based consulting firm. The Privacy Gurus® work with you to create policies and procedures to establish the expectation of privacy for your members, clients, customers, prospects, affiliates, associates, employees and vendors. You can reach Steve at (619) 670-9462 or Steve@privacygurus.com.