How to Prevent Bluesnarfing
Bluesnarfing is a widely discussed, but uncommon, violation of wireless security to which Bluetooth users might be vulnerable. Bluesnarfers illegally pair with Bluetooth-enabled devices like cell phones and PDAs to access data-which can include everything from your address book to sensitive personal or corporate information. You can prevent bluesnarfing with a few simple, common-sense steps.
Update your devices. It's not Bluetooth itself that leaves you vulnerable to bluesnarfing, but certain quirks in older Bluetooth-enabled phones and PDAs. Early models often came with a default discoverable mode, because manufacturers thought most people wouldn't want to go through complex security procedures to share business cards and phone numbers wirelessly. These loopholes have been eliminated in most newer device models.
Hide. Make it a regular practice to switch your Bluetooth-enabled devices to nondiscoverable mode anytime you're not actively exchanging data with a trusted device, or when you're in an unknown hot-spot area.
Be wary of strangers. By no means pair with an unknown device or accept contact from an unknown source. One of the most common bluesnarfing techniques is to send you an unsolicited business card; when you accept, the bluesnarfer becomes a trusted device and can access your data.
Use passwords intelligently. Protect your data with PINs of five or more characters, which are harder to hack. And change your passwords often.
Frustrate the snarfers. Keep sensitive data off of Bluetooth-enabled devices in the first place. Even the best security measures can and will be breached. Because of the labor-intensive technology needed to hack into newer devices, bluesnarfers have begun concentrating their efforts on high-stake targets. If you're a bank president or a lottery winner, be warned.
Understand that in rare cases, your bluesnarfer can move you from theft victim to accomplice by taking over your device. This is more than simple bluejacking, the hijacking of your Bluetooth-enabled device by a hacker to make prank calls. In the worst-case scenario, the bluesnarfer becomes a silent, undetected trusted device with the ability to manipulate all your data and applications. Again, this is extremely rare, but if you suspect it, you'll have to restore the factory settings; that's the only way to remove all trusted devices, even hidden ones.
Tips & Warnings
- The simplest, lowest-tech forms of bluesnarfing require the thieves to use a laptop computer and be within a 30-foot range of the Bluetooth-enabled target device. Unless you're a high-profile target whose data would make sophisticated, long-range bluesnarking profitable, you can prevent it by staying more than 30 feet away from strangers with laptops.