Bluetooth SIG Shop | Bluetooth.org
Experience More
Product Zone
Get Technical
How It Works
Compare with Other Technologies
Security
Core Specification v2.1 + EDR
Overview of Operations
Architecture - Radio
Architecture - Baseband
Architecture - LMP
Architecture - HCI
Architecture - L2CAP
Profiles Overview
Core System Architecture
Data Transport Architecture
Communication Topology
Building with Bluetooth Technology
Business Case Studies
Glossary
Press & Analysts
About the Bluetooth SIG
Select Language  
search site search 

Device Protection

Protecting your Bluetooth Devices


While Bluetooth wireless technology is fundamentally secure, keeping Bluetooth enabled devices secure is a team effort. The Bluetooth SIG, manufacturers, and you, the user, each has a role in ensuring the security of your Bluetooth enabled devices. As a user of Bluetooth enabled devices, you should understand the basics of securely using a PDA, phone, etc. that can connect wirelessly to other consumer electronics.

Bluetooth wireless technology has, from its inception, put great emphasis on wireless security so that users of this global standard can feel secure while making their connections. The Bluetooth Special Interest Group (SIG), made up of over 8,000 member manufacturers, has a Bluetooth security experts group made up of engineers from its member companies, which provide critical security information and feedback that is taken into account as the Bluetooth wireless specification evolves.

General User Guidelines


Let's Swap
Do not accept files transmitted via Bluetooth wireless technology or any other technology from unknown or suspicious entities. Mobile devices are quickly gaining the processing power and connectivity similar to those of personal computers, so you should treat your mobile devices similar to how you treat your computer. Do not download or install unknown or suspicious software. If you cannot trust where a file or program came from, do not download or install it. If your device gives a security warning during installation of recently downloaded software, carefully consider if you want to continue installation.

Can You See Me Now?
Some Bluetooth enabled devices allow you to choose whether or not your device is visible to other devices. Do you have a phone vulnerable to bluesnarfing or bluebugging? Does bluejacking annoy you? Are you just generally concerned about whether your device can be seen? If so, you can put your device into a non-discoverable state (most devices have this option) so that you are invisible to other Bluetooth enabled devices. This will have no impact on device functionality of paired devices and you can continue to enjoy the benefits of Bluetooth wireless technology. However, in order to receive business contacts wirelessly via Bluetooth technology, you will need to place your phone in discoverable mode.

What's in a Name?
Often new devices are assigned self-identifying names that are visible when the device is in discoverable mode. You can easily change that name, making it as anonymous and cool as you wish.

Keep the Bugs Out
Smart phone and PDA users are recommended to install appropriate anti-virus software, much in the same way they would on their computers, and keep the anti-virus software updated. Many believe that mobile devices like smart phones and PDAs are the next frontier for viruses, worms and trojan horses. Security firms like F-Secure, McAfee and Symantec offer anti-virus software for smart phones and PDAs.

Keep Up to Date
Similar to the security updates for your computer's operating system that you download, you should lookout for security patches from your phone's manufacturer and take advantage of these fixes to minimize your phone's vulnerability. Manufacturers have released software updates for phones vulnerable to the bluesnarf and bluebug attacks. For information on how to obtain these fixes for your device contact the manufacturer of your phone.

Knowledge is Power
When you buy your mobile device, read the section in the manual on Bluetooth wireless technology — discover how to turn it on and off, how to adjust security settings, and how to pair with other devices. If you cannot find the manual or have questions not answered within the manual, you should try online or contact the manufacturer's customer and technical support teams.

Let's Get Together
Typically, when you have two Bluetooth enabled personal devices, you establish a secure connection between the two devices, this is referred to as 'pairing.' Pairing allows you full access on one device to the shared services on the other device. Do not pair with unknown devices - that will give the unknown device access to all your services. You may be required to enter in a PIN code in the pairing process. If you have the option, you should choose at minimum eight character alphanumeric PIN codes and pair the devices in a private setting. If you are asked in a message to enter in a PIN code, but are not sure what device sent the message — do not enter the PIN code, it could be a disguised pairing request sent from an unknown, malicious device. If your devices become unpaired while you are in public, wait until you are in a private, secure location before repairing your devices if possible.

Managing your Bluetooth Device Family
If one of your Bluetooth enabled devices is lost or stolen, you should unpair that device with all the devices to which it was previously paired. To do that, you will have to delete the lost device from the list of paired devices on your remaining Bluetooth enabled electronics, computers, and handhelds. If you fail to accomplish this, the lost or stolen device will still be able to access all the services of paired devices within range.

Experience More

with the Experience Icon Program
  
 
© 2008 Bluetooth SIG, Inc. All rights reserved. legal | privacy policy