<data:blog.pageName/> |<br /> <data:blog.title/>


Powered by WebRing.

Tuesday, December 26, 2006

The cell phones are under attack!

If any people think that their information on their personal cellphone is safe, take a look at this article I found in the Holland Sentinel. The technique described is referred to as blue jacking. But from what I read in the piece, the actual technique is called blue snarfing. Here is the wikipedia definition for blue: Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e. for bluedating or bluechat) to another bluetooth enabled device via the OBEX protocol.acking;

According to that definition, blue jacking is normally considered a harmless prank. Blue snarfing is the complete opposite of harmless. Although both exploit the use of bluetooth connections in cell phone, the use of bluetooth software enables a cracker to steal information from any bluetooth enabled cell phone. This information includes contact lists, emails, and text messages. There have been cases of bluesnarfing being used to clone cell phone numbers.

For comparison, here is the article from the Holland Sentinel.

, December 26, 2006
Keeping information safe
High-tech devices make work easier for owners, data thieves

Networking, handheld computers or personal digital assistants and smart cell phones can all make information more easy to access for their users through wireless networks.

They also makes information easier for data thieves to access, said Hope College computer science department chairman Mike Jipping .

"If you're going to put data on a handheld device, the best thing to do is to also invest in some sort of encryption service," he said. "I would never put my personal information on a handheld device unless I could encrypt it."

Getting people to change their minds about technology is difficult, said Jipping, who has been at Hope for 20 years and specializes in handheld computers. Too many people trust too much in the safety of their personal information, he said.

U.S. Rep. Pete Hoekstra is one man who doesn't have the liberty to trust that his information is safe. As a congressmen, Hoekstra is connected -- a Blackberry for mobile e-mailing that doubles as a cell phone; a second cell phone to make sure where ever he is, he has service and a third cell phone to make campaign calls.

As the chairman of the House Permanent Select Committee on Intelligence, he has a secure landline phone at his Holland home.

"I get nothing classified on my Blackberry," he said. "There's a treasure trove of information on there in terms of all of the phone numbers and e-mails of all the people I talk to pretty regularly."

Hoekstra is also "very, very careful" about what information he does send on his Blackberry.
But all that cautiousness hasn't protected Hoekstra's Blackberry from good ol' fashioned spam.
"Is it time to change e-mail," he asked. "Then I'd have to get the new address to people."
"I use my cell phone and my Blackberry recognizing that these are not secure communication devises," he said. "The amazing thing is the longer you have it the more you depend on it. . . . Basically I'm connected 24-7."

Wireless Internet hotspots and Bluetooth technology allow many to be connected 24-7.
But open hotspots (those that don't require a password to use) and bluejacking can leave wireless users vulnerable.

"You can watch data as it whizzes by," Jipping said. "It's very easy to do."
Bluejacking is as new as Bluetooth technology. Bluetooth-enabled phones, PDAs and laptops allow for wireless devices like earphones as well as access to services through a radio connection. Bluejacking is where a hacker scans the area to for devices with the radio frequency-based technology. If a particular PDA or cell phone user has changed the bluetooth settings to allow for access without first requesting permission, hackers could get at his or her private information. Bluejacking could come in the form of text messages or programs being installed on a PDA, phone or laptop.

Some companies allow employees to use these technologies for work, but most require that encryption software be used to protect the information.

But it's not all bad if users are careful about their personal information. Newer, faster, smaller, more connected technology can make life infinitely more convenient.

Henri Paterson, an associate broker with Coldwell Banker Woodland Schmidt, uses her handheld computer to e-mail, send text message, check voicemail, and look up property prices on the Internet.

"We can be sitting in front of a house and they say 'Well, what about this house,'" Paterson said. "I pull it up within seconds and tell them the price."

Her Treo 700 can also open up the real estate lock boxes on properties for sale.
She doesn't keep the pass code to the hidden program on the device and feels secure that if anyone found it, they wouldn't know what to do with it.

"For what I use it for there really aren't any security issues because I don't keep any information on here that someone else could do something with that would be detrimental to me," she said.

This article is meant to show people that there is no 100% proof that any information they have stored electronic devices. The people who know how to use this technology are not always on the correct side of the law.


Post a Comment

Subscribe to Post Comments [Atom]

Links to this post:

Create a Link

<< Home