Mobile working Toolkit

Software tool steals data via Bluetooth

Staff, CNETAsia CNETAsia

Published: 15 Aug 2003 10:35 BST

The software tool could allow confidential information to be stolen from mobile communication devices over the air, according to science magazine New Scientist.

The tool, Red Fang, was created by Ollie Whitehouse, a UK-based researcher with computer security firm @Stake, to stress the dangers of running badly configured Bluetooth devices. People are often unaware that Bluetooth is enabled on their devices, and the security features are often inactivated.

The program allows an intruder to identify neighbouring Bluetooth-enabled devices. If the device is unprotected by default security settings, information can be easily stolen, said the report.

Bluetooth is a wireless protocol that connects devices within a range of 15 metres, and has become a feature on some mobile phones, PC keyboards and mice, and printers.

The growing prevalence of people using Bluetooth-enabled devices equipment is likely to follow the trend of Wi-Fi wardriving, in which people try to identify inadequately secured networks by driving around with a laptop.

Bluetooth security will grow in importance within the next two years, according to Bruce Potter, a security expert with US think-tank the Shmoo Group quoted in the New Scientist report. Potter improved on Whitehouse's program by making it more user-friendly and more efficient to scan for potential target addresses.

With the growth of Wi-Fi setups outpacing that of Wi-Fi security, there is growing fear that security vulnerabilities will be introduced into wireless networks, especially in the corporate networks.

Recently, Johanson and Paul Holman from Shmoo Group designed a robot that sniffs out network vulnerabilities.

CNET News.com’s Declan McCullagh contributed to this report.