Blackberry ENTERPRISE SOLUTION DEVICES TE, Обзор

Страница: 9 / 27

Risks of using Bluetooth technology on wireless devices
3
The wireless industry considers that Bluetooth® enabled devices have the following potential areas of vulnerability:
• Users with malicious intent can obtain confidential data from Bluetooth enabled devices without the knowledge or
consent of the authorized users.
• A previously trusted (or paired) source that has been removed from the Trusted list can access the memory contents of
some Bluetooth enabled devices.
• Users with malicious intent can gain access to higher-level commands and to voice, data, and messaging channels.
Security threats to Bluetooth wireless technology can be user based or device based.
Type of threat Description Examples
user based User-based threats occur when users change settings or
perform (or fail to perform) actions that leave their devices
vulnerable or open to attacks. bluejacking
device based Device-based threats are the result of incorrect implementation
of Bluetooth wireless technology on devices, which leave the
devices vulnerable or open to attacks. bluesnarfing and
bluebugging
Any Bluetooth enabled device is at risk for attack when all of the following conditions are present:
• The Bluetooth wireless transceiver is turned on.
• The device is set to use discoverable (visible) mode.
• The device is physically located within range of a user with malicious intent.
Bluejacking
Bluejacking is a user-based threat that occurs when users with malicious intent send text messages anonymously to
Bluetooth® enabled devices that are set to use discoverable mode and are physically located within 10 m of the attacking
devices. Users with malicious intent can target individuals or they can broadcast anonymous messages to all discoverable
devices in the area. Bluetooth enabled phones, personal device assistants, and laptops can search for other devices within
a short range, so users with malicious intent who are located in crowded public areas can send anonymous messages easily
and without detection.
Bluesnarfing
Bluesnarfing is a device-based threat that occurs when device manufacturers implement the specification for Bluetooth®
technology incorrectly, allowing users with malicious intent to use Bluetooth technology to connect to devices without
notifying the authorized users, and access device information without the knowledge or consent of the authorized users.
Security Technical Overview Risks of using Bluetooth technology on wireless devices
7