From Bluetooth to RedFang: the boom in Bluetooth wireless devices is a boon for those on the move. But attackers already have their eye on Bluetooth's weaknesses.Going wireless has so far meant trading in desk phones for cell phones and desktops for laptops. It hasn't meant going completely wireless any more than the paperless office Long predicted, the paperless office is still a myth. Although paper usage has been reduced in some organizations, it has increased in others. Today's PCs make it easy to churn out documents. As one technology eliminates paper, another comes along to increase usage. has completely eliminated paper; after all, a cell phone connects to a headset Headphones combined with a microphone. Used in call centers and by people in telephone-intensive jobs, headsets provide the equivalent functionality of a telephone handset with hands-free operation. Many people use headsets at the computer so they can converse and type comfortably. with a wire, and unless you've got an elaborate wireless print server configured in your home office, you probably connect your laptop to a printer with a cable. But the promise of going completely wireless is now closer than ever. The reason: an increasing number of devices can use a short-range wireless protocol called Bluetooth. Creative business applications for this emerging technology that go far beyond cell phones and home networks are hitting the market regularly. Companies are rolling out Bluetooth-enabled medical devices (such as a wrist-worn sensor that transmits pulse data to a monitor), consumer appliances (including microwave ovens, refrigerators, and washers and dryers), and office goods (for example, a whiteboard The electronic equivalent of chalk and blackboard, but between remote users. Whiteboard systems allow network participants to simultaneously view one or more users drawing on an on-screen blackboard or running an application. that transmits notes as they're written). Properly implemented, tools like these could be timesavers or even lifesavers. However, the growing number of Bluetooth devices also means that there's a lot of personal and financial information going through the air. Any business considering such applications must first understand what the technology is, how it works, and the nature of the risks and rewards. Origins. Bluetooth, whose name is taken from a tenth century Danish king, is a trade name that refers to a short-range wireless specification for a low-power radio chip created in the late 1990s. Devices that are Bluetooth-enabled--these include computers and laptops, mobile phones, printers, and PDAs--can communicate with each other over short distances in what's known as a personal-area network (PAN). An association of professionals called the Bluetooth Special Interest Group The Bluetooth Special Interest Group (SIG) is the body that oversees the development of Bluetooth standards and the licensing of the Bluetooth technologies and trademarks to manufacturers. (SIG), founded in 1998, owns the Bluetooth trademark and licenses the use of the trademark and standards. Member companies write the specifications, and the SIG publishes them and runs qualification programs in which manufacturers test their devices, explains Michael Foley This article is about the Australian rugby player. For the Irish footballer, see Michael Foley (footballer). This article is about the Australian rugby player. For the American guitarist, see Michael Foley (musician). , executive and technical director of the SIG. Any vendor that wants to use the Bluetooth technology in a product must be a member of the SIG. The more than 3,000 member companies of the Bluetooth SIG include well-known giants from the telecommunications, computing, automotive, industrial automation, and network sectors, such as Ericsson, IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) , and Intel, as well as many small tech companies. There are three classes of Bluetooth devices, says Foley. Each class has a different range. Class 1 devices have a range of about 100 meters; Class 2 extends to about 20 meters; and Class 3 reaches to about 10 meters. The specifications are changing continually. For example, one relatively new specification "describes how to stream stereo audio over a Bluetooth link," Foley says. This type of "profile specification" defines how different devices interoperate and allows for new types of products such as stereo headsets for portable CD or MP3 players A digital music player that supports the MP3 format, which was the audio format that started a revolution in online music downloads and distribution. All portable music players, the iPod being the most popular, support MP3 along with one or more other audio formats. . Applications. Whatever the range, Bluetooth is not designed to transfer large amounts of data quickly, so it's not competing with other types of wireless technologies. The chips don't need much power to work, meaning that they are a good fit for small devices such as phones. Cell phones that use Bluetooth have been available in Europe for some time. But the protocol is starting to gain acceptance in the United States United States, officially United States of America, republic (2005 est. pop. 295,734,000), 3,539,227 sq mi (9,166,598 sq km), North America. The United States is the world's third largest country in population and the fourth largest country in area. market as well, and market researchers In-Stat predict an explosion of Bluetooth chipsets from 69 million in 2003 to 720 million in 2008. New hands-free driving laws have provided an added impetus for the use of Bluetooth headsets in the United States. In addition, the protocol is increasingly being built into new laptops and PDAs, and vendors like Iogear are coming out with new products designed to take advantage of Bluetooth PANs. Joseph Zhang, Bluetooth product manager for Iogear, which makes wireless networking See wireless network. devices, says that Iogear has built a USB-dongle that fits into a computer's USB port A USB socket on a computer or peripheral device into which a USB cable is plugged. See USB. and instantly Bluetooth-enables that computer, and a Bluetooth print adapter that fits into a printer's port and allows a Bluetooth-enabled computer to communicate wirelessly. How it works. To create a PAN, users need to "pair" the authorized Bluetooth-enabled devices that will constitute the network, which typically takes only a few keystrokes. Steve Rhorer, director of marketing for electronics giant Toshiba, gives the example of a Bluetooth-enabled laptop that will be paired with a similarly enabled printer. "I just turn on the laptop, and it will show me all the Bluetooth-enabled devices that I have the ability to connect to and communicate with," he says. "Then I simply open the print driver, select the Bluetooth printer I'm printing to, and the document will be sent wirelessly to that printer." Zhang says that an authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. passkey is shared during the pairing process, which typically requires a user to enter a password. Many devices that don't have user interfaces (a headset, for example) have a static password A static password is a password that does not change, or is rarely altered. Static passwords are also called weak authentication. Example Your password to access your computer is by default a static password. that cannot be changed. Devices that have been paired remain paired, even if one is turned off or taken out of range; they don't need to be paired again each time they're used, and passwords don't need to be repeatedly entered. As many as eight devices can be connected in a PAN. Data sent within the PAN is encrypted en·crypt tr.v. en·crypt·ed, en·crypt·ing, en·crypts 1. To put into code or cipher. 2. Computer Science with 128-bit encryption The reversible transformation of data from the original (the plaintext) to a difficult-to-interpret format (the ciphertext) as a mechanism for protecting its confidentiality, integrity and sometimes its authenticity. Encryption uses an encryption algorithm and one or more encryption keys. . Devices can be left in discoverable mode, meaning that they can be seen by other Bluetooth devices. For example, in an office a Bluetooth printer might remain discoverable so that all employees in a shared area can send a print job wirelessly. They can also be left in nondiscoverable mode, meaning that they do not respond to queries from other devices and are invisible to the typical Bluetooth device. The discoverability function is often turned on by default to make it easier for users to set up PANs and for Bluetooth cell phones to be able to locate nearby Bluetooth users. Security risks. Bluetooth has some built-in security measures Noun 1. security measures - measures taken as a precaution against theft or espionage or sabotage etc.; "military security has been stepped up since the recent uprising" security (such as the encryption mentioned previously), but when technology advances, security risks are sure to follow. So it has been with Bluetooth. Some of the risks are the result of savvy engineers simply tweaking tweaking Vox populi Fine-tuning to produce optimal results the protocol to make it work more productively. In this category are projects to widen Bluetooth's range. The protocol's small footprint--particularly as compared with traditional wireless networks--has been considered a level of protection; after all, if devices are able to communicate only within a few feet of each other, it becomes much more difficult for an attacker to even locate a network. But not anymore. For example, U.K.-based IT consultancy Pentest Limited has released research showing an easy way to add a small but powerful antenna to a Bluetooth USB USB in full Universal Serial Bus Type of serial bus that allows peripheral devices (disks, modems, printers, digitizers, data gloves, etc.) to be easily connected to a computer. dongle The term was originally slang for a "hardware key." Today, the term is often used to refer to any small adapter that has a short cable with connectors at both ends. See hardware key and PC Card dongle. . Tests run by Pentest found that using these altered dongles increased the protocol's range to more than 240 meters. This could conceivably allow someone outside a building--say, sitting in a parking lot--to see a PAN inside, says Tim Hurman, a security consultant with Pentest. It also means that Bluetooth PANs are subject to the same threat of eavesdropping Secretly gaining unauthorized access to confidential communications. Examples include listening to radio transmissions or using laser interferometers to reconstitute conversations by reflecting laser beams off windows that are vibrating in synchrony to the sound in the room. as more traditional wireless networks. (More later on software tools such as RedFang and btscanner that can locate these networks.) A proof-of-concept high-power antenna called BlueSniper was unveiled in 2004 at the computer-security conference known as DefCon. The device looks alarmingly like a rifle with a high-power scope that has an antenna instead of a barrel. Its creators aimed it out a hotel window and were able to "see" a Nokia phone more than a mile away. Bluesnarfing. Adam Laurie, a network security expert who is chief security officer of The Bunker, a secure colocation facility in the U.K., discovered flaws in Bluetooth that allowed several types of attacks, including one he has dubbed dub 1 tr.v. dubbed, dub·bing, dubs 1. To tap lightly on the shoulder by way of conferring knighthood. 2. To honor with a new title or description. 3. "bluesnarfing" ("snarfing" is techie A technical person. See hacker and programmer. jargon meaning to taking unauthorized copies of information). Bluesnarfing, explains Laurie, "is basically the ability over the Bluetooth channel to make an unauthorized connection to a phone and copy the contents of the phone book, calendar," and some technical details including the phone's IMEI IMEI International Mobile Equipment Identity IMEI International Mobile Equipment Identification number--a unique numerical identifier of cell phones that forgers need to clone a phone. Laurie alerted the Bluetooth SIG, but it wasn't until he posted the research on security newsgroups This is a list of newsgroups that are significant for their popularity or their position in Usenet history. As of October 2002, there are about 100,000 Usenet newsgroups, of which approximately a fifth are active. such as BugTraq, he says, that the SIG responded to him and provided technical contacts with whom he could discuss the problem. The problem with bluesnarfing goes far beyond loss of privacy, Laurie explains. He tells the story of demonstrating bluesnarfing to a friend who managed a chain of coffee shops. She moved around among her multiple shops, so in her cell phone she made electronic notes about the shops that she managed, including door PIN codes, alarm codes, and the safe combination. Laurie was able to easily extract all that information from her phone without her knowledge. He adds that it's not uncommon for cellphone (CELLular telePHONE) The first ubiquitous wireless telephone. Originally analog, all new cellular systems are digital, which has enabled the cellphone to turn into a smartphone that has access to the Internet. owners to use their phones as electronic repositories for data, all of which can be vulnerable to attack. Austrian IT-security researcher Martin Herfurt conducted bluesnarfing experiments at CeBIT 2004, a heavily attended computer exhibition held annually in Germany. Herfurt found that he could snarf 44 of 135 Nokia 6310i The Nokia 6310i is a mobile phone from Nokia. Features
Laurie himself carried out his own experiment to see how many vulnerable phones he could find. "I went into the houses of Parliament Houses of Parliament: see Westminster Palace. and found 46 Bluetooth-visible phones in the space of 15 minutes within the lobby of the House of Commons House of Commons: see Parliament. and the House of Lords House of Lords: see Parliament. ," he says. Each was vulnerable to bluesnarfing. "On the London Underground The London Underground is an underground railway system - also known as a rapid transit system - that serves a large part of Greater London, United Kingdom and some neighbouring areas. It is the world's oldest underground system, and is one of the longest in terms of route length. during rush hour, I found over 300 devices in the space of about an hour and half," he says, adding that in London he can find a new target every ten seconds or so. Bluebugging. Some Bluetooth attacks seem custom-made for spies, corporate and otherwise. The vulnerabilities Laurie discovered also make possible a type of attack he calls bluebugging. This is a more serious attack than bluesnarfing, which only provides access to restricted parts of a Bluetooth device. Bluebugging "gives you the ability to take full control of the [victim's] phone itself to a level where you can make calls, send SMS (1) (Storage Management System) Software used to routinely back up and archive files. See HSM. (2) (Systems Management Server) Systems management software from Microsoft that runs on Windows NT Server. [text] messages, read received SMS messages SMS message SMS n → (message m) SMS m , edit the phone book, delete entries, whatever you want," says Laurie, who is now working with Martin Herfurt to test the limits of this capability. Laurie explains the risk of bluebugging, again through an anecdote anecdote (ăn`ĭkdōt'), brief narrative of a particular incident. An anecdote differs from a short story in that it is unified in time and space, is uncomplicated, and deals with a single episode. in which his friend has played the victim. "I've actually done it as a test to a friend who was sitting in a pub chatting up two girls. He had his phone sitting on the table in front of him. I basically connected to his phone, had it dial my voicemail, and recorded the conversation and played it back to him later," Laurie says. All this was accomplished without his friend having any idea of what was happening. Laurie adds that he could have done the same for any other Bluetooth phone A cellphone that supports the Bluetooth wireless technology for hands-free operation and data transfer. See Bluetooth. in the pub. RedFang. Devices in nondiscoverable mode should be invisible, but according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. prominent Bluetooth researcher Ollie Ollie may refer to the following:
"RedFang was originally released as a proof-of-concept research tool back in 2003," Whitehouse says. He explains that Bluetooth devices have addresses, similar to the MAC (media access control) address that every computer has--an exclusive numerical identifier for a particular device. Half of the Bluetooth address identifies a particular vendor; the other half is specific to a particular device. So, Whitehouse says, RedFang tries to "brute-force the entire Bluetooth address space asking for a device's name," and if a legitimate name is found, even devices in nondiscoverable mode can be seen. Once the devices are discovered, they become exposed to threats such as bluesnarfing. Btscanner. Pentest has released a software tool called btscanner, which is designed to extract information from a Bluetooth device without having to pair with it, meaning that it operates noninvasively and, therefore, invisibly. Hurman notes that the current version of btscanner can only find information about discoverable devices (such as channel information and a list of services running); but if those devices are discovered using RedFang, for example, then btscanner can learn enough about them to provide a potential weak point to a determined attacker. Other risks to Bluetooth devices are still theoretical, but research continues apace. These include attacks on the pairing process and viruses. Purloined pairing. Research by Whitehouse notes that an attacker working with an antenna at long range (such as one built by Pentest) can potentially exploit Bluetooth devices by watching the pairing process, where two devices such as a PDA (Personal Digital Assistant) A handheld computer for managing contacts, appointments and tasks. It typically includes a name and address database, calendar, to-do list and note taker, which are the functions in a personal information manager (see PIM). and a computer are paired into a personal-area network. During this process, a user is prompted to enter a PIN to establish the relationship between the two. If an attacker can observe the bonding process, that can yield information that can help crack the PIN used for bonding as well as the keys used to encrypt See encryption. data, according to Whitehouse, thus giving them the ability to capture, decode (1) To convert coded data back into its original form. Contrast with encode. (2) Same as decrypt. See cryptography. (cryptography) decode - To apply decryption. , and expose any transferred information. Cracking the PIN is typically a simple matter, Whitehouse says. "In@stake's testing, if the user uses a six-digit PIN, then it will take an attacker approximately 12.5 seconds to recover this PIN and all associated information," he says. But how feasible would such an attack be? Adam Laurie posits that an attacker going for a specific target could arrange for it to happen. "For example, you send somebody a gift of a headset, and you know they're going to switch it on and pair with it," he says. He suggests it could be done anonymously by telling the recipient that he or she has won a prize. "If you're in the vicinity and you know that event is going to occur, you could arrange that you sniff all the traffic and so you will witness that pairing," he says. Then the attacker would be able to listen in on conversations as they passed between the phone and the headset. Again, this scenario is easy to imagine being carried out at a trade show by a rival eager to eavesdrop eaves·drop intr.v. eaves·dropped, eaves·drop·ping, eaves·drops To listen secretly to the private conversation of others. . Viruses in the air. Airborne viruses and worms aimed at wireless electronics are already in existence, though virus writers are so far targeting cell phones more than other types of Bluetooth devices that are still comparatively rare. But, says Hurman, there's little doubt that Bluetooth will ultimately be subject to the same types of attacks that other products are. Hurman has already found that some Bluetooth devices are subject to buffer overflow A common cause of malfunctioning software. If the amount of data written into a buffer exceeds the size of the buffer, the additional data will be written into adjacent areas, which could be buffers, constants, flags or variables. attacks in products made by WIDCOMM, which supplies Bluetooth software to a range of well-known hardware manufacturers from Alcatel to Sony. (Buffer overflow attacks target the same type of software vulnerabilities that plague conventional software and allow viruses and worms to spread.) Hurman also notes that with some development, hackers would be able to use a buffer overflow attack to run their own code on vulnerable devices. Pentest reports that this vulnerability was corrected in newer releases of the software, but it helps confirm that Bluetooth's threatscape is likely to be similar to that of the wired and longer-range wireless worlds. Joe Lawless Joe Lawless was an Irish soccer player during the 1980s and 1990s. Lawless was a forward who represented Bray Wanderers, St Patricks Athletic, Bohemian F.C. (2 spells), Derry City F.C. and Waterford United during his career in the League of Ireland. , director of global data networks at UPS, agrees that while the virus threat is still largely theoretical, it's "just a matter of time" until attackers learn to exploit the protocol "to inject viruses into our system." One primitive attempt at this type of virus--Cabir--has already been developed as a proof-of-concept worm (that is, one not found "in the wild" but strictly within research labs). With some user help, Cabir would propagate prop·a·gate v. 1. To cause an organism to multiply or breed. 2. To breed offspring. 3. To transmit characteristics from one generation to another. 4. itself wirelessly to the first Bluetooth phone it found itself near. Cabir is not considered a major threat, because users would have to allow two software installations before it would work. But it proves that "both cell phones and Bluetooth attack targets or vectors are valid," says Whitehouse. "If, for example, this method of propagation can be taken and combined with another vulnerability to get around the requirement for user interaction, then there could be some interesting impacts when combined with a malicious payload (1) Refers to the "actual data" in a packet or file minus all headers attached for transport and minus all descriptive meta-data. In a network packet, headers are appended to the payload for transport and then discarded at their destination. such as people having their SMS inbox being sent to a random telephone number." Pushing problems. Some attacks on Bluetooth are more annoyances than security concerns. However, it's important to remember that spam E-mail that is not requested. Also known as "unsolicited commercial e-mail" (UCE), "unsolicited bulk e-mail" (UBE), "gray mail" and just plain "junk mail," the term is both a noun (the e-mail message) and a verb (to send it). was at first considered an annoyance that only later began to work as a vector for spreading worms and viruses. Security researchers say that many of the annoying attacks directed against mobile phones can happen because of the way that some cell-phone companies implement the protocol known as object exchange (OBEX) that allows two Bluetooth-enabled devices to share information. These types of attacks work by pushing data onto a Bluetooth device rather than pulling data off a device (as with bluesnarfing). For example, German Bluetooth researcher Collin Mulliner released a software tool called BlueSpam that "searches for all discoverable Bluetooth devices and sends a file to them (spams them) if they support OBEX," according to a Mulliner's Web site. A practice called bluejacking similarly pushes text or pictures to other Bluetooth devices. It's not necessarily a malicious practice; rather, according to a description on the Bluetooth.org Web site, it's the perfect way for the painfully timid timid, adj in Chinese medicine, pertaining to inadequate energy needed to face and overcome obstacles. to contact a nearby stranger to "gauge his or her interest in meeting, to send a compliment, or to send a picture." Nor does bluejacking infiltrate infiltrate /in·fil·trate/ (in-fil´trat) 1. to penetrate the interstices of a tissue or substance. 2. the material or solution so deposited. in·fil·trate v. 1. a Bluetooth device and threaten to expose its contents. Rather, it simply takes advantage of one of Bluetooth's features. But it can also be a way to send a more hostile or threatening message anonymously to an unwitting victim. A forum on a Web site dedicated to bluejacking features stories from those who have bluejacked unsuspecting members of the public. One anecdote from the forum took place on a train, where a message was sent telling a man, who was sitting behind the bluejacker, to look under the seat. After a nervous moment trying to figure out where the message came from, the man began to feel around under the seat, to the amusement of the bluejacker. It's easy to imagine how a practical joke like this could cause panic or be used to make threatening statements with relative anonymity. Fred Hoit, who manages the wireless LAN A local area network that transmits over the air typically in the 2.4 GHz or 5 GHz unlicensed frequency band. It does not require line of sight between sender and receiver. Wireless base stations (access points) are wired to an Ethernet network and transmit a radio frequency over an area department at UPS, which recently installed a host of Bluetooth devices, says that UPS has tried to eliminate any potential threats from OBEX by not using the protocol at all. He adds that the company worked with its vendors to analyze and test the devices in use to ensure that they were not subject to these types of attacks. (For more on the UPS installation, see sidebar, page 80.) Sniffers. Sniffers are software programs that are used to discover the existence of wireless networks. Once located, devices on these networks are potentially vulnerable to the attacks mentioned. One proof-of-concept sniffer See network analyzer. sniffer - packet sniffer from Adam Laurie called bluestumbler can monitor and log all visible Bluetooth devices in a particular area and identify the devices' manufacturers. It can obtain, monitor, and log data such as signal strength, address, and manufacturer from Bluetooth devices. Its name and function derive from Netstumbler, a freeware Software that is distributed without charge and which may be redistributed without charge by its users. However, ownership is retained by the developer who may change future releases from freeware to a paid product (feeware). See shareware, free software and public domain software. program that identifies similar information about traditional wireless networks. A similar tool is bluesniff, designed by The Shmoo Group, a loose connection of security professionals who conduct IT security research in their free time. Bluesniff allows an attacker with a laptop and an antenna to sniff out Bluetooth networks and map them using GPS, to make it easier for the attacker to return to a Bluetooth PAN. The group hopes next to integrate bluesniff into more traditional wireless-network scanning tools such as AirSnort, which monitors wireless transmissions to collect enough information to enable it to crack encryption keys, also a product of this group. Disclosure. The Bluetooth SIG's Michael Foley maintains that Bluetooth's security model remains secure; he says that it is the various vendor implementations of the specifications that have had problems. "That's still a significant issue," he admits. "From an end-user's perspective, it's a fine line between the specification being bad or the implementation being bad. To them it's just that their device has a potential security risk." Foley says that the SIG has an expert group focused on security that works proactively to ensure that new specifications don't include any known vulnerabilities A bug in software that has been identified. It typically refers to bugs that have been used for malicious purposes. For example, bugs in Web server, Web browser and e-mail client software are widely exploited by attackers. . "We're confident that when we publish a specification, we've tried to look at it from every angle and plug any potential holes," he says. But he recognizes that it's likely to be a cat-and-mouse game between plugging holes and discovering new ones. Companies that make Bluetooth products have not been sitting idly by as the security threats mount. For example, phone makers like Nokia have been updating the software in their handsets to prevent bluesnarfing. Meanwhile, new applications are hitting the market regularly, including, Laurie says, one bank that hopes to issue Bluetooth keyfobs to customers that will allow account information to pop up on tellers' screens as the customer reaches the counter. Properly implemented, tools like this could be conveniences, but they could also lead to theft of information. Bluetooth is only just starting to get to the point where the work of security researchers is being taken seriously. "It's like going back five years to the early days of the Internet," Laurie says. "Someone goes to a software vendor saying we've found a flaw in your product, and their reaction is to deny everything, put their head in the sand," and hope the problem goes away. Laurie adds that progress is being made, with manufacturers open to the "full disclosure" model when researchers approach companies with vulnerabilities and then work together to fix the problem and not announce it until there's a fix. The biggest hurdle, he says, is convincing them that he's not the bad guy. The proliferation proliferation /pro·lif·er·a·tion/ (pro-lif?er-a´shun) the reproduction or multiplication of similar forms, especially of cells.prolif´erativeprolif´erous pro·lif·er·a·tion n. of tools to sniff out or attack Bluetooth devices high-lights the digital arms race between manufacturers and attackers. Any company considering rolling out Bluetooth devices should brush up on the risks to help avoid the blues. RELATED ARTICLE: Brown Goes Blue Each day, United Parcel Service United Parcel Service, Inc. (NYSE: UPS), commonly referred to as UPS, is the world's largest package delivery company, delivering more than 15 million packages[1] a day to 6.1 million customers in over 200 countries and territories around the world. , known universally as UPS or simply as Brown, delivers nearly 14 million packages--that's more than 3 billion per year--using a U.S. team of 317,000 employees and a fleet of 88,000 cars, vans, trucks, and motorcycles to get the job done. To provide a regularly updated tracking service, and to help solve the logistical problems inherent in keeping track of billions of packages, UPS needs to keep its technology current. So every few years, the Years, The the seven decades of Eleanor Pargiter’s life. [Br. Lit.: Benét, 1109] See : Time company goes through what it calls a "technology refresh (1) To continuously charge a device that cannot hold its content. CRTs must be refreshed, because the phosphors hold their glow for only a few milliseconds. Dynamic RAM chips require refreshing to maintain their charged bit patterns. See vertical scan frequency and redraw. " to ensure that its drivers, loaders, and other employees are using the most up-to-date technology available. In its most recent technology refresh, which began in 2004, UPS management decided to implement Bluetooth. As with any wireless product, keeping Bluetooth devices safe is a challenge; but because the threats are only just beginning to blossom, UPS--and any other company that decides to use Bluetooth--needs to be aware of the protocol's potential for exploitation. Dave Salzman, program manager with information services See Information Systems. at UPS, says that the company's use of Bluetooth is restricted to its loaders, whose job it is to move boxes in and out of trucks and around UPS facilities. He says that the old equipment used by loaders to track packages had some problems. Before the refresh, loaders wore small computer terminals that were attached to their arms; these terminals were connected by a wire to a small laser scanner strapped to a finger. Every time a loader A program routine that copies a program into memory for execution. picked up a package, the scanner read the bar code from the package's label and then sent the information wirelessly for entry into the company's database, Salzman explains. "It was very effective." Unfortunately, it was also prone to trouble. "The biggest problem was in the wire failing between the laser on your finger and the terminal on your arm," he says. The most common reason for the wire to fail was that it frequently became caught on boxes or belts and was disconnected from the terminal. Salzman knew it was time for a change. UPS management met with leading vendors to look for new ideas "New Ideas" is the debut single by Scottish New Wave/Indie Rock act The Dykeenies. It was first released as a Double A-side with "Will It Happen Tonight?" on July 17, 2006. The band also recorded a video for the track. . They decided to go with Bluetooth. The new system comprises a Bluetooth-enabled scanner worn by loaders like a ring, and a terminal that is worn on the waist. The two are not connected by any wires that could be snagged snag n. 1. A rough, sharp, or jagged protuberance, as: a. A tree or a part of a tree that protrudes above the surface in a body of water. Also called sawyer. See Regional Note at preacher. b. A snaggletooth. on boxes or clothing. Instead, when the ring scanner reads a bar code, that information is transmitted wirelessly using the Bluetooth protocol to the terminal. From there, it is transmitted via a more traditional wireless protocol known as 802.11b (the same technology used by wireless access points in homes and offices) to the wired-side infrastructure. That data is then inputted into the data-base so that tracking information can be updated at almost the moment a loader touches a package. Despite the lack of wires, the devices have to be strong to endure the harsh treatment they receive from loaders. Salzman says that in addition to being very lightweight, the ring and terminal are made of a very strong and durable magnesium alloy. "They can withstand tremendous pressure and not break," he says. Fred Hoit, who manages the wireless access network area of UPS, says that his company also considered security at every stage when rolling out the new Bluetooth scanners. His first line of defense is simply to take advantage of Bluetooth's short range as a way of keeping those outside the facility from even noticing that the devices are in use. Hoit also configured the scanners so that they are not discoverable, making them much more difficult for attackers to see. This, according to security consultant Tim Hurman, is a good start. "It's one of the best defenses you can do to a Bluetooth device," he says. "While these devices are hidden, they're a lot harder to find." Neither defense is impenetrable im·pen·e·tra·ble adj. 1. Impossible to penetrate or enter: an impenetrable fortress. 2. Impossible to understand; incomprehensible: impenetrable jargon. ; strong antennas and specialized software products can defeat both range and discoverability issues. But the way the company uses Bluetooth, it is not exposing highly proprietary information to theft, says Joe Lawless, director of global data networks at UPS. In a worst-case scenario worst-case scenario n → Schlimmstfallszenario nt , if a Bluetooth transmission were intercepted, he notes, there would be no sensitive information from a package sent between the scanner and receiver. No credit card numbers or passwords are transmitted, he says--only barcode information from the packages. So, an attacker would be left with nothing of value. But there are still possible security issues. According to network security expert Adam Laurie, who has found flaws in the Bluetooth protocol, it's possible that while the data being transferred is safe, the ring and scanner combination may provide a "gateway" to the corporate network. Much, he says, depends on how the hardware is set up and how access to the network is configured. Lawless LAWLESS. Without law; without lawful control. says that the company considered all the options before implementing Bluetooth. "We did a lot of examination of security issues" of Bluetooth and 802.11b and worked closely with vendors to build as much security into the system as possible, including some proprietary security measures designed to keep unauthorized users off the network. Nevertheless, the company isn't taking any chances; it hires a security firm to do periodic assessments "to make sure we truly are as impervious im·per·vi·ous adj. 1. Incapable of being penetrated: a material impervious to water. 2. Incapable of being affected: impervious to fear. as we think we are," Salzman says. Peter Piazza is an associate editor at Security Management. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion