RE: Wireless device vulnerability?

[J Edgar Hoover <zorch () totally righteous net>]

On Mon, 25 Mar 2002, Toni Heinonen wrote:

> I wonder what you mean. Are you talking about a network
> infrastructure? After all, isn't the idea of Bluetooth that you have
> two devices, such as a laptop and a mobile phone, that are
> interconnected with Bluetooth transceivers instead of, say, a serial
> cable?

In the context of a simple serial cable, range is the most important
variable.

It would be cheaper to deny connections with a range of more than a few
feet within a given perimeter than to deny connections of only a few
inches.

> But that doesn't sound anything like Bluetooth. Bluetooth is meant for
> personal area networks, whereas the network you describe is a wide
> area mobile phone network with data capabilities.

At $5 a pop for bluetooth chips, wouldn't it be tempting to put one on
each telephone pole? Or scatter them around a building?

As it is currently being used, to connect say a PDA to a phone, a person
with a $5 device in their pocket could probably prevent a person with a
$300 PDA in their hand from talking to the $200 phone in their pocket.

In the context of most of the off-list mail I've received, it is even
easier to tape a small cheap device under a co-worker's desk.

> Indeed. I assume the technology was proprietary? When it comes to
> Bluetooth, I think the cipher and underlying encryption infrastructure
> is sound (as sound as WLANs were before they were deployed :)

Bingo. :)