Bluetooth Wireless Keyboards

[Kevin white <kwhite () ci collierville tn us>]

Dear List,

Recently we have discovered that one of the employees in our
organization has purchased a bluetooth keyboard.  Their belief
is that if someone were to sniff their keystrokes they would have to be
within 30 feet.  To quote them...

###
your worried about the unlawful electronic misappropriation and
dissemination of personal information from a very low power use
Bluetooth device with a transmission range with about thirty feet?

Hold on I'm laughing.... Ok, I'm back
###

I am already going to work the policy side of things to get this device
removed given this is a HIPAA and public safety related division. None the
less I am curious, am I being overly paranoid?  I know that
bluetooth snarfing has been done at ranges over a mile and I've searched
all over google for more information on doing a proof of concept on this
myself.  Most of the information seems to deal with cell-phones.  Some
whitepapers or POCs on this would be great.  Heck, even some personal
experiences.  Based on what I saw at Black Hat I am a little less
paranoid since the vendor could be doing something to protect the
keystrokes and BT is somewhat of a strange protocol anyway. I guess I'll
never really know till I go out there with my own BT dongle and capture
some traffic myself, if possible. ;)

Thanks in Advance!

Kevin

Attachment: _bin
Description: