RE: Wireless device vulnerability?

["Toni Heinonen" <Toni.Heinonen () teleware fi>]

Evening.

> On Mon, 25 Mar 2002, Toni Heinonen wrote:
>
> >  In the US and Europe, Bluetooth uses frequencies 2.400 MHz 
> to 2.483,5
> > MHz, with 79 different bands to hop on, each 80 MHz wide or 
> sometimes
> > more. Seeing as you would not try to synchronize your 
> jammer with the
>
> I suspect you mean 2.4000 GHz to 2.4835 GHz.
>
> That's a total of 83.5 Mhz of bandwidth. I fail to see how 
> you can get 79
> *different* bands each 80 MHz wide in an 83.5 MHz space.

Ehh, sorry. One megahertz in between, and 79 bands, as said.
 
> > hop sequence, do you think it would really be capable of 
> jamming that
> > whole band? After all, even a square wave won't produce 
> that much of a
> > disturbance to the neighbouring bands. I mean, of course you could
>
> Blotting out a signal is always easier than detecting it. 
> Generating 83.5
> Mhz of noise at 2.4 GHz isn't hard at all.

Okay.

> > Of course, the whole idea is that the protective safeguards for a
> > system do not cost more than the protected assets. Seeing as how a
> > Bluetooth chip is supposed to cost 5$ (of course not yet, 
> but probably
> > so after mass production), would it really be possible to build a
> > jamming device of this magnitude for 10$ (the cost of a two-machine
> > Bluetooth network)?
>
> Would it really be possible to build a Bluetooth network for 
> $10? I'll bet
> teleware.fi will never bill $10 for building one.

I wonder what you mean. Are you talking about a network infrastructure? After all, isn't the idea of Bluetooth that you 
have two devices, such as a laptop and a mobile phone, that are interconnected with Bluetooth transceivers instead of, 
say, a serial cable?

And, being an ad-hoc wireless network, it doesn't require base infrastructure. Instead, if you join your Bluetooth 
devices to some fixed network, e.g. Ethernet, you will have some sort of a gateway device (a router, a laptop computer) 
that has both Ethernet connectivity and a Bluetooth transceiver. So in essence, you won't have to get new network 
elements into your existing Ethernet network.

How could I "sell a Bluetooth network"? Are you talking about the routers and other gateways that interjoin an ad-hoc 
Bluetooth network into a company's fixed network?

And, as I stated in my previous post, my company has no financial interest in WLAN installations or the like.
 
> While not a law of nature, it has been consistently demonstrated that
> wireless networks cost more than the vendor claimed and 
> aren't as reliable
> as the vendor claimed.

Yes, indeed so. But with Bluetooth, aren't we talking simply about the transceivers and perhaps firmware/software?

> Bluetooth is the 'latest and greatest' in a long line of 
> solutions that
> have consistently failed to live up to their claims.
>
> Here's a great example;
>
> Motorola sold a communications system to my state, making the 
> same claims
> you make for bluetooth. It carries Police, Fire, EMS and 
> government voice
> and data traffic. It is used for dispatching, Mobile Data 
> Terminals and
> control of MOSCAD devices such as traffic lights.

But that doesn't sound anything like Bluetooth. Bluetooth is meant for personal area networks, whereas the network you 
describe is a wide area mobile phone network with data capabilities.

> It was finished several years late, 200% over budget, and has never
> achieved more than 95% reliability.
>
> Worse, it would cost about $100 to disable this multi-million dollar
> system.
>
> It uses a small number of frequencies in the 800Mhz band for digital
> frequency hopping. The frequencies are fixed, and the PSN is 
> so weak you
> can break it in realtime.

Indeed. I assume the technology was proprietary? When it comes to Bluetooth, I think the cipher and underlying 
encryption infrastructure is sound (as sound as WLANs were before they were deployed :)

TONI HEINONEN, CISSP
   TELEWARE OY
   Telephone  +358 (9) 3434 9123  *  Fax  +358 (9) 3431 321
   Wireless  +358 40 836 1815
   Kauppakartanonkatu 7, 00930 Helsinki, Finland
   toni.heinonen () teleware fi  *  www.teleware.fi