Bluejacking
Encyclopedia
Bluejacking is the sending of unsolicited messages over Bluetooth
Bluetooth
Bluetooth is a proprietary open wireless technology standard for exchanging data over short distances from fixed and mobile devices, creating personal area networks with high levels of security...

 to Bluetooth-enabled devices such as mobile phone
Mobile phone
A mobile phone is a device which can make and receive telephone calls over a radio link whilst moving around a wide geographic area. It does so by connecting to a cellular network provided by a mobile network operator...

s, PDAs
Personal digital assistant
A personal digital assistant , also known as a palmtop computer, or personal data assistant, is a mobile device that functions as a personal information manager. Current PDAs often have the ability to connect to the Internet...

 or laptop computers
Laptop
A laptop, also called a notebook, is a personal computer for mobile use. A laptop integrates most of the typical components of a desktop computer, including a display, a keyboard, a pointing device and speakers into a single unit...

, sending a vCard
VCard
vCard is a file format standard for electronic business cards. vCards are often attached to e-mail messages, but can be exchanged in other ways, such as on the World Wide Web or Instant Messaging...

 which typically contains a message in the name field (i.e., for bluedating
Bluedating
Wireless dating, Widating or Bluedating is a form of dating which makes use of mobile phone and Bluetooth technologies. Subscribers to the service enter details about themselves and about their ideal partner, as they would for other on-line dating services...

 or bluechat
Bluechat
Bluechat is a direct text chat between two or more users, where every participant uses a bluetooth device and names it...

) to another bluetooth enabled device via the OBEX
OBEX
OBEX is a communications protocol that facilitates the exchange of binary objects between devices. It is maintained by the Infrared Data Association but has also been adopted by the Bluetooth Special Interest Group and the SyncML wing of the Open Mobile Alliance...

 protocol.

Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters.

Origins

Bluejacking was reportedly first carried out by a Malaysian IT consultant who used his phone to advertise Sony Ericsson
Sony Ericsson
Sony Ericsson Mobile Communications AB is a joint venture established on October 1, 2001 by the Japanese consumer electronics company Sony Corporation and the Swedish telecommunications company Ericsson to manufacture mobile phones....

. He also invented the name, which purports to be an amalgam of Bluetooth
Bluetooth
Bluetooth is a proprietary open wireless technology standard for exchanging data over short distances from fixed and mobile devices, creating personal area networks with high levels of security...

 and ajack, his username on Esato, a Sony Ericsson fan online forum. Jacking is, however, an extremely common shortening of hijack, the act of taking over something.

Usage

Bluejacking is usually harmless, but because bluejacked people generally don't know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it's possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing
Guerrilla marketing
Guerrilla warfare is about waging small intermittent attacks on different territories of the opponent with the aim of harassing and demoralising the opponent and eventually securing permanent footholds....

 campaigns to promote advergames.

With the increase in the availability of Bluetooth enabled devices, it is often reported that devices have become vulnerable to virus attacks and even complete take over of devices through a trojan horse program although most of these reports are easily debunked.

Bluejacking is also confused with Bluesnarfing
Bluesnarfing
Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs. This allows access to a calendar, contact list, emails and text messages, and on some phones users can copy pictures and private videos...

 which is the way in which mobile phones are illegally hacked via Bluetooth.

Bluejacking tools and software

Many tools have been developed for bluejacking. Most of the development happened in the 2000 to 2004, where multiple new bluetooth vulnerabilities were discovered. Most of these tools are developed by individual developers and have very specific functions. While there are many tools to assist someone in bluejacking, only a few hidden tools are available for the more sinister bluesnarfing
Bluesnarfing
Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs. This allows access to a calendar, contact list, emails and text messages, and on some phones users can copy pictures and private videos...

 or bluebugging
Bluebugging
Bluebugging is a form of bluetooth attack often caused by a lack of awareness. It was developed after the onset of bluejacking and bluesnarfing. Similar to bluesnarfing, Bluebugging accesses and uses all phone features but is limited by the transmitting power of class 2 Bluetooth radios, normally...

. These are usually internal trade secrets which the experts guard earnestly.

One example is bluesniff, which seeks out hidden bluetooth devices. One of the most commonly used bluetooth software is bloover, which is in version 2 now. It allows users to seek then send unsolicited messages to unwary bluetooth devices.

Given the fact that most Bluetooth devices present a confirmation dialog when a remote device tries to connect, it is possible to achieve another form of Bluejacking by setting the unsolicited message as the friendly name of the Bluejacking device. For example a Bluetooth device can be renamed as "You're being watched!" and then when connecting to another Bluetooth device it will provide this name and so the user will see it.
The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK