Bluetooth SIG's Reaction
The Wireless Security section of the Bluetooth Special Interest Group's (SIG) website describes several types of Bluetooth attacks, but says Bluetooth devices must be within 10 Meters of each other for the attacks to occur. Given our ability to discover Bluetooth devices over a half-mile away, we contacted the Bluetooth SIG for their reaction of the BlueSniper rifle. Mr. Anders Edlund sent us this statement:
|"The Bluetooth SIG takes security very seriously. Members of the association are comprised of market leaders in their respective fields and as such work on security within the entire industry. There is a SIG Security Expert Group in place to address new and existing vulnerabilities and so far no security holes have been discovered in the Bluetooth specification itself.
Vulnerabilities that have come to light either exploit the Bluetooth link as a conduit, much like the Internet to the PC, or are a result of the implementation of Bluetooth technology within the device - as such, we constantly work with our members to assist in implementing Bluetooth technology more effectively. As within the PC industry, the security flaws that are revealed are typically solved by new software builds and upgrades.
Attackers that stretch the typical range of Bluetooth radios and try to hack into users' devices have received a fair share of press, but they are still going about the attack in one of the ways mentioned above. Roadmap enhancements continue to address security concerns to maintain and improve on the security of Bluetooth technology but we encourage consumers to play an active role in the secure operation of their devices. We recommend users pair their Bluetooth devices in private, use the non-discoverable mode of their device when in crowded areas, never accept unknown contact, and download anti-virus software for mobile devices as it becomes available.
If they are concerned about that their device is vulnerable to security threats, check with manufacturers and possibly request a software upgrade to a version without vulnerabilities. Following this advice, they are in no more danger of exposure by a long range antenna than with a normal range hacking device. As a general rule, we also recommend that users not keep confidential information on mobile devices since the most common security threat is actually the many thousands of devices stolen or lost every day across the globe."