Mailing List os2-wireless_users@2rosenthals.com Archived Message #1312

From: "Doug LaRue" <os2-wireless_users@2rosenthals.com> Full Headers
Undecoded message
Subject: Re: [OS2Wireless]Bluetooth security
Date: Mon, 11 Sep 2006 11:02:44 -0700
To: "OS/2 Wireless Users Mailing List" <os2-wireless_users@2rosenthals.com>

** Reply to message from "Lewis G Rosenthal" <os2-wireless_users@2rosenthals.com> on Sun, 10 Sep 2006 17:51:16 -0400

Believe nothing is secure, yes even wires are not secure, and you'll have to accept that
there is some acceptable level of security for each and every type of connection and
session of data transmission across that connection.

One more thing, this all reminds me of how people seem to now associate credit card fraud
with "identity theft". I don't know who started it but the press is must plain dumb about
incorrectly labeling things as "identity theft". And they did a nice job at labeling Bluetooth with
"insecurity". There were a few stories of how some techie was able to find and connect to
cell phones running Bluetooth and do things like make calls and download phone numbers.
There were all cases where the phone or phone user left the Bluetooth radio in Discoverable
Mode. It was like placing your laptop on you front door landing inside your house and leaving
your front door wide open and blaming your door lock manufacturer when the laptop is stolen.

Lewis has it right and if you don't believe that, Google is your friend( ie search for more info ).

Doug


> To branch from another thread, and to follow my statement concerning the
> relative privacy or Bluetooth technology:
>
>     Configured correctly, BT is quite "private" (though not encrypted).
>     Devices must be "paired" to each other, and it is up to the user to
>     tell a device to make its presence known to other devices.
>
> There are numerous hits on the net concering the insecurity of BT, many
> of which date back to 2003 and earlier. As I mentioned in my previous
> post, there have indeed been advances in BT technology, and it is, after
> all, for PANs, not LANs.
>
> For the latest information concerning BT security (all three available
> modes), one should visit
> http://www.bluetooth.com/Bluetooth/Learn/Security/ . To quote some of
> the content on that page:
>
>     Lately, confusion and misinformation surrounding security and
>     /Bluetooth/ wireless technology has increased. The current security
>     issues typically involve mobile phones. How these issues apply to
>     other classes of devices is important and is often not
>     addressed. The encryption algorithm in the /Bluetooth/
>     specifications is secure. This includes devices such as mice and
>     keyboards connecting to a PC, a mobile phone synchronizing with a
>     PC, and a PDA using a mobile phone as a modem to name just a few of
>     the many use cases.
>
>     Cases where data has been compromised on mobile phones are the
>     result of implementation issues on that platform. [...]
>
> So, in short, considering the entire paradigm of wireless connectivity,
> BT is probably about as tight as anything else we have today (and I mean
> "probably" in a very loose sense of the word).
>
> Cheers, everyone, and don't sweat the small stuff. Get a good phone, and
> your data will most likely be safe. Don't sync your devices in public
> places (sounds pretty disgusting, anyway, huh?), and you should be just
> fine.
>
> --
> Lewis
> ------------------------------------------------------------
> Lewis G Rosenthal, CNA, CLP, CLE
> Rosenthal & Rosenthal, LLC
> Accountants / Network Consultants
>   New York / Northern Virginia           www.2rosenthals.com
> eComStation Consultants                  www.ecomstation.com
> Novell Users Int'l       www.novell.com/openenterpriseserver
> Need a managed Wi-Fi hotspot?               www.hautspot.com
> ------------------------------------------------------------
>
>
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> This message is sent to you because you are subscribed to
>   the mailing list <os2-wireless_users@2rosenthals.com>.
> To unsubscribe, E-mail to: <os2-wireless_users-off@2rosenthals.com>
> To switch to the DIGEST mode, E-mail to <os2-wireless_users-digest@2rosenthals.com>
> To switch to the INDEX mode, E-mail to <os2-wireless_users-index@2rosenthals.com>
> Send administrative queries to  <os2-wireless_users-request@2rosenthals.com>
> To subscribe (new addresses), E-mail to: <os2-wireless_users-on@2rosenthals.com> and reply to the confirmation email.
>
> This list is hosted by Rosenthal & Rosenthal
> P.O. Box 281, Deer Park, NY 11729-0281. Non-
> electronic communications related to content
> contained in these messages should be directed
> to the above address. (CAN-SPAM Act of 2003)
>
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


Doug LaRue

"The idea that Bill Gates has appeared like a knight in shining armor to
 lead all customers out of a mire of technological chaos neatly ignores
 the fact that it was he, who by peddling second-rate technology, led them
 into it in the first place."
- Douglas Adams, author of "The Hitchhiker's Guide to the Galaxy".
-                full text: http://www.catscratch.net/douglasadams_on_win95.html
-                more quotes: http://www.phnet.fi/public/mamaa1/adams.htm

"Excuse me: Can you tell me the IP address of this cable?"
 - Actual question from a MCSE!

Subscribe: Feed, Digest, Index.
Unsubscribe
Mail to ListMaster