Blackberry ENTERPRISE SOLUTION DEVICES TE Visión general - Página 9

Navegue en línea o descargue pdf Visión general para Software Blackberry ENTERPRISE SOLUTION DEVICES TE. Blackberry ENTERPRISE SOLUTION DEVICES TE 27 páginas. Security technical overview

Imprimir página
Security Technical Overview

Risks of using Bluetooth technology on wireless devices

The wireless industry considers that Bluetooth® enabled devices have the following potential areas of vulnerability:
Users with malicious intent can obtain confidential data from Bluetooth enabled devices without the knowledge or
consent of the authorized users.
A previously trusted (or paired) source that has been removed from the Trusted list can access the memory contents of
some Bluetooth enabled devices.
Users with malicious intent can gain access to higher-level commands and to voice, data, and messaging channels.
Security threats to Bluetooth wireless technology can be user based or device based.
Type of threat
user based
device based
Any Bluetooth enabled device is at risk for attack when all of the following conditions are present:
The Bluetooth wireless transceiver is turned on.
The device is set to use discoverable (visible) mode.
The device is physically located within range of a user with malicious intent.

Bluejacking

Bluejacking is a user-based threat that occurs when users with malicious intent send text messages anonymously to
Bluetooth® enabled devices that are set to use discoverable mode and are physically located within 10 m of the attacking
devices. Users with malicious intent can target individuals or they can broadcast anonymous messages to all discoverable
devices in the area. Bluetooth enabled phones, personal device assistants, and laptops can search for other devices within
a short range, so users with malicious intent who are located in crowded public areas can send anonymous messages easily
and without detection.

Bluesnarfing

Bluesnarfing is a device-based threat that occurs when device manufacturers implement the specification for Bluetooth®
technology incorrectly, allowing users with malicious intent to use Bluetooth technology to connect to devices without
notifying the authorized users, and access device information without the knowledge or consent of the authorized users.
Description
User-based threats occur when users change settings or
perform (or fail to perform) actions that leave their devices
vulnerable or open to attacks.
Device-based threats are the result of incorrect implementation
of Bluetooth wireless technology on devices, which leave the
devices vulnerable or open to attacks.
Risks of using Bluetooth technology on wireless devices
Examples
bluejacking
bluesnarfing and
bluebugging
3
7