login about faq

To prove you're not a spammer, email newuser.lgqa@gmail.com with the subject "Account Request" to request an account.


How secure is Bluetooth for either voice (Headsets) or data (Mice & Keyboards) Also how secure is RF (Mice & Keyboards)?

asked Dec 10 '12 at 03:11

jon20c's gravatar image

jon20c
16691122

closed Jun 30 '13 at 17:16

KevinLockergnome's gravatar image

KevinLockergnome ♦♦
10.6k1617

The question has been closed for the following reason "The question is answered, right answer was accepted" by KevinLockergnome Jun 30 '13 at 17:16


I do not agree with the answers provided thus far, there is more to security than just encryption.

all encryption solves is eavesdropping and (depending on the scheme of encryption used) man in the middle attacks.

these documents outlines the other concerns: http://hassam.hubpages.com/hub/Types-Of-Bluetooth-Hacks-And-Its-Security-Issues

http://www.sans.org/reading_room/whitepapers/wireless/bluetooth-inherent-security-issues_945

http://www.pentest.co.uk/documents/wbf_slides.pdf

answered Dec 16 '12 at 14:28

trueb's gravatar image

trueb
16.1k54105269

1

man in the middle is always a risk and they are simple to do, especially on wifi, simple tools such as karma and many others turn man in the middle on even enterprise level WPA 2 security can be compromised with literally 3-5 clicks. As long as you are somewhere between the victim and the access point, there are many tools which can automatically deauth or simply do a false authentication and flood it with noise to simply make the connection too unstable and forcing the client to reconnect, then at that moment the man in the middle will simply have a spoofed network available that will accept any client regardless of authentication, so from the clients point of view they are connected to their network when really they are connected to the attackers network.

Bluetooth has the same risk but it is harder to do with bluetooth since it requires more specialized equipment

for example http://ubertooth.sourceforge.net/hardware/one/

For wifii, any wifi card that can go into monitor mode and do packet injection can allow you to attack another wifi network (most wifi radios allow that while most bluetooth radios do not)

(Dec 16 '12 at 16:23) Razor512 Razor512's gravatar image

Awesome, Thanks

(Dec 16 '12 at 22:58) jon20c jon20c's gravatar image

"Man in the middle is always a risk and they are simple to do" - public key cryptography and hybrid cryptography will solve man in the middle attacks, they can be used for encryption and authentication. the power behind this is that you there is a secret part of the puzzle that is never exchanged.

(Jun 30 '13 at 10:14) trueb trueb's gravatar image

bluetooth can be encrypted but it is not a default. Kinda like how you can have open wifi and WPA2 encrypted wifi, you can have secure and unsecure bluetooth.

PS never buy a insanely cheap bluetooth keyboard as they will not be encrypted thus anyone with a good sniffing device (eg the ubertooth), they can keylog you.

Many bluetooth mice are not encrypted since info that is captures is useless without visual context (at which point whats the point of sniffing the traffic from the mouse.

I have a cheap bluetooth keyboard from ebay, (I use it sometimes to type up comments and stuff while in bed, on my tablet, it has no encryption so if anyone was using a sniffer, they would see everything I was typing (It doesn't bother me because I am posting the content in a public area any with the goal of getting people to see it.

answered Dec 11 '12 at 13:18

Razor512's gravatar image

Razor512
16.5k3683259

Cool, thanks

(Dec 16 '12 at 08:17) jon20c jon20c's gravatar image

I think Bluetooth is encrypted in some way. A passphrase is sometimes needed to pair devices together. But, I'm not completely sure on how secure it is.

answered Dec 10 '12 at 04:19

jan's gravatar image

jan
162

edited Dec 10 '12 at 04:20

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported


Tags:

×151
×63
×51
×13
×13
×9
×7
×3
×1

Asked: Dec 10 '12 at 03:11

Seen: 3,715 times

Last updated: Jun 30 '13 at 17:16