Pondering Possibilities

By Carol Ellison  |  Posted 2004-06-19 Print this article Print

When you contemplate the possibilities, the concept of Cabir gets pretty scary. The number of computer users who are already targets of virus infections pales in comparison to the number of mobile phone users out there. And the threat is compounded by the fact that its not the first proof-of-concept of Bluetooth vulnerabilities weve seen. There were bluesnarfing and bluebugging, in which it was shown that hackers could anonymously gain access to a Bluetooth device.
There is also bluejacking, which isnt hacking. Its the practice of sending anonymous messages to nearby Bluetooth devices, but some researchers suggest that it opens the door to abuse by enabling data exchange.
(A detailed description of these and other possible attacks can be found here.) And if you think these holes might affect only kids and gamers who exchange files, ask yourself whether the Java applets used to facilitate enterprise data exchanges can really remain immune. They are, after all, executables. According to Bruce Schneier, founder and chief technology officer of Counterpane Internet Security, in Mountain View, Calif., they wont always be safe. Schneier, the author of "Applied Cryptography," has been predicting this day for nearly three years now. In 2001, he took one look at Bluetooth and the over-the-air peer networks it enables and declared it "an eavesdroppers dream." He cautioned it should be treated as "a broadcast protocol, because thats what it is." After news of Cabir broke, I caught up with Schneier on his cell phone while he was awaiting takeoff to Albuquerque. What amazed him about news of the virus was that anyone was amazed. That malicious code could infect a cell phone network is no more surprising, he says, than having it show up in a computer network. "It takes specialized knowledge to exploit a cell phone, but youre going to see more of this because mobile phones and handheld devices are the new computers," Schneier predicts. "They have OSes. They download software. So, theyre going to be just as vulnerable." And he predicts that the back-end networks that communicate with them will become vulnerable as well, posing yet another threat that IT staff will have to be cognizant of. "What were seeing is a lot of convergence," Schneier said. "Were plugging our mobile devices into our networks. Although it is complicated as heck, it is not inconceivable that some kind of malicious software could get onto my network through my mobile phone." Editors Note: This story was updated with corrections regarding the nature of the virus. Check out eWEEK.coms Mobile & Wireless Center at http://wireless.eweek.com for the latest news, reviews and analysis.

Be sure to add our eWEEK.com mobile and wireless news feed to your RSS newsreader or My Yahoo page

Carol Ellison is editor of eWEEK.com's Mobile & Wireless Topic Center. She has authored whitepapers on wireless computing (two on network security–,Securing Wi-Fi Wireless Networks with Today's Technologies, Wi-Fi Protected Access: Strong, Standards-based Interoperable Security for Today's Wi-Fi Networks, and Wi-Fi Public Access: Enabling the future with public wireless networks.

Ms. Ellison served in senior and executive editorial positions for Ziff Davis Media and CMP Media. As an executive editor at Ziff Davis Media, she launched the networking track of The IT Insider Series, a newsletter/conference/Web site offering targeted to chief information officers and corporate directors of information technology. As senior editor at CMP Media's VARBusiness, she launched the Web site, VARBusiness University, an online professional resource center for value-added resellers of information technology.

Ms. Ellison has chaired numerous industry panels and has been quoted as a networking and educational technology expert in The New York Times, Newsday, The Los Angeles Times and The Wall Street Journal, National Public Radio's All Things Considered, CNN Headline News, WNBC and CNN/FN, as well as local and regional Comcast and Cablevision reports. Her articles have appeared in most major hi-tech publications and numerous newspapers and magazines, including The Washington Post and The Christian Science Monitor.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel