16-06-2014, 02:24 PM
luejacking
luejacking.pptx (Size: 188.56 KB / Downloads: 21)
INTRODUCTION
Sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers via the OBEX protocol.
Bluetooth has a very limited range, usually around 10 metres on mobile phones, but laptops can reach up to 100 metres with powerful transmitters.
Allows phone users to send business cards anonymously using Bluetooth wireless technology.
Does not involve the removal or alteration of any data from the device.
ORIGIN
Bluejack phenomenon started after a Malaysian IT consultant named “Ajack” posted a comment on a mobile phone forum.
Ajack told IT Web that he used his Ericsson cellphone in a bank to send a message to someone with a Nokia 7650.
Becoming bored while standing in a bank queue, Ajack did a Bluetooth discovery to see if there was another Bluetooth device around.
Discovering a Nokia 7650 in the vicinity, he created a new contact and filled in the first name with ‘Buy Ericsson!' and sent a business card to the Nokia phone
BLUEJACKING TECHNOLOGY
Bluetooth technology
vCard
OBEX protocol
BLUETOOTH TECHNOLOGY
Short range wireless LAN
Connects numerous devices of different functions like telephones, notebooks, computers, digital cameras etc. , in Personal Area Network (PAN).
Three areas - Data and Voice access points, Cable replacement, and Ad hoc networking.
Supports point - to - point as well as multi-point.
Low power
Low cost single chip radio – feasible
ARCHITECTURE
Piconet
The devices find each other and form a network called “ piconet ” spontaneously.
A piconet is a basic unit with up to 8 nodes, one of which is a master and up to seven active slave nodes within a maximum distance of 10 meters.
All communication between master and slaves.
Piconet is a centralized TDM system.
Master controls clock and decides the time slot for the device.
In a piconet , there can be up to 255 parked nodes.
Master switches to low power state and parked node wait for beacon from master.
vCARD
vCard is a file format standard for electronic business card.
vCards are often attached to e-mail messages, but can be exchanged in other ways, such as on the World Wide Web or instant messaging
OBEX PROTOCOL
OBEX means OBject EXchange.
Is a communications protocol that facilitates the exchange of binary objects between devices.
HOW TO BLUEJACK
Mobile
Personal computers
Software tools
Bluespam
Searches for all discoverable Bluetooth devices and sends a file to them (spam's them) if they support OBEX.
By default a small text will be send.
USAGE OF BLUEJACKING[/b]
Busy shopping centre
Starbucks
Train Station
High Street
On a train/ tube/ bus
Cinema
Café/ restaurant/ pub
Mobile phone shop
Electronics shop (e.g. Dixons)
CODE OF ETHICS
Do not hack any device
Don't send abusive messages
Don't threaten anyone
Don't put your personal information in a BlueJack message.
Don't reveal yourself to the 'victim'
Do disable Bluetooth if you don't want to be BlueJacked.
BLUESNARFING
Is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs.
Even if your device is hidden bluesnarfing can also be done.
SECURITY ISSUES
Security Mode 1: In this mode, the device does not implement any security procedures, and allows any other device to initiate connections with it
Security Mode 2: In mode 2, security is enforced after the link is established, allowing higher level applications to run more flexible security policies.
Security Mode 3: In mode 3, security controls such as authentication and encryption are implemented at the Baseband level before the connection is established. In this mode, Bluetooth allows different security levels to be defined for devices and services.
ADVANTAGES
Usually, a bluejacker will only send a text message, but with modern phones it’s possible to send images or sounds as well.
We can easily transfer data from mobile to laptop.
We can transfer data from mobile to mobile in a short period.
We can enjoy music by wireless headphones through Bluejacking.
DISADVANTAGES
Bluejacking is also confused with Bluesnarfing which is the way in which mobile phones are illegally hacked via Bluetooth.
Virus attacks.
CONCLUSION
Because of its low cost and power consumption this technology has a great future ahead.
We can easily transfer the data on the spot in fraction of seconds without using cardreaders etc.