1 00:00:00,350 --> 00:00:02,560 Bluetooth attacks. 2 00:00:02,560 --> 00:00:05,500 In this lesson, I want to talk about wireless connectivity 3 00:00:05,500 --> 00:00:07,530 and some of the attacks that go against it. 4 00:00:07,530 --> 00:00:09,430 Specifically, we're not going to focus 5 00:00:09,430 --> 00:00:12,810 on the 3G, 4G, or LTE cell phone part of it. 6 00:00:12,810 --> 00:00:15,260 We're going to focus on Bluetooth. 7 00:00:15,260 --> 00:00:16,740 Now, when we talk about Bluetooth, 8 00:00:16,740 --> 00:00:19,618 there are two terms that you have to know for the exam. 9 00:00:19,618 --> 00:00:22,020 Bluejacking and bluesnarfing. 10 00:00:22,020 --> 00:00:24,640 Bluejacking is sending unsolicited messages 11 00:00:24,640 --> 00:00:26,910 to Bluetooth-enabled devices. 12 00:00:26,910 --> 00:00:29,670 This often happens by having somebody who will pair 13 00:00:29,670 --> 00:00:32,430 to your device and then send the data to you. 14 00:00:32,430 --> 00:00:35,060 So, if your car isn't paired up with your cell phone, 15 00:00:35,060 --> 00:00:37,090 somebody who's sitting next to you in the parking lot 16 00:00:37,090 --> 00:00:39,980 can pair to your car and send messages to you 17 00:00:39,980 --> 00:00:42,480 or if your phone is in discoverable mode, 18 00:00:42,480 --> 00:00:44,280 they can go and connect to your phone 19 00:00:44,280 --> 00:00:46,240 and send you messages that way. 20 00:00:46,240 --> 00:00:48,930 Now, when we talk about bluesnarfing, on the other hand, 21 00:00:48,930 --> 00:00:51,480 this is unauthorized access of information 22 00:00:51,480 --> 00:00:54,790 from a wireless device over a Bluetooth connection. 23 00:00:54,790 --> 00:00:56,710 Did you notice the key distinction here? 24 00:00:56,710 --> 00:00:58,170 When we talked about bluejacking, 25 00:00:58,170 --> 00:01:00,950 we're talking about sending information to a device 26 00:01:00,950 --> 00:01:02,790 but when we talk about bluesnarfing, 27 00:01:02,790 --> 00:01:05,270 we're taking information from a device. 28 00:01:05,270 --> 00:01:07,100 That's the main difference here. 29 00:01:07,100 --> 00:01:10,170 Now, one of the ways that you have to worry about this 30 00:01:10,170 --> 00:01:13,680 is you have to consider what the Bluetooth-pairing key is. 31 00:01:13,680 --> 00:01:18,610 Most devices come with a default of 0000 or 1234. 32 00:01:19,730 --> 00:01:22,960 If your devices are set up to use a default key, 33 00:01:22,960 --> 00:01:24,980 you are asking for an attack. 34 00:01:24,980 --> 00:01:27,350 You're going to become a victim of either bluesnarfing 35 00:01:27,350 --> 00:01:30,210 or bluejacking, so make sure you're not using 36 00:01:30,210 --> 00:01:31,970 the default pairing key. 37 00:01:31,970 --> 00:01:34,316 The other thing is if you're not using Bluetooth, 38 00:01:34,316 --> 00:01:37,180 you can go ahead and turn it off on your phone. 39 00:01:37,180 --> 00:01:39,150 A lot of us don't use Bluetooth. 40 00:01:39,150 --> 00:01:41,210 Instead, we use wired headphones, 41 00:01:41,210 --> 00:01:44,430 we use a USB cable that connects our phone to our car stereo, 42 00:01:44,430 --> 00:01:45,970 and if you're no using Bluetooth, 43 00:01:45,970 --> 00:01:47,720 it's better to turn it off. 44 00:01:47,720 --> 00:01:49,460 If you are using Bluetooth, 45 00:01:49,460 --> 00:01:52,200 at least turn it so it's not in discoverable mode. 46 00:01:52,200 --> 00:01:54,310 By turning off the discovery feature, 47 00:01:54,310 --> 00:01:56,000 it's not there sitting and waiting 48 00:01:56,000 --> 00:01:58,100 to accept connections from any devices 49 00:01:58,100 --> 00:01:59,250 that come in the area. 50 00:01:59,250 --> 00:02:01,080 Instead, it will only remain connected 51 00:02:01,080 --> 00:02:03,070 to the ones you've already paired. 52 00:02:03,070 --> 00:02:05,870 Taking these actions will help secure your mobile device 53 00:02:05,870 --> 00:02:10,000 and prevent bluejacking and bluesnarfing.