Bluetooth security?

The Russian mafia will need to get within about 30 ft (10m for Class 2 Bluetooth), so if you can keep them out of your house you will probably be ok.

 

Also, If I Recall Correctly (IIRC), OS X will ask you before connecting to a Bluetooth device that it hasn't been paired with previously.

 

Your PIN is key to this process. It controls both pairing and encryption. If you are worried about security, use a longer PIN.

Tom

 

You're perfectly fine with bluetooth enabled, daniel. As others have said, it has a pretty limited range, which really reduces the risk of anything happening. Further, in order for two devices to really communicate over bluetooth, they have to be paired. Pairing involves inputting a PIN (usually 4 digits) that's displayed on one device (or comes with the devices manual) into the other device, while the devices are discoverable.

But just think about the point of most viruses. They're designed to spread and infect other computers as efficiently as possible, with the full knowledge that antivirus software will be updated within weeks (sometimes days) of the virus being released. When your talking globally, a virus can infect thousands of computers per minute using the internet and local networks. One person bringing an infected laptop in to work with them can spread the virus across thousands of computers at their company in minutes, without ever knowing.

Now, think about bluetooth. If you want to spread the virus that way... you might get lucky and be able to spread it through a few rooms in an apartment building. Certainly at work most people don't use or need bluetooth, so it wouldn't really spread there. It wouldn't spread through the suburbs due to the distance between houses.

So, writing a virus that spreads via bluetooth just isn't worthwhile. That's not to say it will never be done... but I'd be willing to bet there are at least 1000 network-based viruses created for every 1 bluetooth-based virus.

It's the same argument for using Mac's. While their security is inherently better than Windows, it's not perfect and people could write viruses for them. The incentive to do that just isn't there though. Windows-based viruses are easier to write and have more chances for infection (given the number of Windows-based computers in the world).

 

There is a PIN that is used to pair the devices. It controls both the pairing and the encryption of data packets. Some devices allow you to set the PIN, others just give it to you. If you can set it, use at least eight digits.

Since you aren't worried about packet sniffing, the strength of encryption is not important to you. Mostly you need to keep an unwanted device from pairing with your system. The standard setup will keep that from happening. If you want to take it to another level, you can turn off discovery, which keeps your device from broadcasting its existence.

Tom

 

Even in the very unlikely event that someone gets in range of your bluetooth, with discovery turned off, it's almost impossible for anyone to tap into it.

 

I was assigned a passcode with my Prius when I tried syncing my BT phone with it. That's the only time I've incountered a BT device needing a pin. When I sync the phone with my laptop (with BT), it automatically connects. Either way, I think it's pretty minimal that the Russian mafia or any lookie loo neighbors will be able to hack anything. The only time you might have real sensitive information is if you're keying in a credit card...with that, I'm sure on my own wireless router using my own encryption. If I'm ever in a hotel or public wifi spot, I might check e-mail, but I never give out my credit card.