SHRI RAM MURTI SMARAK WOMENS COLLEGE OF ENGG. & TECHNOLOGY: SHRI RAM MURTI SMARAK WOMENS COLLEGE OF ENGG. & TECHNOLOGY SEMINAR ON “BLUEJACKING” Presented By- KAVYA SINGH CS-1 CONTENTS: CONTENTS Introduction Origin Technology used Requirements How to BlueJack?? Softwares Usage Code of Ethics Security Issues Counter Measures Future Aspects Drawbacks INTRODUCTION: INTRODUCTION Bluejacking is sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers via the OBEX protocol. Bluejacking does not involve the removal or alteration of any data from the device. The recipient has no idea who has sent the bluejack, and the recipient has no information about the bluejacker, except for the name and model of the bluejacker’s mobile phone. Bluetooth has a very limited range, usually around 10 meters (32.8 ft) on mobile phones, but laptops can reach up to 100 meters (328 ft) with powerful transmitters. ORIGIN: ORIGIN This BlueJack phenomenon started after a Malaysian IT consultant named “ Ajack ” posted a comment on a mobile phone forum, Esato . Ajack told IT Web that he used his Sony Ericsson cell phone to send a message to someone with a Nokia 7650 . Jacking is, however, an extremely common shortening of hijack, the act of taking over something . TECHNOLOGY USED: TECHNOLOGY USED Bluetooth technology vCards OBEX protocol Bluetooth Technology: Bluetooth Technology Short range wireless network for communication. Connects numerous devices of different functions like telephones, notebooks, computers, digital cameras etc. , in Personal Area Network (PAN). Bluetooth devices connect and communicate via RF link through short-range piconets . Bluetooth devices have the ability to connect with up to seven devices per piconet. Supports point - to - point as well as multi-point. Low power Low cost Bluetooth is the ability to be full duplex and handle both data and voice transmission simultaneously. vCards: vCards vCard is a file format standard for electronic business cards . vCards are often attached to e-mail messages, but can be exchanged in other ways, such as on the World Wide Web or instant messaging . They can contain name and address information, phone numbers , e-mail addresses, URLs , logos , photographs , and audio clips. OBEX Protocol: OBEX Protocol OBEX (abbreviation of OBject EXchange , also termed IrOBEX ) is a communications protocol that facilitates the exchange of binary objects between devices. It is maintained by the Infrared Data Association but has also been adopted by the Bluetooth Special Interest Group and the SyncML wing of the Open Mobile Alliance (OMA). One of OBEX's earliest popular applications was in the Palm III personal digital assistant . This PDA and its many successors use OBEX to exchange business cards, data, even applications. Although OBEX was initially designed for infrared, it has now been adopted by Bluetooth , and is also used over USB and in devices such as Live scribe smartpens. REQUIREMENTS: REQUIREMENTS A Bluetooth enabled cell phone. A place with a lot of people having their Bluetooth device switched on. HOW TO BLUEJACK?? : HOW TO BLUEJACK?? Select an area with plenty of mobile users . Go to contacts in your Address Book . Create a new contact . Enter the message into the name part . Save the new contact . Choose "send via Bluetooth" . This searches for any Bluetooth device within range. Choose one phone and send the contact . You will get the message "card sent" and then listen for the SMS message tone of your victim's phone . Look out for the shock look in your victim . And enjoy…!! SOFTWARES: SOFTWARES Bluespam Meeting point Freejack Easyjacking Proximitymail USAGE : USAGE Busy shopping centre Starbucks Train Station High Street On a train/ bus Cinema Café/ restaurant/ pub Mobile phone shop Electronics shop (e.g. Dixons) CODE OF ETHICS: CODE OF ETHICS Do not hack any device. Don't send abusive messages. Don't threaten anyone. Don't put your personal information in a BlueJack message. Don't reveal yourself to the 'victim‘. RELATED CONCEPTS: RELATED CONCEPTS Bluesnarfing Bluecasting Bluebugging Bluesnarfing: Bluesnarfing Is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs. This allows access to a calendar, contact list, emails and text messages and on some phones users can steal pictures and private videos. Even if your device is hidden Bluesnarfing can also be done by guessing the device's MAC address via brute force. Bluecasting: Bluecasting Provision of any small digital media to suitable media provisioning enabled devices over Bluetooth via the OBEX protocol. A bluecast is generally provisioned by a Bluetooth Kiosk, a physical server provisioning the digital media over Bluetooth to interested devices. Bluebugging: Bluebugging Form of Bluetooth attack. Bluebugging was discovered by German researcher Herfurt . Allows the user to take control of a victim's phone to call the user's phone and can even send messages. This means that the Bluebug user can simply listen to any conversation his victim is having in real life. SECURITY ISSUES: SECURITY ISSUES Earlier issues Promotes an environment that puts consumer devices at greater risk. Complete memory contents of some mobile phones can be accessed by a previously trusted paired device. Phonebook, messages and calendar can be obtained without owners knowledge. PowerPoint Presentation: Present Scenario primarily occurs in public spaces Security issues previously involved with bluejacking has been resolved as- In order for information to be duplicated, the devices would have to be paired. Bluejacking does not require a password to be entered and therefore the two devices are not paired. one can easily switch the Bluetooth off to avoid getting BlueJacked. bluejacking doesn't hijack the phone or harvest information, but simply presents a message, which the recipient can delete, ignore or read. COUNTER MEASURES: COUNTER MEASURES Turn off your Bluetooth device until you need to communicate with another user. Set the Bluetooth device to hidden, invisible or non-discoverable mode .This prevents the sender from seeing your device. Ignore bluejacking messages by refusing or deleting them. Buy an E2X bag. It blocks all transmissions and receiving signals from leaving the bag. FUTURE ASPECTS: FUTURE ASPECTS Act as major sale tool. Because of its low cost and power consumption this technology has a great future ahead. DRAWBACKS: DRAWBACKS Bluejacking definitely does not work on Blueberry. Bluejacking won't work on iPhones or iPads. REFERENCES: REFERENCES www.bluejackq.com www.thebunker.net standards.ieee.org www.techonline.com www.seminarsonly.com THANKYOU…!!: THANKYOU …!! QUERIES??? : QUERIES???