Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spammed by Bluetooth

Posted by CmdrTaco on from the begin-the-torture dept.

An Anonymous Reader writes "BBC News is reporting a new craze - using Bluetooth to send unsolicited messages. Apparently lots of phone owners are leaving Bluetooth switched on, meaning that anyone within range can send a short message. The phenomenon is known as "bluejacking". It's not clear at present that this is being done by anyone other than pranksters, but one can't help wondering, how long before commercial spammers catch on."

27 of 311 comments (clear)

  1. Yeah, I've done this. by Nugget · · Score: 5, Interesting

    Heh. I had a long layover in Amsterdam last month and had hours of gleeful fun sending "boe" notes over bluetooth to all the other bluetooth phones I could see while drinking Heineken at the KLM Crown Lounge.

    I've used this feature also to send quick notes to cow-orkers at the office when they were on the phone or we were busy in a meeting. It's handy and saves the absurd ten cent charge applied to an outbound SMS.

    It's only a matter of time before it's rendered useless due to spam, I'm sure.

    1. Re:Yeah, I've done this. by GMontag · · Score: 3, Funny

      I've used this feature also to send quick notes to cow-orkers at the office

      Easily identified by their Gateway workstations.

      --
      Eve Fairbanks says I drive a hybrid!LOL
    2. Re:Yeah, I've done this. by ePhil_One · · Score: 4, Insightful

      Yeah, I'm not sure this sort of thing is likely to be abused. Maybe a local store will pop a message to my phone with some sort of lure to get me in, but unlike most Spam that would be relevant and hopefully interesting. The range thing means I'd be within throwing distance of the "Spammer" to, so unwelcome offensive spam is likely to incur the potential for physical retaliation.

      --
      You are in a maze of twisted little posts, all alike.
    3. Re:Yeah, I've done this. by aug24 · · Score: 3, Funny
      It's only a matter of time before it's rendered useless due to spam, I'm sure.

      Do you really think spammers are going to install bluetooth devices every ten yards to acheive that...?

      Justin.

      --
      You're only jealous cos the little penguins are talking to me.
  2. Mom and Pop Stores by cflorio · · Score: 4, Insightful

    I can see it now, Mom and Pop stores could have messages sent to your device as you walk past or near their entrance

    1. Re:Mom and Pop Stores by Threni · · Score: 3, Funny

      >As I recall, this was one of the intended applications of Bluetooth.

      It's amusing just how many people think they've just discovered some renegade underground use of Bluetooth, rather than what it was invented for! What's next?
      Post-jacking? "You can send post to people and it just turns up in their letterbox". Phone-jacking? "Give someone a ring, they'll have to answer to find out who it is!"

    2. Re:Mom and Pop Stores by lildogie · · Score: 3, Funny

      > Mom and Pop stores could have messages sent to your device as you walk past

      As well as the prostitutes standing in front of their stores.

  3. How does this work? by Tony+Hoyle · · Score: 3, Interesting

    Every bluetooth phone I've ever owned has required a PIN to be set when you activate it. Without the PIN you can't make a connection.

    Then, when connection does succeed, a box pops up on the receiving phone asking whether you want to accept the connection.

    It's difficult to see how that could be done without the owner knowing about it.

    1. Re:How does this work? by Nugget · · Score: 5, Informative

      The PIN is used when pairing two devices. There are a variety of other options which require no such authorization to send things from phone to phone.

      With my T616, I can create a note and then send that note to another phone via bluetooth whether I'm paired with that device or not.

    2. Re:How does this work? by mtg101 · · Score: 4, Interesting

      In normal operation, say between a PC and phone, you do need to 'pair' devices using a PIN. However for certain operations - like sending a vCard phone2phone, phones will allow connections to be made and messages to be sent without authorisation.

      This allows a vCard (which may just be a message in the 'name' field) to be sent without authentication, or the target having to confirm receipt.

      Worse than vCards, you can send pics this way. It may be funny to take a pic of someone with your phone and then 'bluejack' it too them - but I know people who've received some pretty nasty porn over bluejacking too.

  4. "Bluejacking" possibilities by TWX · · Score: 5, Funny

    Well, if they're in range, it shouldn't be hard to find someone engaging in commercial "bluejacking", so we can beat the crap out of them in front of everyone.

    Or is it the removal of testicles that we're out for? I can never remember what the punishment for spamming is...

    --
    Do not look into laser with remaining eye.
    1. Re:"Bluejacking" possibilities by FartSmeller · · Score: 3, Insightful

      Wow... does the potential for having someone send a message to your phone really invoke such ire? Somebody needs a hug...

      I mean really, let's think about this: If you're walking in front of my coffee shop and I "bluejack" you with a coupon for a half-price latte, are you gonna come in and beat the crap out of me because I made your phone beep? I think we're so programmed to see (and hate!) 'spam' that we automatically get our hackles raised about something that could actually be a cool way to support small businesses and escape the "WalMart" mentality.

      I know I'm guilty too, but I'm trying to learn to relax. Just my two cents worth... decimate at will... (sigh)

      --


      You are in a little twisting maze of passages, all different. You're screwed.
  5. Bluetooth directional antennas. by G4from128k · · Score: 4, Interesting

    As bluetooth operates in the same 2.4 GHz band as WiFi, I'd bet some people are hooking up Bluetooth devices to cantennas for greater bluejacking range.

    --
    Two wrongs don't make a right, but three lefts do.
    1. Re:Bluetooth directional antennas. by Technician · · Score: 3, Informative

      Last time I checked, a directional antenna works both ways. Has something changed that make the directional antenna provide gain when transmitting and not when receiving?

      Think about it. The Dish antenna on top of houses for TV are to receive a weak signal, not send a signal.

      A can antenna would not only increase your transmit range but also increase the receive range. I see no reason a cantenna would not work on one end to increase the 2 way connection.

      Have I missed anything?

      --
      The truth shall set you free!
  6. Well... by GarfBond · · Score: 4, Informative

    While I'm sure this could become a major problem in the future if it reaches critical mass, the beauty of Bluetooth is that it's designed for personal area networks. So, although it's bluetooth spam, it shouldn't reach anyone farther than 30 feet away from you or so. This by itself will make bluetooth spam a little harder to operate than just SMS or email spam.

    Unless, of course, Microsoft makes a smartphone that has Outlook on it and bluetooth as an option... :)

  7. The nice thing about bluetooth... by Soulfader · · Score: 5, Funny

    ...is that it is fairly short range, so when you identify the spammer you can go punch them.

  8. Bluetooth devices must include "off" switch by kneecarrot · · Score: 4, Insightful

    Bluetooth-enabled devices must include an easy hardware switch which allows the convenient shutting off of Bluetooth functionality. An indicator light displaying the current status must also be included on the device. Devices like the Tapwave Zodiac are well designed and include these features.

    --

    I always save my last mod point to mod up a good troll. You people are too serious.

  9. Re:Authorization by mikecouk · · Score: 3, Informative

    they're sending an address book entry, with the message they wish to send as the "name" of the contact.

  10. Re:Im sure posting it to slashdot by Shakrai · · Score: 3, Insightful
    will allow this to stay under the radar of spammers. What better way to keep it secret than inform thousands of people

    Because the best security method is security via obscurity. It's been proven time after time.

    (Sorry to post the obvious in response to a flamebait... someone's gotta do it, do I deserve the mod downs that may follow? ;)

    --
    I want peace on earth and goodwill toward man.
    We are the United States Government! We don't do that sort of thing.
  11. Bluetooth viruses by sfraggle · · Score: 4, Insightful
    Bluetooth spamming seems only of limited use; you have to get close enough to be able to send the message. Maybe from a car driving around a busy city or in a nightclub or crowded bar it might work.

    What might be more interesting is bluetooth viruses. We're probably fairly safe since we dont have a monoculture in mobile phones like that which exists on the desktop, but you can just imagine bluetooth viruses hopping from phone to phone as their owner travels around :-). Plus the fact that its very difficult to update phones to fix holes could make this a pretty big problem if such security holes were found.

    --
    were you expecting to see a sig here? perhaps you'd rather see the inside of an ambulance!
  12. Re:Grammar anyone? by CXI · · Score: 4, Funny

    New reporting style
    Make it sound like a haiku
    People think it's cool

  13. this has been around for quite a while....example by mike300zx · · Score: 4, Informative

    When the Sony Ericcson's came out with bluetooth they made them come with the bluetooth turned off by default. When Nokia came out with their bluetooth phones they had them ship with it on by default. Soon on the Sony Ericson message boards people found they could discover the nokia's in a crowded place (movie theaters, etc.) and you could create a contact in you contact list and then send them that contact. This has the benifit that you message is actually the contact name which the person on the recieving end will actually see first so they don't have to click OK and then get the message...it's already there. Anyhow, it's much better in Europe for this type of thing as they've had GSM phone and associated cool features such as bluetooth for quite some time while America is just starting to catch on. I've done discoveries with mine and never had any success connecting or seeing any other bluetooth activated phone that wasn't purposly turned on for the connection. I wonder if Nokia has caught on and is leaving bluetooth off on their America bound phones.

  14. Could you imagine bluejacking bombs? by Refried+Beans · · Score: 5, Interesting

    You could easily create a small battery powered embedded device running Linux that would just send out bluetooth messages. Drop that on a city bus or subway car and you could spam a ton of people really easily.

    Perhaps I should be patenting an idea like that. ;)

  15. Re:commercial spamming? by enjo13 · · Score: 4, Insightful

    Absolutely.. What you will see is kiosks that are setup in crowded areas (Airport terminals, malls, etc..) that continually look for devices to send messages to. Potentially big business.

    At the most basic level, you'll see stores use this as a means to automatically transmit specials and what-not as you walk into the store.

    --
    Turn s60 photos into awesome videos with mScrapbook for all S60 3rd edition phones!
  16. ermm.. NOT SPAM as such.. by SenseiLeNoir · · Score: 5, Informative

    Blue tooth is a remarkably secure system requiring PIN numbers and autentication to do any form of connection.

    WHat is actually happening here is the OBEX transfer part is beign utilised. Any Bluetooth phone that is set to discoverable will accept certain OBEX information (usually just vCards, and vCal files, and maybe notes). The phone ideally will accept the information and ask the user if he/she woudl liek the add the recieved infomation into their phonebook/calendar/notes. it is EXACTLY like the beam facility of Palm units, and others, just using Bluetooth for non-line of sight transfers.

    What people do in "BlueJacking" is create a dummy addressbook entry, and send it to the unsuspecting user (usually Nokia users.. more on that later). I did it beofre once, when i was at a resteraunt and this idiot with a Nokia camera phoen was showing off and making a nuisence in front of some girls he was entertaining. So i sent a address "vCard" with the name "Stop Playing with yr BRICK" from my phone to his (his phone was discovered as "poser"?!!?!??!?!) SHoudl haev seen the look on his face.. especially in front of the girls..

    However (unless you are a Nokia 7650/6310i/6xxx user) You have nothign to worry. Most phoens ship with bluetooth off or in none discoverable mode. The SOny Ericssons only stay "discoverable" for a maximum of three minuites. The blueJackign craze started in the (Sony)Ericsson community when it was discovered some (if not most) Nokia Bluetooth phones were shipped default with Bluetooth on and discoverable, so it was a prank to those users!

    As was pointed out, it is extremely easy to make a phoen none discoverable, and most ppl have cottoned on.

    So as for "spam" via blue tooh, it isnt going to happen, unless you are EXTREMELY stupid... then again..... there is a hell of a lot of stupid people :O

    --
    Have a nice day!
  17. Bluejacking : a growing problem in taxis ... by kobotronic · · Score: 4, Informative

    At least in Copenhagen this phenomenon is quite common. It seems, every other time I get in a taxi I get a bluetooth transmitted business card from the company or sometimes specifically the driver of the taxi. The first time this happened it was a slightly novel new thing I didn't mind much - but now I find myself cursing the people who implemented this standard for not doing it like on Palm where you have to 'accept' the infrared beamed cards. On the Nokia cellphones it's just stored without question so if this practice gets more widespread, soon your address book will be seriously burdened with unwanted business cards. Just finding them will be a big hassle. That's when you switch off bluetooth I guess.

  18. Re:Could easily be abused... by MKalus · · Score: 4, Funny
    What are you going to do, punch the box?


    I would prefer damaging it so that they have to send someone to repair it, we all then wait for him or her and corner them, after they loose five or six people they'll think twice of sending out a repair crew.

    Yeah! Anarchy! ;)
    --
    If you want to e-mail me, use my PGP Key.