Bluetooth adverts spark virus fears
/v3-uk/news/1992878/bluetooth-adverts-spark-virus-fears
25 Aug 2005, Iain Thomson , V3
A newly developed Bluetooth advertising scheme could make mobile phone viruses more commonplace by teaching users bad habits, IT security experts told vnunet.com today.
The technique, known as Bluestreaming, has been pioneered by British firm Filter UK. It involves beaming pictures and music direct to people's mobile phones. The company had run a pilot with six sites in London railway stations and in a two-week period detected 87,000 phones capable of receiving the material, of which 17 per cent accepted the download.
"This is dangerous from a user behaviour point of view," explained Patrick Runald, senior technical consultant at F-Secure.
"We're trying to tell people not to accept things on their phones if they are beamed at them. All mobile viruses rely on the users accepting them in order to spread."
The Bluestreaming system works by placing a Bluetooth transmitter with a 100m range behind an advertising billboard. Files are free to download since they are not transmitted over the cellular network.
The commercial director of Filter UK pointed out that the marketing method itself cannot be hijacked by mobile virus writers.
"It would be very difficult for a virus writer to spoof a campaign like this, " commercial partner Fred Durman said.
"Mobile viruses are applications and phones will always ask if you want to download and activate an application. Since these are music and picture files there's no need for the request. Customers should never install unrecognised applications."
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093
Do you agree?
More incidence will come.
In fact, again, it is an awareness problem again. I have just worked with AirDefense to work on an Blue Driving in a food court and arcade in Hong Kong and find that quite a number of people switched on their devices including cell phone and PDA.
If I make a mass broadcasting for a coupon (of course, at this time, we have tried to do that as our signed agreement is just for detecting devices only), I believe there should be some one accepting our request.
If I did with malicious motivation, apart from coupon they have got, they will get some extra stuff from me.
Both end user and service provider should take care of it. Never trust any external and unknown data source and believe noone will corrupt their data source.
I could say, there are no great incidence like MasterCard compromise coming out yet. Howevever, when will people alert this kind of threat before it happens?
As a professional, we need to promote and promote without hesitation to public and various tiers of people.
Posted by Anthony, Cheuk Tung, LAI, CISSP, CISA, 03 Sep 2005