Laptop users offered barrier to Bluetooth horrors
Primary Response 3.0 updates wireless security.
By John Dunn | Techworld | Published: 15:41, 13 June 2007
Sana Security has added protection against several forms of Bluetooth hacking in the latest version of its Primary Response laptop security software.
Following on from the all-purpose Wi-Fi protection that has scored so highly in reviews of the product, version 3.0 now includes protection against what the company claims is still an under-rated problem on most laptops.
Threats such as ‘bluesnarfing’ and ‘bluejacking’ can allow attackers using easily available software to hack into data held on the laptops, or use the machine as a conduit for other activities. The software also now protects against the same class of threat when using laptops with GSM, CMDA, EvDo and 3G communications.
“Bluetooth technology in use today has a fatal design flaw, from a security perspective, that is relatively easy for a motivated person to exploit, and while Wi-Fi vulnerabilities are fairly well known, people are just waking up to the security holes that can be opened by Bluetooth,” said Sana Security CEO, Don Listwin.
“The enhancements in this latest release fill that gap, eliminating accidental and unintentional connections and protecting against threats that take advantage of the always-on nature of wireless technologies,” he said.
The software locked down access to the Bluetooth interface in much the same way it monitored connections to and from Wi-Fi access points and clients, notifying the user of any use of the interfaces by default.
Out of the box, very few XP or Vista laptops have any way of controlling wireless access vulnerabilities, a corner of the market Sana has managed to corner for itself. Even with some security turned on, few users pay much attention to which Wi-Fi access points they are connecting to when on the road, giving rise to simple hacks using rogue access points.
Primary Response can be downloaded from Sana’s website at a cost of £29.95 for a single-user client.