-----Mensagem original-----
De: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] Em nome de Joshua Wright
Enviada em: Wednesday, November 14, 2007 12:00 PM
Para: Security; wifisec (at) securityfocus (dot) com [email concealed]
Assunto: Re: Tracking bluetooth
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Security wrote:
> Would those sniffers be able to determine a relative distance from the
> device? Effectively, you could triangulate someone's location that way.
Yes, by tracking Bluetooth activity, you can obtain lots of information
about people:
1. Relative location with triangulation and other location-analysis
techniques;
2. Frequency of visit, time spent in front of particular displays (for
retail/marketing purposes)
3. Associations (e.g. "Every day at 12:15 'Jons Phone' and 'Kims Phone'
meet at location X for 15 minutes")
4. Relative speed of travel
These items assume the location analysis units are stationary; if the
locating device is mobile, then it could be used to track individuals as
well.
- From my perspective, Bluetooth tracking would be useful for areas with
large crowds for event planning and traffic management purposes (think
Disney World, or hundreds of thousands of people making pilgrimages).
It could also be used for retailers, to learn the shopping habits of
customers, which displays garner more attention, the traffic patterns of
shoppers in their stores, etc.
I think this would also be useful to law enforcement agencies to
establish relationships or "known associates" by recording Bluetooth
activity. Since this Bluetooth tracking information is "broadcast", I
imagine it is possible for LEA's to collect it without wiretap warrant.
There was a draft mechanism from the Bluetooth SIG to implement
something known as "Bluetooth Anonymity Mode", but this appears to not
have been adopted in the most recent 2.1 specification. Currently,
placing Bluetooth devices in "non-discoverable" mode will thwart most
attempts at collecting this kind of information, but it is an
insufficient long-term strategy since it has become possible to discover
devices in non-discoverable mode as well (please see my presentation on
exploiting Bluetooth headsets at
http://www.willhackforsushi.com/Home/Entries/2007/10/8_Headset_Attack_De
mo_At_SANS_NS2007_Las_Vegas.html).
</PRE>
<P><FONT size=3></FONT>
<P><FONT face=Arial size=1>As informações existentes nessa mensagem e nos
arquivos anexados são para uso restrito, sendo seu sigilo protegido por lei.
Caso não seja destinatário, saiba que leitura, divulgação ou cópia são
proibidas. Favor apagar as informações e notificar o remetente. O uso impróprio
será tratado conforme as normas da empresa e a legislação em vigor. </FONT>
<P><FONT face=Arial size=1>The information contained in this message and in the
attached files are restricted, and its confidentiality protected by law. In case
you are not the addressee, be aware that the reading, spreading and copy of this
message is unauthorized. Please, delete this message and notify the sender. The
improper use of this information will be treated according the company's
internal rules and legal laws. </FONT>
<P><FONT face=Arial size=1></FONT>
<P><FONT face=Arial size=1></FONT>
<P></P><PRE>
Josh is correct. It's also important to track which phone is sending worm.
You can see more information in this website http://www.nytimes.com/2005/01/24/technology/24virus.html.
Regards,
Denny Roger
Gerente de Negócios, Future Security
denny.roger (at) future.com (dot) br [email concealed]
www.future.com.br
Tel/Fax: +55(11) 2246-2787
Celular: +55(11) 8101-4476
-----Mensagem original-----
De: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] Em nome de Joshua Wright
Enviada em: Wednesday, November 14, 2007 12:00 PM
Para: Security; wifisec (at) securityfocus (dot) com [email concealed]
Assunto: Re: Tracking bluetooth
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Security wrote:
> Would those sniffers be able to determine a relative distance from the
> device? Effectively, you could triangulate someone's location that way.
Yes, by tracking Bluetooth activity, you can obtain lots of information
about people:
1. Relative location with triangulation and other location-analysis
techniques;
2. Frequency of visit, time spent in front of particular displays (for
retail/marketing purposes)
3. Associations (e.g. "Every day at 12:15 'Jons Phone' and 'Kims Phone'
meet at location X for 15 minutes")
4. Relative speed of travel
These items assume the location analysis units are stationary; if the
locating device is mobile, then it could be used to track individuals as
well.
- From my perspective, Bluetooth tracking would be useful for areas with
large crowds for event planning and traffic management purposes (think
Disney World, or hundreds of thousands of people making pilgrimages).
It could also be used for retailers, to learn the shopping habits of
customers, which displays garner more attention, the traffic patterns of
shoppers in their stores, etc.
I think this would also be useful to law enforcement agencies to
establish relationships or "known associates" by recording Bluetooth
activity. Since this Bluetooth tracking information is "broadcast", I
imagine it is possible for LEA's to collect it without wiretap warrant.
There was a draft mechanism from the Bluetooth SIG to implement
something known as "Bluetooth Anonymity Mode", but this appears to not
have been adopted in the most recent 2.1 specification. Currently,
placing Bluetooth devices in "non-discoverable" mode will thwart most
attempts at collecting this kind of information, but it is an
insufficient long-term strategy since it has become possible to discover
devices in non-discoverable mode as well (please see my presentation on
exploiting Bluetooth headsets at
http://www.willhackforsushi.com/Home/Entries/2007/10/8_Headset_Attack_De
mo_At_SANS_NS2007_Las_Vegas.html).
- -Josh
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
iQIVAwUBRzr/eTWX3FIa1TkuAQKmTg//RydKkgS/oONzn9dR26RLM4NdvyoMEszb
Z+A3EStrsACuCre8CMs5AQL9PDSSpY9uuMt+eL//EfGaVlbWUsA1GYOtI7BfUFsG
0+9qoJ9A851vxAggyuj+HcGfvHXS/8QnajiKzqbWfknuF3G+i0DnQxwoGjTMWjZ9
NlwFkRxRil5h6HQDMOFjoxuP0W8VbJ2CMZ0DcbhQeGeLdgGe+/R5YTBfUG0IoT5P
v6zgUABg48GvNDGJMcl3UMg+jL0mNI6Xg44F9DDk5NV61f2ZCO9t3BTPxLK4H7zz
APoPb7E7Cyuz3QYov2/5gjZ88uNRFEWBG/dh7TSdzsGMIHFj0jDOhzAJRjNudH66
64PCXA7QBkAxqpVxQTPEdKSY9RHRy26PcSRAjSvuGaxCxzpgcwJL13pqSxpm1guw
Pt2Tkmeoc+eO8avc2r199e532dj5uwYBgLfsScgyyeBCOIhKnFbU8/R2rd156YM4
WQRqt6DzThs+baVHFSgzjE/JQjNaeZrPlvfITEcLPZwCVAgc9GqOcFnCm0PVjIKV
eSQx5eHa3YbMw4tiFKH68rqi4D/8stxUnqkGJ8uhBnH8EekZ1rMnyOhPSYx9okqd
63u+bDzJUcMJUTARKVeWB2r6lKYLq0kEb8Fhasrgzmi8keqWfyqJxwJ4OnYWoCEe
jWXNHoJty9k=
=o+st
-----END PGP SIGNATURE-----
</PRE>
<P><FONT size=3></FONT>
<P><FONT face=Arial size=1>As informações existentes nessa mensagem e nos
arquivos anexados são para uso restrito, sendo seu sigilo protegido por lei.
Caso não seja destinatário, saiba que leitura, divulgação ou cópia são
proibidas. Favor apagar as informações e notificar o remetente. O uso impróprio
será tratado conforme as normas da empresa e a legislação em vigor. </FONT>
<P><FONT face=Arial size=1>The information contained in this message and in the
attached files are restricted, and its confidentiality protected by law. In case
you are not the addressee, be aware that the reading, spreading and copy of this
message is unauthorized. Please, delete this message and notify the sender. The
improper use of this information will be treated according the company's
internal rules and legal laws. </FONT>
<P><FONT face=Arial size=1></FONT>
<P><FONT face=Arial size=1></FONT>
<P></P><PRE>
[ reply ]