Are You Inviting Hackers to Seize Control with Bluetooth?


Quick now, look at your phone.  Is Bluetooth on? If the answer is yes – and probably it is – you are in effect giving hackers not just an unlocked doorway into your phone but you have given them the keys.

Bluetooth security risks are serious.

Don’t know how to check if it’s on? In iPhone, go to SETTINGS – third line down is Bluetooth. It will show if it’s on.

Bluetooth iphone on

In Android, click SETTINGS. The second line is Bluetooth. Click on it to see if it is on.

bluetooth android ON

The problem is that Bluetooth has become ubiquitous.  Just about every phone ships with it enabled and many of us leave it on.

We turn it on to connect wireless headsets. We also use it to connect a keyboard.  You can also send a file from a phone to a Bluetooth enabled PC or tablet.  Probably it plays a role in your car’s technology. Bluetooth beacons also are becoming more common in retail locations, as companies use Beacons to track consumer movement, also to distribute coupons and other loyalty rewards.  It also is integral to how many wearables such as Apple Watch work.

Bluetooth Beacon

Accept this: Bluetooth has become part of many lives.

But we may find we regret that.

Just as we may use it to connect to devices, others may use it to connect to us – with or without our permission.

Serious government agencies are known to tell employees to never, ever use Bluetooth and to turn it off on their phones and leave it off.

That is good advice but most of us nonetheless want the convenience afforded by Bluetooth – technology that makes connecting, say, an external keyboard to a phone or tablet as easy as putting them near each other, clicking on Bluetooth in SETTINGS, looking for nearby devices, and clicking PAIR.

It is that simple. And, usually, it works very well.

Except when it brings threats.

Bluetooth Security Risks

Bluetooth is built to connect devices and, usually, you need to agree to this but the rub is that the PIN used to agree usually is 0000. Sometimes 1111. How hard is that to guess?

Few of us ever change the PIN.

Do that, right now if you can.

That is the first of two – very simple but crucial – security steps you want to take.

Tracking You With Bluetooth

First however meet this app: Bluetooth View. What it does is, in a click, show you the available Bluetooth signals in your range.

Big deal?

Yes, it is a big deal. Read what the maker says:

“What can you do with BluetoothView ?

If you have neighbors or family members that use a cellular phone with Bluetooth turned on:

  • You can easily know when they come home and when they leave, by using the ‘First Detected On’ and ‘Last Detected On’ fields.
  • Each time that a new device is detected, BluetoothView automatically displays an alert as a balloon in your taskbar. This means that you can detect when your neighbors/friends/family members are coming even before they knock on your door…”

You can also use Bluetooth View to attempt a connection with any device it finds.”

Everything here is perfectly okay – except you are essentially using Bluetooth to spy on your family and neighbors.

There are many similar apps.

Now you see the threat.

Eavesdropping on Bluetooth Headsets

Bluetooth Headphones

A half dozen years ago hacker conferences reveled in how easy it was to eavesdrop on – hear every word – of conversations that involved a Bluetooth headset.

Security upgrades – in the headset software, also in Bluetooth itself – have dramatically reduced the risk.

But serious security professionals will urge you never to use a Bluetooth headset for a conversation that involves important issues.

Probably eavesdropping now is very hard to pull off. But it may not be impossible.

Keep that in mind.

Headsets are fine for convenience in conversations that don’t involve critical information.  But nothing more than that.

The Next Security Step

Here’s your next must-do: Turn off Bluetooth except when you are actually using it to pair with a device. Many of us leave it on by default.  Break that habit.

The National Institute of Standards and Technology in the US Dept. of Commerce, in its security review of Bluetooth, offered this advice:

“Bluetooth capabilities should be disabled on all Bluetooth devices, except when the user explicitly enables Bluetooth to establish a connection. This minimizes exposure to potential malicious activities. For devices that do not support disabling Bluetooth (e.g., headsets), the entire device should be shut off when not in use.”

Turn it off, now.

On iPhone, go to SETTINGS. Bluetooth.  Click it.  Change the setting to off.

On Android, do likewise.

It’s that quick – and it is every bit as quick to turn it back on when you need it again.

In the old days, incidentally, many of us routinely turned off Bluetooth because it drained the battery. Newer versions of the tool solved that issue – but it remains just as easy to shut it down to avoid Bluetooth security risks, and leave it off until you genuinely need it.

You will thank us later.


Author: Robert McGarvey

Robert McGarvey covers mobility, high tech, wireless, and he also reports on credit unions, for a range of outlets such as, BetterBanySystems, DigitalDraw, TheMobilityHub, and "Credit Union Times."

1 thought on “Are You Inviting Hackers to Seize Control with Bluetooth?”

Leave a Reply

Your email address will not be published. Required fields are marked *