Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Spam

Spammed by Bluetooth 311

An Anonymous Reader writes "BBC News is reporting a new craze - using Bluetooth to send unsolicited messages. Apparently lots of phone owners are leaving Bluetooth switched on, meaning that anyone within range can send a short message. The phenomenon is known as "bluejacking". It's not clear at present that this is being done by anyone other than pranksters, but one can't help wondering, how long before commercial spammers catch on."
This discussion has been archived. No new comments can be posted.

Spammed by Bluetooth

Comments Filter:
  • by Nugget ( 7382 ) * on Tuesday November 04, 2003 @11:13AM (#7386360) Homepage
    Heh. I had a long layover in Amsterdam last month and had hours of gleeful fun sending "boe" notes over bluetooth to all the other bluetooth phones I could see while drinking Heineken at the KLM Crown Lounge.

    I've used this feature also to send quick notes to cow-orkers at the office when they were on the phone or we were busy in a meeting. It's handy and saves the absurd ten cent charge applied to an outbound SMS.

    It's only a matter of time before it's rendered useless due to spam, I'm sure.
    • by GMontag ( 42283 ) <gmontag AT guymontag DOT com> on Tuesday November 04, 2003 @11:16AM (#7386395) Homepage Journal
      I've used this feature also to send quick notes to cow-orkers at the office

      Easily identified by their Gateway workstations.
    • by ePhil_One ( 634771 ) on Tuesday November 04, 2003 @11:27AM (#7386515) Journal
      Yeah, I'm not sure this sort of thing is likely to be abused. Maybe a local store will pop a message to my phone with some sort of lure to get me in, but unlike most Spam that would be relevant and hopefully interesting. The range thing means I'd be within throwing distance of the "Spammer" to, so unwelcome offensive spam is likely to incur the potential for physical retaliation.
    • Maybe I don't understand. I thought bluetooth could only go like 15 feet, in which case spamming bluetooth would be less effective than just yelling "Cheap Viagra for sale! Get it while it's hot!"
    • by aug24 ( 38229 ) on Tuesday November 04, 2003 @11:50AM (#7386735) Homepage
      It's only a matter of time before it's rendered useless due to spam, I'm sure.

      Do you really think spammers are going to install bluetooth devices every ten yards to acheive that...?

      Justin.

      • Do you really think spammers are going to install bluetooth devices every ten yards to acheive that
        Nope. But you could expect store entrances and subway station entrances to have such devices.

        As soon as you walk in, you phone spams you with specials at this or that store.
        • and as soon as this starts to happen people start to remember to turn off Bluetooth or to set an original code... (saying that reminds me that mine is still set to 0000 :))
      • Yeah, but not your classic spammer. Instead it'll be your Mom and Pop deli or quicky mart announcing the latest special as you walk by.

        As soon as someone makes a device as easy to program as those LED bars, and as cheap, businesses will eat them up like candy.
  • by Anonymous Coward
    because of the short range of bluetooth i think it'll be difficult to use this as commercial spamming.
    or maybe we are going to see people wearing jacket or backpack hiding bt equipment in crowded area? :)
    • by enjo13 ( 444114 ) on Tuesday November 04, 2003 @11:29AM (#7386540) Homepage
      Absolutely.. What you will see is kiosks that are setup in crowded areas (Airport terminals, malls, etc..) that continually look for devices to send messages to. Potentially big business.

      At the most basic level, you'll see stores use this as a means to automatically transmit specials and what-not as you walk into the store.
  • Mom and Pop Stores (Score:4, Insightful)

    by cflorio ( 604840 ) on Tuesday November 04, 2003 @11:15AM (#7386387) Homepage
    I can see it now, Mom and Pop stores could have messages sent to your device as you walk past or near their entrance
    • that is such a great idea, thanks, I shall start work on it, just as soon as I get a shop & a bluetooth phone 8)

    • by kjs3 ( 601225 )
      As I recall, this was one of the intended applications of Bluetooth.
      • >As I recall, this was one of the intended applications of Bluetooth.

        It's amusing just how many people think they've just discovered some renegade underground use of Bluetooth, rather than what it was invented for! What's next?
        Post-jacking? "You can send post to people and it just turns up in their letterbox". Phone-jacking? "Give someone a ring, they'll have to answer to find out who it is!"
    • by lildogie ( 54998 ) on Tuesday November 04, 2003 @12:01PM (#7386863)
      > Mom and Pop stores could have messages sent to your device as you walk past

      As well as the prostitutes standing in front of their stores.
    • Mom and Pop stores by and large live and die on their regular customers. You treat them like gold, and never annoy them.

      Spam annoys 99.999% of the people that receive it, but it "works" because that majority can't retaliate effectively, and they make money off the .001% that respond.

      Advertising that annoys 99.999% of people that receive it would kill a Mom and Pop store, because the annoyed customers would retaliate by taking their business elsewhere.

      Bluejack ads would only work for businesses with no r
  • How does this work? (Score:4, Interesting)

    by Tony Hoyle ( 11698 ) <tmh@nodomain.org> on Tuesday November 04, 2003 @11:16AM (#7386391) Homepage
    Every bluetooth phone I've ever owned has required a PIN to be set when you activate it. Without the PIN you can't make a connection.

    Then, when connection does succeed, a box pops up on the receiving phone asking whether you want to accept the connection.

    It's difficult to see how that could be done without the owner knowing about it.
    • by Nugget ( 7382 ) * on Tuesday November 04, 2003 @11:21AM (#7386456) Homepage
      The PIN is used when pairing two devices. There are a variety of other options which require no such authorization to send things from phone to phone.

      With my T616, I can create a note and then send that note to another phone via bluetooth whether I'm paired with that device or not.
      • In that case the proper word is not 'bluejacking' it's 'using bluetooth precisely in the way it was designed'. Sending short-range messages is one of its main purposes.

        The article implies they're actually using the victims phone to do something nefarious.
    • by mtg101 ( 321836 ) on Tuesday November 04, 2003 @11:23AM (#7386473) Journal
      In normal operation, say between a PC and phone, you do need to 'pair' devices using a PIN. However for certain operations - like sending a vCard phone2phone, phones will allow connections to be made and messages to be sent without authorisation.

      This allows a vCard (which may just be a message in the 'name' field) to be sent without authentication, or the target having to confirm receipt.

      Worse than vCards, you can send pics this way. It may be funny to take a pic of someone with your phone and then 'bluejack' it too them - but I know people who've received some pretty nasty porn over bluejacking too.

      • Worse than vCards, you can send pics this way. It may be funny to take a pic of someone with your phone and then 'bluejack' it too them - but I know people who've received some pretty nasty porn over bluejacking too.

        Nooooooooooo. I thought my phone was a goatse.cx free zone.
    • by RainFX ( 571362 )
      It's not just the PIN you need.. you can also set the device to be discoverable, or hidden. It needs to be discoverable in order to pair with another device, but once that's done, you can set it to hidden and only the "paired" devices know it's there. Any other BT device won't be able to see it. And you can't pair devices (except for some headset profiles) without exchanging a PIN.
  • I don't want to sound too mean, but in the story , I read:

    The phonomenon, known as "bluejacking".

    No verb? What is that?
  • Bluejacking is on the edge of being cool. Things like this will be used by folks to contact others or be useful for a number of tasks until they become widely available and then the marketers will come in and take advantage of this. At that point, unless it continues to serve a useful function (like email), it will become more of a nuisance and folks will turn off "Bluetooth Discoverable".

    • ARGH! (Score:3, Insightful)

      by RMH101 ( 636144 )
      *all* bluejacking is: turning on your bluetooth and scanning for nearby devices who's idiot owners haven't turned "discoverable" off. that's what "discoverable" means: your phone can be discovered and messaged. Nokia ships with this on by default.
      it's not some cool hack, or anything, it's just a setting within bluetooth for exchanging information without pairing.
  • by TWX ( 665546 ) on Tuesday November 04, 2003 @11:17AM (#7386399)
    Well, if they're in range, it shouldn't be hard to find someone engaging in commercial "bluejacking", so we can beat the crap out of them in front of everyone.

    Or is it the removal of testicles that we're out for? I can never remember what the punishment for spamming is...
    • It can't be the "removal of testicles" as spammers don't have any. Bacteria don't reproduce sexually.
    • Or is it the removal of testicles that we're out for?

      I'm fully in support of this. If they aren't "bluejacking" before this, they will be.
    • Wow... does the potential for having someone send a message to your phone really invoke such ire? Somebody needs a hug...

      I mean really, let's think about this: If you're walking in front of my coffee shop and I "bluejack" you with a coupon for a half-price latte, are you gonna come in and beat the crap out of me because I made your phone beep? I think we're so programmed to see (and hate!) 'spam' that we automatically get our hackles raised about something that could actually be a cool way to support sma
      • let's think about this: If you're walking in front of my coffee shop and I "bluejack" you with a coupon for a half-price latte

        Leave me alone! Leave my phone alone! Put a sign in your window.

        Let's perform a thought experiment. Suppose you hire someone to stand out on the sidewalk and harass people that pass by to come into your store. Some people will call the police. Some people will punch that person in the nose. And perhaps there will be other responses as well. Some might try to get you som
  • by G4from128k ( 686170 ) on Tuesday November 04, 2003 @11:17AM (#7386401)
    As bluetooth operates in the same 2.4 GHz band as WiFi, I'd bet some people are hooking up Bluetooth devices to cantennas for greater bluejacking range.
    • close, but no cigar. Bluetooth requires 2way communication. The devices on the recieving end don't have the power the set up a connection.
      • by Technician ( 215283 ) on Tuesday November 04, 2003 @12:23PM (#7387086)
        Last time I checked, a directional antenna works both ways. Has something changed that make the directional antenna provide gain when transmitting and not when receiving?

        Think about it. The Dish antenna on top of houses for TV are to receive a weak signal, not send a signal.

        A can antenna would not only increase your transmit range but also increase the receive range. I see no reason a cantenna would not work on one end to increase the 2 way connection.

        Have I missed anything?
        • You are right and the grand-parent post is wrong. A directional antenna is bidirectional -- it both directs power to toward the distant reciever and amplifies power from a distant transmitter. If this was not true, then cantennas would not work for Wifi because Wifi, like bluetooth, requires bidirectional communications.
  • Well... (Score:5, Informative)

    by GarfBond ( 565331 ) on Tuesday November 04, 2003 @11:18AM (#7386410)
    While I'm sure this could become a major problem in the future if it reaches critical mass, the beauty of Bluetooth is that it's designed for personal area networks. So, although it's bluetooth spam, it shouldn't reach anyone farther than 30 feet away from you or so. This by itself will make bluetooth spam a little harder to operate than just SMS or email spam.

    Unless, of course, Microsoft makes a smartphone that has Outlook on it and bluetooth as an option... :)
    • What? Like: This [orange.co.uk] ?
    • Until airports and other high-density pedestrian areas get bluetooth spam senders installed that allow them to saturate the area with periodic bluetooth spam. Yay. Another victory for economic "choice."
  • ...is that it is fairly short range, so when you identify the spammer you can go punch them.
  • by kneecarrot ( 646291 ) on Tuesday November 04, 2003 @11:20AM (#7386441)
    Bluetooth-enabled devices must include an easy hardware switch which allows the convenient shutting off of Bluetooth functionality. An indicator light displaying the current status must also be included on the device. Devices like the Tapwave Zodiac [tapwave.com] are well designed and include these features.
    • no, they musn't (Score:3, Insightful)

      by RMH101 ( 636144 )
      it's not part of the BT spec, and i don't remember ever seeing a device that had this. you turn it off in "software" which phone designers like as you don't have to clutter the already cluttered keypad with a button just to babysit idiots...

      My phone has a blue LED that indicates, yes, you guessed it, that I'm using bluetooth. It *doesn't* mean I've been dumb enough not to realise that if you don't put a tick in the "discoverable" box that you can get short range messages from strangers.

      • You are one of these people who gets angry at 45 year old housewives who don't know how to configure Linux.

        Look, as Bluetooth becomes more and more integrated into devices two things will happen:

        1. Non-geeks will use increasingly more Bluetooth enable devices. Do you think they will have any idea what "discoverable" is? Do you think they will want to wade through software menus to turn Bluetooth on and off?

        2. More sophisticated methods will be discovered to take advantage of people who unwittingly le

  • Bluetooth viruses (Score:5, Insightful)

    by sfraggle ( 212671 ) on Tuesday November 04, 2003 @11:23AM (#7386472) Homepage
    Bluetooth spamming seems only of limited use; you have to get close enough to be able to send the message. Maybe from a car driving around a busy city or in a nightclub or crowded bar it might work.

    What might be more interesting is bluetooth viruses. We're probably fairly safe since we dont have a monoculture in mobile phones like that which exists on the desktop, but you can just imagine bluetooth viruses hopping from phone to phone as their owner travels around :-). Plus the fact that its very difficult to update phones to fix holes could make this a pretty big problem if such security holes were found.

    • Bluetooth spamming seems only of limited use; you have to get close enough to be able to send the message.... What might be more interesting is bluetooth viruses.
      Sounds nice, but unless somebody invents VBScript attachments for cellphones we're probably safe - it's just text messaging. (Microsoft, if you're listening, please stay out of cellphones).
    • Forget viruses, what if someone discovers a way to send a malformed message which crashes the phone?

      Even worse, some of the new phones offer 'over the air' programming updates. The right bug, and someone could render your phone useless....
  • YAGging (Score:3, Informative)

    by Joel Rowbottom ( 89350 ) on Tuesday November 04, 2003 @11:25AM (#7386494) Homepage
    We've been doing this for ages in the UK. See here [nosignal.org] for Andy's [mailto] way of doing it ;)
  • by FrostedWheat ( 172733 ) on Tuesday November 04, 2003 @11:25AM (#7386497)
    I doubt there would be spam like we have now on email, the range is simply to short. But I can see supermarkets or similar companys using this to send you messages while in there store.

    Annoying sure, but at least semi-relevant to what your doing. And at least you can turn it off. (You can, can't you?)
    • I doubt there would be spam like we have now on email, the range is simply to short. But I can see supermarkets or similar companys using this to send you messages while in there store.

      Precisely, but how is this not spam? Shops in the UK are already doing this with SMS. I now avoid walking past the Carphone Warehouse in Liverpool Street Station because of the SMS spam they've sent out as I walk past on a number of occasions.

      • Precisely, but how is this not spam? Shops in the UK are already doing this with SMS. I now avoid walking past the Carphone Warehouse in Liverpool Street Station because of the SMS spam they've sent out as I walk past on a number of occasions.

        Really? I didn't know they where already doing this. Wonder how that works.

        I didn't mean it wasn't spam, just not like what we get via email. I normally get 40 or 50 email spams a day (tho it's been 800-ish per day this past week), none of which are even slightly
    • I doubt there would be spam like we have now on email, the range is simply to short. But I can see supermarkets or similar companys using this to send you messages while in there store. Annoying sure, but at least semi-relevant to what your doing.

      Spam from a bookstore
      "Read a book, gain some knowledge"
      But you walk on by

      Dog doo spelling skills
      Are commonplace on Slashdot
      Generation Duh

      Karma is burning
      It is mine but I don't care
      It has to be said

  • by mike300zx ( 523956 ) on Tuesday November 04, 2003 @11:26AM (#7386504)
    When the Sony Ericcson's came out with bluetooth they made them come with the bluetooth turned off by default. When Nokia came out with their bluetooth phones they had them ship with it on by default. Soon on the Sony Ericson message boards people found they could discover the nokia's in a crowded place (movie theaters, etc.) and you could create a contact in you contact list and then send them that contact. This has the benifit that you message is actually the contact name which the person on the recieving end will actually see first so they don't have to click OK and then get the message...it's already there. Anyhow, it's much better in Europe for this type of thing as they've had GSM phone and associated cool features such as bluetooth for quite some time while America is just starting to catch on. I've done discoveries with mine and never had any success connecting or seeing any other bluetooth activated phone that wasn't purposly turned on for the connection. I wonder if Nokia has caught on and is leaving bluetooth off on their America bound phones.
  • Comment removed (Score:3, Interesting)

    by account_deleted ( 4530225 ) on Tuesday November 04, 2003 @11:26AM (#7386512)
    Comment removed based on user account deletion
  • I'd read Slashdot. I'll bet they get all kinds of great ideas from us! :)
  • by Refried Beans ( 70083 ) * on Tuesday November 04, 2003 @11:28AM (#7386532) Homepage
    You could easily create a small battery powered embedded device running Linux that would just send out bluetooth messages. Drop that on a city bus or subway car and you could spam a ton of people really easily.

    Perhaps I should be patenting an idea like that. ;)
  • From the article, "Bluetooth works over a range of about 10 metres..."

    I hardly think spam is going to be a problem. It's not economically feasible for generic spam (no economy of scale) and I think localized messages (for example, a restaurant sending you a message saying "eat here") would annoy rather than entice, thus costing the offender business. The blujackq.com faq [bluejackq.com] says

    On most models the phone will bleep the same tone as when a text message is received, and it will show a message similar to "name
  • You look like you could use a Guinness!

    -jfedor
    • Talking about the "Minority Report", I think there is a more appropriate scene about Tom Cruise shopping in Gap. You know, "Welcome Mr. Whoever, are you satisfied with the turtleneck you bought last year". Each BT device has its unique number just like the MAC address of a network card. By storing and tracking these unique ID's they can identify you as the guy who often buys pink translucent dildos and should be alerted about the latest models.
  • When he's going out somewhere and bored, he starts sending messages like: "this phone has been reported stolen. your number has been registered, deliver it at the local police station"
    Some people look like they're thinking: "oh shit, I'm fucked"
  • Apparently lots of phone owners are leaving Bluetooth switched on, meaning that anyone within range can send a short message.


    Hmm... could this be used to set up an ad-hoc local network, e.g. in a cinema? Can you get a remote bluetooth phone to forward a message to another?

  • how long before commercial spammers catch on

    Oh, puhleeeze let it be soon! With the range of Bluetooth, they'll have to send so many spams to get their 0.00001% hit rates that their fingers will fall off through exteme RSI and the bastards won't be able to send us email spam either. ;)

  • by BigGerman ( 541312 ) on Tuesday November 04, 2003 @11:40AM (#7386647)
    I understand that some bluetooth phones are used to connect your PDA or laptop to the Internet.
    Is it possible to place a laptop next to a phone, somehow hijack the connection, get the IP address, send 1000 spam messages and disconnect?
    Should not take more than 30-50 seconds.
    • Not easily. I use exactly the technology you're describing. The phone must be paired with the PC to use the phone's modem (a.k.a. dial-up networking) profile. Also, it's not IP data going over the bluetooth connection. It's what would go over a serial cable to an external modem.
  • ... as drive by spamming??

    Dunstan
  • by SenseiLeNoir ( 699164 ) on Tuesday November 04, 2003 @11:47AM (#7386704)
    Blue tooth is a remarkably secure system requiring PIN numbers and autentication to do any form of connection.

    WHat is actually happening here is the OBEX transfer part is beign utilised. Any Bluetooth phone that is set to discoverable will accept certain OBEX information (usually just vCards, and vCal files, and maybe notes). The phone ideally will accept the information and ask the user if he/she woudl liek the add the recieved infomation into their phonebook/calendar/notes. it is EXACTLY like the beam facility of Palm units, and others, just using Bluetooth for non-line of sight transfers.

    What people do in "BlueJacking" is create a dummy addressbook entry, and send it to the unsuspecting user (usually Nokia users.. more on that later). I did it beofre once, when i was at a resteraunt and this idiot with a Nokia camera phoen was showing off and making a nuisence in front of some girls he was entertaining. So i sent a address "vCard" with the name "Stop Playing with yr BRICK" from my phone to his (his phone was discovered as "poser"?!!?!??!?!) SHoudl haev seen the look on his face.. especially in front of the girls..

    However (unless you are a Nokia 7650/6310i/6xxx user) You have nothign to worry. Most phoens ship with bluetooth off or in none discoverable mode. The SOny Ericssons only stay "discoverable" for a maximum of three minuites. The blueJackign craze started in the (Sony)Ericsson community when it was discovered some (if not most) Nokia Bluetooth phones were shipped default with Bluetooth on and discoverable, so it was a prank to those users!

    As was pointed out, it is extremely easy to make a phoen none discoverable, and most ppl have cottoned on.

    So as for "spam" via blue tooh, it isnt going to happen, unless you are EXTREMELY stupid... then again..... there is a hell of a lot of stupid people :O
  • Hi-tech drug dealers could use this technology to quietly advertise dope on the streats without being to conspicuous.
  • A friend of mine uses Bluetooth in this way to distribute his freeware Symbian games such as Vexed [symbiandiaries.com] to other Symbian phones.

    Watch out for a manic Scotsman on the London tube system waving a Nokia 7650...

  • Seems like it would be hard to mass msging like spammers because of the short range. I guess you could had a "transmitter" in crowded public places, but its no where near as cheap as good old SMTP spam.
  • Bluerage: noun
    Meaning: The act of finding and beating of a person who uses a bluetooth enabled device to send people with bluetooth enabled devices unsolicated messages.
    Other Notes: Due to local regulations, you may only beat the person with your phone. However, if your phone is integrated into a pair of brass knuckles, all the better.
  • That I can send short text messages from my PC (which has a bluetooth dongle thingy) to my mobile while I'm in meetings close by? For free...
  • Posting this on slashdot doesn't help.. The people who read this already know about (and do) turn bluetooth off on their devices. Any I'm sure that spammers read this as well...

    Posting this here is silly for the same reason that posting detailed instructions of an how to exploit the latest buffer overrun is silly...

    So long, bluetooth!
  • by ragnar ( 3268 )
    Given the range of bluetooth is something like 10 meters, and given the wrath many of use feel about spam, I tend to think this won't catch on. Most spammers like to keep more distance for good reason.
  • I love slashdot stories that point to a site with a page counter - it's like watching the dials go around at the gas pump.
  • I turn bluetooth on when I sync my phone with my Mac, and turn it off again when I'm finished. Why would anyone keep bluetooth on all the time?

    JP

  • by JVert ( 578547 ) <corganbilly@COMMAhotmail.com minus punct> on Tuesday November 04, 2003 @12:29PM (#7387137) Journal
    Meet brutus, he's the bluetooth honeypot. When someone sends a message he doesn't like he pummels everyone within 15 feet.
  • It's not clear at present that this is being done by anyone other than pranksters, but one can't help wondering, how long before commercial spammers catch on.

    I wonder how many commercial spammers began their careers as pranksters ...?

  • ...on Slashdot without trolling, but I've definetly seen my friends on a college campus be able to pick up all the Bluetooth phones in a 10-meter sphere around their dorm rooms, and the little bastards have definately send a picture message with the goatse man to anyone and everyone...
  • by akb ( 39826 )
    I can imagine some useful stuff being exchanged in this way. Let's say you walked into a bar or someother social setting, glance down at your phone and saw the Friendster profiles of everyone there. Instead of wasting time doting after some flashy eye candy who thinks Brittany Spears is deep you could spend your time getting to know someone who's more compatible with you. In more formal situations one might share parts of their professional portfolio.

    The key will probably be metadata about whatever is a
  • by kobotronic ( 240246 ) on Tuesday November 04, 2003 @12:54PM (#7387321)
    At least in Copenhagen this phenomenon is quite common. It seems, every other time I get in a taxi I get a bluetooth transmitted business card from the company or sometimes specifically the driver of the taxi. The first time this happened it was a slightly novel new thing I didn't mind much - but now I find myself cursing the people who implemented this standard for not doing it like on Palm where you have to 'accept' the infrared beamed cards. On the Nokia cellphones it's just stored without question so if this practice gets more widespread, soon your address book will be seriously burdened with unwanted business cards. Just finding them will be a big hassle. That's when you switch off bluetooth I guess.
    • Not sure what you mean by "On the Nokia cellphones it's just stored without question."

      On my Nokia 3650, Bluetooth is turned off by default, and even when it is on, vcards are NOT inserted into the address book automatically. Incoming objects are saved to a folder, but I have to open the card and explicitly save the data in order to place it in my address book.

  • by The Mutant ( 167716 ) on Tuesday November 04, 2003 @03:10PM (#7388824) Homepage
    When I'm bored I'll change my iPaq 5450 BlueTooth device identification to ABigHairyDick and then look for phones.

    Great fun when someone's phone beeps, and on the screen they see "Accept connection from ABigHairyDick?"

    Puzzeled frowns usually result although after this article I'm sure to get my smirking ass beat good.

"When the going gets tough, the tough get empirical." -- Jon Carroll

Working...