• Bluejacking Defined

    Bluejacking sounds scary, and it can be. But the name gives the wrong impression. Since it's a Bluetooth-related word, most people assume that it's a Bluetooth-enabled form of hijacking. They worry that bluejacking involves someone over their Bluetooth device remotely. That's not the case. Bluejackers do not access your Bluetooth device and take information. Rather, they send information to you.

    The name "bluejacking" was invented by the first known person to use the technique. A user with the name of "ajack" was in a bank searching for other Bluetooth devices. He found a mobile phone and sent it the message "Buy Ericsson." Combining the "blue" in Bluetooth with the "jack" in ajack, he called the technique "bluejacking."

    The Good

    Bluejacking doesn't have to be harmful if it's used responsibly. In the future we may have a number of location based services that make use of the technique to send messages to those who are nearby and have indicated an interest. That's the key. As long as the schemes are opt-in only, everybody's happy. You can imagine someday walking down the grocery aisle and having your cell phone beep to alert you that your preferred brand of dog food is on sale. Walk through a convention and your phone is picking up virtual business cards from all the displays. Walk past a theater and have your phone or PDA grab the show times automatically. There are any number of legitimate uses.

    The Bad

    But there are illegitimate uses as well. The simplest bad use would be the Bluetooth version of spam. You walk into an Internet cafe and find yourself bombarded with business cards, advertisements, and other junk mail. These ads can send out sounds and pictures as well, adding to the annoyance.

    The Ugly

    As Bluetooth devices become more common, it seems inevitable that some will start writing viruses to take advantage of the technology. Unwary users may even find themselves invoking a trojan horse program, giving the sender full access. That's when bluejacking really does become hijacking.

    It's not hard to protect yourself from all this. All you have to do is set your Bluetooth device not to accept unsolicited messages. You'll still receive email and text messages just fine. Anyone who knows your email address or instant messaging ID can still get through. But someone who's just scanning the area for a Bluetooth device won't be able to "see" you.

    Here's how it works. Bluetooth devices have three settings-off, on, and discoverable. It's that third setting, "discoverable," that causes the problem. Normally, that's the setting you use when you want to pair your Bluetooth device with another one. You set it to "discoverable" so the other device can see yours and they can pair. As soon as that pairing is complete, you should switch the device from "discoverable" to on. The other device can still see your device because it knows what to look for and because your device will recognize it. But other devices can't discover it just by looking around. Check your mobile phone especially to make sure it isn't set to "discoverable" by default.