How to Stay Safe While Using Bluetooth: A Short SummaryNo wireless technology is hack-proof, and Bluetooth is no exception. Clever cybercriminals rely on three tried-and-true strategies to covertly access devices through the Bluetooth function.
- Bluejacking – using one Bluetooth-enabled device to hijack another and send phishing messages.
- Bluesnarfing – extracting information from a device through a Bluetooth connection.
- Bluebugging – using a Bluetooth connection to gain backdoor access to your device.
There are several things you can do to keep your Bluetooth-enabled devices safe from these types of attacks.
- Install security patches and updates. Make sure your apps, operating system, and devices are regularly updated so the most recent bugs and vulnerabilities have been patched.
- Make your Bluetooth not discoverable. Put your Bluetooth in hidden mode, so it can’t be detected by nearby cybercriminals.
- Turn off Bluetooth. When you’re not using Bluetooth, turn it off. Not only does this secure your device, but it also helps reduce battery drain.
- Pair only with devices you recognize. Only connect to trustworthy sources and get rid of any suspicious connections when you notice them.
Read our full article to find out more safety tips, learn how Bluetooth works, and compare the pros and cons of this convenient technology.
Bluetooth is an integral part of the technology landscape today. From smartphones to keyboards to cars, people connect devices invisibly and automatically without thinking twice. The question is: how secure is Bluetooth?
In most cases, Bluetooth is more secure than Wi-Fi. However, as with any wireless system, your data could be seen by unintended recipients. It’s not only about people discovering which music you stream to your Bluetooth headphones, either. Bluetooth could expose a great deal of data from your mobile phone, laptop, or computer.
Now is the time to get up to speed about all things Bluetooth: what it is, how it works, common Bluetooth attacks, and tips for maximizing Bluetooth security.
What is Bluetooth?
Bluetooth technology is a protocol for establishing a local network to exchange data wirelessly between nearby devices. In other words, with Bluetooth, you can share information between, for example, your phone and your headphones without needing a cable.
Bluetooth is an open standard, meaning anyone can freely use the technology without a license. This is one of the main reasons why Bluetooth is so popular and is built into more and more devices every day.
The technology was developed in the early nineties by Jaap Haartsen, who worked for Ericsson. Today you can find almost everything with Bluetooth connectivity – from wireless headphones to speakers to the refrigerator in your kitchen. Virtually every newly manufactured device comes with built-in Bluetooth functionality.
Fun Bluetooth fact
Wondering how Bluetooth got its name? We can thank the Vikings for that.
In the tenth century, the Danish Viking leader Harald Denmark, also called Harald Blåtand (which translates to “Bluetooth”), was crowned the king of Denmark. He later united his kingdom with Norway. The method for wirelessly connecting cell phone headsets was named after the Viking leader, in recognition of the important role Nordic countries played in the development of cell phone technology.
How Does Bluetooth Work?
Bluetooth wirelessly connects different devices, such as your phone and your laptop. It eliminates the need for a (USB) cable when you want to exchange data between two devices. Bluetooth technology uses short-wavelength UHF radio waves to establish the connection, making it essentially a radio connection. Bluetooth operates at frequencies between 2.402 and 2.480 GHz.
Easy, Fast, and Secure
Bluetooth devices must be in close proximity to one another to be able to exchange information, usually within a distance of 10 meters (30 feet). Because the broadcast signals are very weak, they usually have no effect on other devices operating at the same frequency.
When you connect two Bluetooth devices for the first time, this is called pairing. You have to approve each new connection, which makes Bluetooth relatively secure. Once devices connect for the first time, the pairing is usually remembered and future connections will happen automatically, at least when both devices have Bluetooth activated and are near each other.
Although a Bluetooth connection is relatively weak, it is still effective. The songs you listen to, for example, are sent instantly from your Spotify app to your headphones. It’s even possible to connect up to eight devices on one network. However, only one device, the “master,” can send data. All the other devices, speakers in different locations in your home, for example, are “receivers.”
Frequency Hopping
One of the great things about Bluetooth is that it uses frequency hopping. This means that the connection jumps between different frequencies within its range to maintain a strong, stable connection.
There are 79 frequencies each Bluetooth network can choose from, so frequencies that are already being used by other devices, such as your garage door, can easily be avoided.
How is Bluetooth Used?
Bluetooth has become a ubiquitous part of our daily lives. We use Bluetooth technology every day in a variety of ways, often without even thinking about it:
- Connecting devices – Bluetooth allows you to play music through wireless speakers or headphones. It also connects your laptop or computer to your wireless mouse, keyboard, or printer. Modern cars use Bluetooth to play music from your mobile device through the car’s speakers, make hands-free calls, use navigation, and reply to messages.
- Sharing files – You can easily share files with Bluetooth. Photos, videos, and music are all transmitted seamlessly among devices.
- Tethering to create a hotspot – If you don’t have internet access on your computer, but do have access to a mobile network, tethering enables you to use your phone as a hotspot. This way, you can continue browsing on your laptop without it having its own Wi-Fi connection.
- Securing your home – There are special locks or security systems that can be connected to your smartphone via Bluetooth, so you can use your phone as a key.
- Protecting your computer – You can download programs that ensure your computer is only accessible if your phone is within Bluetooth range. Since our phones are usually where we are, this means your laptop can only be used when you are around.
- Monitoring your health – The health care sector makes frequent use of Bluetooth-enabled devices. Fitness trackers are just one example, making Bluetooth very useful in the gym. Another example is a Bluetooth-enabled pacemaker that transmits data to an app on your smartphone. The information is sent directly to your healthcare professional, which reduces the need for in-person visits to the doctor.
The Pros and Cons of Bluetooth
Bluetooth offers many advantages, but there are drawbacks, too.
| Pros | Cons |
|---|---|
| Wireless: You can use headphones without annoying cord tangles. Your printer, mouse, and keyboard don’t need cables, keeping your desktop uncluttered. | Battery eater: Despite relatively low energy consumption needs, you still have to charge Bluetooth devices frequently. If your smartphone has Bluetooth enabled, the battery drains faster. |
| Automatic & easy: You only have to enable Bluetooth on both devices for them to be able to “find” each other. Once paired, all future connections happen automatically. | Health concerns: Although no direct link has been found, there are questions about the relationship between Bluetooth radiation and health issues like dizziness, sleeping problems, anxiety, depression, and even brain tumors. |
| Compatible: Bluetooth can connect devices of all kinds, regardless of operating system or manufacturer. | Easy to find: Bluetooth technology easily finds nearby devices. This advantage is also a potential risk. Hackers can see which devices are nearby and attack. This is a risk in public spaces, like airports, trains, and cafés. |
| Multiple devices: A Bluetooth network can connect up to eight devices, with one being the “master” that controls all other connected devices. | Short range: To work reliably, your Bluetooth devices must be within about 10 meters of each other. This limitation makes Bluetooth a poor choice for some wireless applications. |
| Secure connection: Because you must approve connections that are not already part of your network and Bluetooth only works at short distances, it is difficult (but not impossible) to intercept the signal. | Slow data transfers: Wireless technology has limits on how fast it can transmit data. While the latest versions of Bluetooth are much faster than their predecessors, they are still no match speed-wise to other technologies like Wi-Fi and USB. |
How Safe is Bluetooth?
No wireless technology is 100 percent safe, and Bluetooth is no exception. So how secure is Bluetooth? There are three common ways clever criminals can compromise your Bluetooth security: bluejacking, bluesnarfing, and bluebugging.
Bluejacking
This type of cyber attack involves one Bluetooth-enabled device hijacking another and sending spam messages to the hijacked device. Mostly it is an annoyance, but if a recipient falls for such a phishing attempt and clicks on a link in one of these spam messages, bigger issues can arise. The link often takes you to a website where your personal information is stolen or malware is installed on your device.
Bluesnarfing
A bluesnarfing attack is similar to bluejacking, but more sinister. Where bluejacking only sends information to your device, bluesnarfing also extracts information from your device. Data like text messages, photos, emails, and even the identifying information your device sends to your ISP can all be stolen. The hacker can use this information for a variety of purposes, none of them good.
Bluebugging
Here, hackers establish a surreptitious Bluetooth connection with your phone or laptop. They then use this connection to gain backdoor access to your device. Once in, they can spy on your activity, access your sensitive information, and even use your device to impersonate you on any apps on your device, including the apps you use for online banking.
This kind of attack is called bluebugging because it resembles the way one might bug a phone. Once control over the phone is established, cybercriminals can use it to call themselves and listen in on conversations.
Examples of Bluetooth attacks
No device is immune from a Bluetooth security threat. There are plenty of examples that show just how vulnerable any Bluetooth-enabled device is to an invasion by determined cybercriminals.
In 2017, for example, the well-known BlueBorn attack showed that Bluetooth technology could be hacked without the attacker being paired to the device. Devices could be infected even when they were in non-discoverable mode. Once hacked, the device could be fully controlled by the hacker, then used to access networks and steal data, initiate ransomware demands, and spread malware to other nearby devices. Virtually any Bluetooth-enabled device was susceptible to a BlueBorne attack.
In 2019 a collection of vulnerabilities in Apple’s macOS allowed hackers to take over devices through Bluewave Zero-Click Bugs. Just a couple of months later, it was Android’s turn: the BlueFrag leak allowed hackers to steal personal data, spread a worm virus, or silently execute arbitrary code on your smartphone through Bluetooth.
Although most of these vulnerabilities were patched in time, it shows that Bluetooth isn’t completely secure. It’s incredibly important to incorporate proactive measures into your online security routine.
Bluetooth Privacy Concerns
You might think hackers are the only threat when it comes to Bluetooth security. Sadly, this isn’t the case. Many apps, including popular ones from Facebook, Google, and others, use your device’s Bluetooth functionality to monitor your location.
When you turn off Bluetooth on your device, it stops transmitting, but still recognizes nearby Bluetooth signals. App makers use these Bluetooth signals to pinpoint your location. This means that app makers can track you anywhere you go, and maintain data about your daily movements (at least if you carry your device with you). The scariest bit is that Bluetooth allows for very accurate tracking.
Many app makers state in their privacy statement that they use Bluetooth to track your location, but as we all know, most people don’t actually read these statements in detail. As such, most everyday consumers are not aware of the risks.
You can protect your privacy by carefully reading the privacy statement to see if the apps you install make use of Bluetooth to track your location. Because location tracking needs your permission, you can manually turn off this permission for those apps.
How to Use Bluetooth Safely
With these security and privacy risks in mind, it’s important to know how to create a safe Bluetooth environment. Here are some tips to avoid any unwanted Bluetooth surprises:
- Install security patches and updates.
- Make your Bluetooth device not discoverable.
- Don’t share sensitive information via Bluetooth.
- Be careful who you connect with.
- Turn your Bluetooth off.
- Don’t pair devices in public.
- Unpair devices as needed.
Each of these tips will be discussed in more detail below.
1. Install security patches and updates
The best way to protect yourself is to update your operating system as soon as patches become available. After discovering the BlueBorne vulnerability, for example, Google and Amazon released new updates that protect users against these types of attacks. Thus, the vulnerability was remedied fairly quickly. Users protected themselves when they installed the latest update, even if they didn’t know about the threat.
Keeping all your apps and systems up-to-date is a very easy way to stay protected.
2. Make your Bluetooth device not discoverable
The most common Bluetooth attacks involve hackers targeting Bluetooth devices that are nearby and discoverable. Make it harder for hackers to zero in on your device by setting Bluetooth to “not discoverable.” How you do this depends on the device.
Make Bluetooth not discoverable on iPhone
According to Apple, the only time your iPhone’s Bluetooth is discoverable is when you have the Settings > Bluetooth screen active. Once you exit Settings, your device is no longer discoverable or available for new pairings.
Make Bluetooth not discoverable on Macbook or iMac
Unlike iPhones, your Macbook or iMac lets you toggle the discoverability of Bluetooth. Here’s how:
- Open System Preferences.
- Click on Sharing.
- Uncheck the Bluetooth Sharing box.
You can always verify the status of your Mac’s discoverability by going to Option and clicking on the Bluetooth icon in the top menu bar.
Make Bluetooth not discoverable on Android
If you’re using Android, here’s how you can hide your Bluetooth device from others:
- On your Home screen, tap Menu > Settings > Bluetooth.
- Turn Bluetooth ON.
- Click on More connection settings.
- Turn off the Nearby scanning devices option.
This will make your device invisible to other unpaired Bluetooth devices. Any previous pairings will remain accessible.
Make Bluetooth not discoverable on Windows 10
To keep your Windows 10 Bluetooth hidden from other devices, do the following:
- Click Start > Settings > Devices > Bluetooth & Other Devices.
- Turn Bluetooth ON.
- Click More Bluetooth Options.
- Untick the Allow Bluetooth devices to find this PC box.
Previously paired devices will still be able to connect to your computer, even with discoverability turned off.
3. Don’t share sensitive information via Bluetooth
Considering the relative vulnerability of Bluetooth, it’s good practice to avoid sending sensitive information via your wireless connection. If you need to send private photos, passwords, login information, or the like, use a more secure means to transmit that data.
4. Be careful who you connect with
Keep your Bluetooth secure by not accepting Bluetooth connection requests from unknown sources. Hackers might send out these requests in the hopes that someone gives them access.
If you aren’t sure who is asking to pair with your device and for what reason, decline or ignore the request.
5. Turn Bluetooth off
Although the fact that Bluetooth devices automatically find other devices is a very useful feature, it also makes your devices prone to attacks. To save your phone’s battery and better protect yourself against attacks, it’s wise to turn Bluetooth off until you actually need it. This is especially true when you’re in public areas, like airports, train stations, and restaurants.
If you’re concerned that you won’t remember to turn Bluetooth on and off, don’t worry. There’s an app for that! Many automation apps such as If This Then That and Tasker can be set up to automatically turn off your Bluetooth when you leave a location or disconnect from a device. Not only will this help keep your Bluetooth secure from hackers, but it will also give a slight boost to your device’s battery life.
6. Don’t pair in public
When you do want to establish a connection with a known device, try to pair the two for the first time in a secure location. Resist the temptation to immediately pair that new set of Bluetooth headphones outside the store where you bought them. Wait until you get home or back to your office.
Using this strategy, you can better control the discoverability of your Bluetooth device, since, after the initial pairing, you won’t have to make your Bluetooth device discoverable to connect with your new headphones.
7. Unpair as needed
Get in the habit of deleting any old Bluetooth pairings you no longer need or use. You can find your current pairings in the Bluetooth settings on your device. While most pairings are probably harmless, like that AirBnB speaker you connected to last year, having unused pairings on your device exposes you to unnecessary risk, even if the threat is small.
Will a VPN Make Bluetooth Secure?
One question we often get is whether a virtual private network (VPN) can be used to make your Bluetooth secure. Although a VPN is one of the best ways to ensure your overall online security, it won’t directly protect you against the threat of Bluetooth hackers.
Even so, VPNs offer a host of benefits. They keep you safe when accessing the internet on public Wi-Fi (like when you’re on the train or in a café), they cloak your actual location, and they encrypt the data you send online. These strategies all keep you safe from prying eyes, cybercriminals, and snooping internet service providers.
We recommend that all our readers use a VPN when they can. For more information, you can read our review of the top VPN providers of this moment. Just keep in mind that a VPN won’t keep you safe from attacks via Bluetooth.
Will Antivirus Software Keep Bluetooth Safe?
Another question that security-minded people often ask is whether an antivirus program will keep their Bluetooth secure. While an antivirus program should be an essential part of your overall online security, it cannot stop a cybercriminal from hacking your Bluetooth. However, what the antivirus will do is keep you safe from the malware often installed as part of a Bluetooth hack.
To learn more about what antivirus software does and which we consider the best, read our review of the top antivirus software of this moment. If you want immediate protection, we suggest Kaspersky. They offer a variety of plans with different levels of protection and their software is very easy to install and use. Kaspersky will be able to provide protection against a lot of the malware Bluetooth hackers might infect your device with.
Final Thoughts
Bluetooth has made our lives a lot easier. We listen to our favorite music without getting tangled up in pesky cords. Our wireless keyboard and mouse keep our workspace uncluttered. Driving our vehicles is safer with a multitude of hands-free options.
While this helpful technology doesn’t come without security risks, you can easily create a secure Bluetooth environment. Turn Bluetooth off when you’re not using it. Keep your operating systems up to date. Be careful who and what you pair with.
By incorporating a few common-sense strategies into your routine, you can enjoy Bluetooth more and worry less about what nearby hackers might be up to.
Still have questions? Looking for more information? Check out the questions we get the most about Bluetooth.
There are a number of things you can do to maximize the security of your Bluetooth connection:
- Turn off Bluetooth when you’re not using it.
- Set your Bluetooth to not discoverable.
- Install system updates and patches whenever they are issued.
- Be mindful of which devices you pair with.
To find out more about Bluetooth security risks and other ways you can stay safe while using this convenient technology, read our full article.
When Bluetooth is turned off, hackers attempting a Bluetooth attack can’t see your device. This is the safest way to avoid a Bluetooth attack. But it is not practical, since most people use Bluetooth every day for some purpose.
The best strategy is to get in the habit of turning off Bluetooth whenever you’re not using it. If you have trouble remembering to do so throughout the day, there are a number of apps out there that will do it for you.
You can easily see which devices you’re actively paired with by reviewing your Bluetooth settings. There will be a list of all devices you’ve previously paired with and the status of your connection to each. If you see an active connection you don’t recognize, terminate it immediately and forget the device.
Bluetooth devices emit only low levels of nonionizing radiation. The U.S. Food and Drug Administration notes that routine exposure to this type of radiation is considered harmless to humans. Medical experts generally agree that it’s highly unlikely radiation at the levels generated by Bluetooth headphones poses any health safety risks to wearers.
You can make your Bluetooth device not discoverable in different ways, depending on your device:
- iPhone: automatically hides your Bluetooth connection anytime the Bluetooth settings screen isn’t actively open.
- Android, Mac, and Windows: you can turn on the hidden mode in your Bluetooth settings.
Read our full article on Bluetooth safety for step-by-step instructions on how to do this for each device.
-
-
-
https://vpnoverview.com/privacy/devices/bluetooth/
Hello, I wanted to use a wireless headset for work as I work from home and running to grab the door with a headset and laptop is not always easy lol. Would a headset with a dongle thing as my work laptop doesn’t have Bluetooth as it has been removed, would work? I have a mouse a keyboard plugged and they work, and how secure would it be?
I don’t think this will work as per Company’s group policy. You have to speak with your i.t. Admin to configure goesit and allow this Bluetooth and/or Bluetooth dongle setting/connection
Very thorough overview Thank you. a query about the Apps/phones concerning ability to continue tracking when both Bluetooth and location services are off: do you know of a way to disable the actual tracking or pinging of the phone itself or to turn it off generally for all apps?
You can turn it off in the ‘Location Services’ menu on your phone (on iPhone it’s under ‘Settings’ and then ‘Privacy’). Still, with all the different types of connections this is not a guarantee that you can’t be tracked altogether (there’s also triangulation by cellphone signal, Wifi-hardware location, etc.).
Thanks for this article. I have been looking for information about the safety of Bluetooth in Covid-19 tracking apps such as the one here in Australia. This article mentions Coronavirus tracking apps but then the advice on how to protect your security is incompatible with using such apps, ie. they require you to keep Bluetooth running so they can do Bluetooth handshakes with other users.
I imagine there might be a few people searching for information about the safety of these apps and the “Bluetooth handshake” so I was wondering if you can give any more specific information regarding that feature and how to best protect your privacy while using the apps. Also whether so many people using it at the same time will provide an enticing environment for hackers* to develope ways to simulate or hijack the handshake.
* “hackers” – I’m not sure if that’s specifically what they are called but I’m sure you get my drift anyway.
You’re right. With Coronavirus tracking apps, there’s a careful balance between privacy and safety that needs to be found. On the one hand, you don’t want the app’s owners to be able to track your every move and any possible hackers misusing the app, while on the other hand we want to use the app to keep the virus under control. If your app works with Bluetooth, many of the dangers and risks described in this article will be relevant. We’ll investigate this matter a little more and update our article with information and advice specific to Covid-29 tracking apps as soon as possible!
Nice article, but on my phone (Sony Xperia X) there is no function to allow only trusted bluetooth devices.
At least none that I can find. ☹️
This is not necessarily a function of your phone, but a way for yourself to ensure your safety. If you only connect to bluetooth devices that you know and trust, like your own headphones or a speaker, you will remain safer. The option to add a trusted bluetooth device to your phone can help you with this. If you’re connected to a device you trust, simply add it to your trusted list and you’ll be able to find it more quickly later. This should also be possibly on Sony Xperia X. Go to your settings, then ‘lock screen & security’, then ‘Smart Lock’. If you tap ‘Trusted devices’ here, you can add one for bluetooth. Good luck!