| This study explored the Bluetooth vulnerabilities of mobile phones and how those vulnerabilities can be utilized by attackers to control mobile phones and gain personal data. The researcher conducted attacks on mobile phones under varying conditions in order to verify the efficacy of two attacks, Bluesnarfing and Bluebugging. This method tested improvements in Bluetooth security features by using attack verification. In other words, if an attack is designed to make use of the vulnerabilities of Bluetooth 1.0, then the newer version, Bluetooth 2.0, should have a proposed solution designed to fix these vulnerabilities. This study demonstrated that the security features of Bluetooth have been improved to defend against Bluesnarfing and Bluebugging. However, other Bluetooth threats were found, including lack of verification for connections following the first connection, over-supported functions, and the implementation of discovery mode. The implementation and design may also cause leakage of users' information leakage. |
