Question : Bluetooth Encryption

Hi

We are running Exchange 2003, BES 4.1.7, and a range of devices.

At the moment, we allow Bluetooth, but I'm worried about the security of users pairing with another device and transferring data. We would like to enforce encryption of any data sent between Bluetooth devices. Does anyone know if Bluetooth data is already encrypted? Or is the passcode that is entered just to initially pair.

I also see there is a Blackberry BES IT Policy to "require encryption" for Bluetooth data...does anyone know what sort of encryption this is?

Answer : Bluetooth Encryption

The actual data being transferred is not encrypted, although the security pin is, which is up to a 16 digit alphanumeric pin. This is 8000000000000000000000000 different possible combinations, therefore a brute force attack is impossible. Once someone has the code or a paired device, they can access the data which is then not encrypted, that's what I mean by you can get extra encryption.

Here's some more info about bluetooth security.

Implementing Security
Developers that use Bluetooth wireless technology in their products have several options for implementing security. And there are three modes of security for Bluetooth access between two devices.

* Security Mode 1: non-secure
* Security Mode 2: service level enforced security
* Security Mode 3: link level enforced security

Random Solutions

Remote Desktop Web Access

disable default "CURRENT_TIMESTAMP" field when executing UPDATE query

TTL Expired periodically on a ping to another subnet.

Can MS Excel 2007 design the same layout image (See below) using scalable framed cells and embed fields text or images for use by web developers

Remote Desktop Server 2003 Group Policy and Server 2008

Coldfusion - Invoking CFC 'up' a directory?

Installed VMware Server 1, now OWA & Outlook Anywhere doesn't work

Convert Test field to Number field in make table query

copying long file names

Trigger insert with constraint