A new, and potentially mischievous, underground cellphone “messaging” craze that uses bluetooth technology in cellphones has been sweeping through the United Kingdom and Europe. As more bluetooth-enabled phones become available on the South African market, we are likely to see the fad take off here, too.
The phenomenon, called “bluejacking”, exploits bluetooth communication technology found in the newer, more advanced cellphones on the market to send anonymous electronic business cards to other cellphones that are in range, with or without their permission. It is not quite an SMS, but it allows a person to send a short text message to another phone, similar to that of an SMS.
Bluetooth is a communication technology that enables devices within a few metres of each other to exchange information wirelessly via short-range radio. It works over a range of about 10m and was created so that cellphones, PDAs, printers and computers could connect to each other.
The act of bluejacking involves creating a contact in your cellphone’s address book using the message you want to send to another cellphone as the name for that entry.
The contact, which is the message created for the purpose of bluejacking, can then be sent via bluetooth anonymously to any cellphones within range.
If the bluejacked victim chooses to accept the “contact” sent via bluetooth then it will also appear in their phone’s address book.
From here, the victim can see what is written in the other address book fields too. As the cellphone receives the bluejack message, it will beep in the same way as an SMS alert. For bluejacking to work, both phones — sending and receiving — need to be bluetooth-enabled and have bluetooth switched on.
According to international anti-virus company Sophos the word “bluejacking” is derived from the words “bluetooth” and “hijacking” — referring to the fact that messages can be sent to a cellphone without the user’s permission.
Although a nuisance, bluejacking doesn’t involve any theft of data, so it’s not illegal. But the potential for mischief is great, because the messages sent are anonymous and can be sent without permission.
Sophos says this has created fears that the cellphones could become the victim of a new kind of cellphone spam (unsolicited messages) as a result of bluejacking.
Technology analyst Arthur Goldstuck says this emergence of instant and anonymous communication between devices is going to result in a wide range of “uses and abuses” of the technology in cellphones.
It appears that bluetooth, he says, is becoming more than just a convenient housekeeping technology to allow devices to speak to each other without the hassle of using cables and wires.
“What has always been understood about bluetooth is that it enhances the possibility to create a community of devices where the user of a bluetooth-enabled device can walk into a room and that device immediately becomes part of a community of devices in that room.
“This was always seen as a great advance in connectivity between devices, but what was never explored was the downside — and we’re beginning to see that downside now,” he says.
Goldstuck adds that in the UK, the technology has also given rise to phenomenon called “toothing”, where cellphone users are sending anonymous bluetooth messages to pick up dates or solicit casual (and anonymous) sex.
A senior technology consultant for Sophos, Graham Cluley, says that Sophos has received reports from users who had been bluejacked, alarmed that they may have a cellphone virus.
“These messages are not viruses, but clearly they can be a nuisance and an unexpected surprise,” says Cluley on the Sophos website.
Unlike regular SMS messages, these bluetooth messages are free. They can be sent in areas where there is no network coverage because bluetooth doesn’t rely on the cellular networks to transmit information, but on short-range radio.
A limitation is that a phone needs to be within a 10m range of another to be bluejacked via bluetooth.
As an indication of how the craze is taking off, a website claiming to be the first site in the world “dedicated to bluejacking”, bluejackQ, says it has achieved more than one-million page impressions.
The website has detailed instructions on how to bluejack or protect yourself from bluejacking.
Goldstuck says that the emergence of the bluejacking phenomenon creates a demand for some kind of system in cellphones to block out unsolicited bluetooth messages.
“We can expect to see a lot more similar disadvantages of bluetooth arising in the future, but on the whole the benefits far outweigh the disadvantages in the same way we have learned to live with spam because e-mail is too valuable,” he says.