<div class='os_post_top_link'><a href='http://www.geekzone.co.nz/content.asp?contentid=2762' target='_blank'>http://www.geekzone.co.nz/content.a...?contentid=2762</a><br /><br /></div>"The Bluefire Mobile Firewall Plus 3.0 now includes infrared and Bluetooth communications management to add increased security to Windows Mobile based handhelds. Faced with the growing security threat created by mobile devices with Bluetooth and Infrared connectivity, security administrators can use the upgraded version of Bluefire Security’s flagship product to disable these communication capabilities before an enterprise deployment of personal digital assistants (PDAs) or converged devices."<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/logsdon_20040506_bluefire.jpg" /> <br /><br />"The vulnerability of Bluetooth-enabled mobile devices, as demonstrated by frequent break-ins over the past year, has raised serious concerns among the security community. Since most PDAs and smart phones come standard with Bluetooth or Infrared built-in, administrators need to disable these capabilities before issuing the devices to employees and risking information theft or backdoor exposure to the enterprise."<br /><br />In addition to bluetooth and IR, the software also provides firewall protection for 802.11, CDMA and GPRS connections, and allows administrators to disable speaker and microphone capabilities "via a centrally managed and enforced security policy". Need cryptography? The FIPS 140-2 Validated Cryptographic Module should slake your thirst. There's no listed price, which means it's aimed squarely at the enterprise/government level - i.e. not cheap. Any IT management-type people out there who need something like this?

Um, for BT, there is this magical software option that is called a OFF BUTTON! If the radio's not on, then you don't care. I can see this on 802.11, but I am so briefly connected plus most of the hotspots block filesharing and other options. Breaking into another machine on the WiFi network isn't easy either and while I don't disagree there is a danger, the danger is slight...so slight as to not need software at this point unless your ultra paranoid.

quoting the vendor's press release:
"The vulnerability of Bluetooth-enabled mobile devices, as demonstrated by frequent break-ins over the past year"

anyone know if there are any facts/figures/reports to back up that particulalry broad and wide reaching statement?

only reports I've seen so far were using tools not yet 'in the wild' against particular handsets from Nokia and Sony Ericsson (and then only when the Sony Ericssons were in 'visible' mode)...

.