Bluetooth on Computers and Cell Phones
As with all good things, the bad guys are finding ways to take advantage of this capability to steal valuable information, from data on your device (your contact list, University email, etc.) to listening in on your phone conversation.
Here are four tips that can help keep your Bluetooth computer or mobile device secure.
Turn unused features off. Turn off any features that you are not using. If you have a Bluetooth-equipped device and do not need a certain function, turn it off. For example, if you're only using Bluetooth to listen to calls, then don't turn on the phone's Bluetooth file-transfer feature.
Turn 'discoverable' off. You may have seen a setting for 'discoverable' on your device. This setting is only meant to be used when you securely "pair", or introduce, two Bluetooth devices. Examples include pairing your headset with your phone or your PDA with your computer. When that pairing process is done, the devices should remember each other, so turn 'discoverable' off. Some device pairing PINs are hard-coded into the device and well known. Bad guys have written programs to pair to discoverable devices, for example your phone headset, and listen in.
Verify incoming connections. Do not accept attachments or applications received on your phone or device if you weren't expecting them, no matter how legitimate they may seem. If your device asks to pair and you didn't initiate the pairing, deny it and check your 'discoverable' setting (should be OFF or 'hidden').
Set appropriate permissions. Ideally, use Bluetooth passwords with a large number of digits. Set Bluetooth service permissions for services appropriately, e.g. iOS AirDrop, when turned on should probably be set to Contact Only, and certainly shouldn't be left on in 'Everyone' mode.
Tips in this article are adapted from a C-NET news article.