blueARMOR 100 Secure Headset

Frequently Asked Questions

What is a "secure" Bluetooth headset?

Standard Bluetooth headsets are vulnerable to remote attacks that allow hackers to eavesdrop on phone conversations and access information stored on the phone (contacts, calendar, and emails). The headset can even be turned into a remote microphone, allowing the hacker to eavesdrop on any conversations in the immediate area. Hackers can use readily available equipment to extend the range of Bluetooth to over a mile. This remote hacking is possible because of known vulnerabilities in Bluetooth and because most headset and cell phone manufacturers set the default Bluetooth pairing PIN to "0000". The National Security Agency (NSA) and the National Institute of Standards and Technology (NIST) have published security recommendations that a Bluetooth headset must meet to be considered "secure". The blueARMOR 100 Secure Headset, from baiMobile®™, is the first Bluetooth headset to meet these security recommendations.

Do I need a "secure" Bluetooth headset?

If you regularly use a Bluetooth headset and if you discuss topics of a sensitive or confidential nature, you may be targeted by a hacker. If you have personally identifiable information (yourself, friends, relatives, client) stored on your mobile phone or the names, addresses, birthdays ,phone numbers of friends and business associates, you should consider the ramifications if that data was stolen by identity thieves. Many organizations including the US Department of Defence, the National Security Agency and other branches of the US Federal Government prohibit the use of standard Bluetooth headsets by their employees. The blueARMOR 100 Secure Headset eliminates these threats.

What kinds of types of Bluetooth attacks exist?

The list of known Bluetooth attacks is long and growing. Below is a partial list of some of the Bluetooth hacking techniques and programs that are readily available to those with moderate technical ability. Most standard Bluetooth headsets and smartphones are susceptible these attacks. However, the blueARMOR Secure Bluetooth Headset paired with a smartphone that has the NSA recommended security policies enforced are immune to all known Bluetooth attacks.

• BlueBug
• Long-Distance-Snarf
• Bluetooone
• Blueprinting
• Blooover		 • BT Audit
• BlueSmack
• BTClass
• BlueSnarf & BlueSnarf++		 • HeloMoto
• BlueBump
• BlueDump
• Car Whisperer		 • Nokia 770
• Blooover II
• BlueChop
• RFIDIOt

What makes the blueARMOR 100 headset "secure"?

blueArmor-100_Bluetooth-Headset_200pxThe blueARMOR 100 Secure Headset includes factory-installed security firmware on the headset that enforces the highest level of Bluetooth security between the headset and the phone.

  • Patent-pending technology generates a random pairing passkey each time the headset is paired with a phone. This new passkey is spoken into the earpiece of the headset, allowing the user to compare the spoken passkey to what is displayed on the phone. This random number replaces the default passkey of "0000".
  • Service level security (mode 4) is enforced on both the headset and the phone. NSA recommends that additional security policies be enforced on the phone.
  • The Bluetooth radios on both the headset and phone are configured to require 128-bit SAFER+ encryption for audio (voice), preventing a hackers from eavesdropping on conversations.
  • NSA recommends that all user interfaces in the phone to the Bluetooth stack are eliminated. This prevents the user from inadvertently opening a "backdoor" on the phone that a hacker could exploit.
  • With the exception of the Headset 1.0 and the Handsfree 1.5 profiles, all other Bluetooth profiles on the headset are disabled. . NSA recommends that all other Bluetooth profiles (except the serial profile) are disabled on the phone as well.

    How does the functionality and performance of the blueARMOR 100 Secure Bluetooth Headset compare with other high-end headsets?

    The blueARMOR 100 Secure Headset, from baiMobile®™ compares favourably with our quality headsets in the following areas:

    • Sound Quality
      The baiMobile®™ headset has dual microphones, echo cancellation and CVC noise suppression for excellent sound quality under a variety of indoor and outdoor conditions (wind, background noise, etc).
    • Comfort
      The blueARMOR 100 Secure Headset has a flexible, reversible ear loop and five interchangeable ear gels for to provide maximum comfort.
    • Battery Life
      The blueARMOR 100 Secure Headset has a rated talk time of approximately 6 hours and a rated stand-by time of up over 3 days.
    • Style
      The blueARMOR 100 Secure Headset was designed for security, we did not sacrifice style – this headset features a distinctive brushed-aluminium look.
    • Ease of Use
      The blueARMOR 100 Secure Headset has convenient power on/off and volume controls for ease of use.

      Will the blueARMOR 100 Secure Headset work with my phone?

      The blueARMOR 100 Secure Headset pairing technology utilizes the Secure Simple Pairing feature found in Bluetooth version 2.1 and higher. Per NSA security recommendations, the headset will ONLY pair with phones with Bluetooth ver 2.1 and higher and will refuse to pair with phones that have Bluetooth ver 2.0. Before purchasing the blueARMOR 100 Secure Headset, please check the most current list of supported devices here.

      Can I pair the blueARMOR 100 Secure Headset with more than one phone?

      No. Per NSA secure recommendations, the blueARMOR 100 Secure Headset will only pair with one phone at a time. The "Multi-Point" feature in Bluetooth ver. 2.1 is disabled.

      Can I use the blueARMOR 100 headset to listen to music?

      No. Per NSA secure recommendations, the Bluetooth channel is only be used for voice conversation to the phone. Music streaming is not supported at this time.

      Bluetooth security resources:

      The following resources provide more detailed information on Bluetooth security:

      1. The Unites States Internet Crime Task Force: Securing Your Bluetooth Device
        http://www.usict.org/docs/bluetooth.pdf
      2. National Security Agency: Bluetooth Security
        http://www.nsa.gov/ia/_files/factsheets/I732-016R-07.pdf
      3. Defence Information Security Agency: DoD Bluetooth Headset Security Requirements Matrix
        http://iase.disa.mil/stigs/checklist/dod_bluetooth_headset_security_requirements_matrix_v2-0_7april2008.pdf
      4. National Institute of Standards and Technology: Guide to Bluetooth Security
        http://csrc.nist.gov/publications/nistpubs/800-121/SP800-121.pdf

      Secure Headset Menu

      Bluetooth Eavesdropping Video

      bluetooth-logo_150px
      Eavesdropping Video
      baiMobile_Bluetooth_Security
      where-to-buy