Best Tips for choosing strong passwords

Password cracking software uses one of three approaches: intelligent guessing, dictionary attacks, and automation that tries every possible combination of characters. Given enough time, the automated method can crack any password.

However, even when password cracking tools continue to improve, it still can take months to crack a strong password. Here is one of the best tip on creating strong secure passwords:

Instead of using the same password for everything you access, choose a root password, then take the name of the service or application you’re accessing, replace a few letters with numbers (or jumble it up), and append it to the end of your root password.
OfZenAndComputing.com has some more strong password tips:1. Do not use names, nor words found in the dictionary.

2. Your password’s length should be at least 8 characters long.

3. Select an alphanumeric password, meaning that it contains both letters and numbers. Try appending a random number to the end of the password, or replacing one or two letters with numbers.

Source: Create a strong, secure password | Passwords: The weakest link

BLUETOOTH TECHNOLOGY

"BLUETOOTH represents a single chip, low cost, low power radio based network technology for Wireless Personal Area Networks (WPAN)"
>
Bluetooth wireless technology is a short-range communications system intended to replace the cables connecting portable and/or fixed electronic devices. It provides Wireless interconnections between low power, short range, small mobile devices (Palmtops, Laptops, PDAs, phones, etc) in close proximity (within a room, car, cabin, elevator…) Bluetooth technology
Provides freedom from wires
Supports creation of Adhoc piconets and Personal Area Networks(PAN) with limited coverage (within the range of 10 ms)
Doesnot require Infrastructure support like Switches, Access Points, hubs, routers, etc. for establishing interconnectivity
Connects Keyboard, mouse, printers, headphones, head sets with speakers etc. to PC without wires.
To Interconnects hand held, portable, battery operated devices like mobile phones, hands free equipment with mobile phones, PDAs, mobile computers, communicators,, microphones, wireless speakers to home theatre systems
The Bluetooth core system consists of an RF transceiver and follows IEEE 802.15 standards. The system offers services that enable the connection of mobile devices and exchange of a variety of data (voice, music, graphics, text) between these devices.
Bluetooth consortium was formed by 5 companies in 1998 i.e. Ericsson, Intel, IBM, Nokia and Toshiba. Blue-tooth standard is adopted by over 1000 manufacturers of electronics appliances (Akai, Motorola, LG, Samsung, Nokia, for music, video, data, fax m/c ……)

Features of Bluetooth
1. Power consumption is very low due to battery operated devices.
2. Freq. Band (2400-2483.5 MHz) 83.5MHz. B.W.
3. Fast Freq. Hopping TDD scheme at a rate of 1600 hops/sec.
4. Within a Pico net all devices use the same hopping sequence
5. Transmitter Power upto 100mW.
6. Range 10m-100m with special transceivers.

The Bluetooth RF (physical layer) operates in the unlicensed ISM band at 2.4GHz. The datarate is 1 Megabits per second (Mbps). A group of devices interconnected using RF link form a piconet. Devices in a piconet use a specific frequency hopping pattern which is algorithmically determined by certain fields in the Bluetooth specification address and clock of the master.

Security Issues

Today's wireless world means that data is being sent, among us, invisibly from device to device, country to country, person to person. This data, in the form of e-mails, photos, contacts and addresses are precious and private to each of us. This private information, no longer making its way along wires in plain sight, needs to be sent securely to its intended recipient without interception. Wireless standards the world over are evolving and have various formats for dealing with the security issues of its users. Bluetooth wireless technology is no exception.

Bluetooth wireless technology has, from its inception, put great emphasis on wireless security so that users of this global standard can feel secure while making their connections. The Bluetooth Special Interest Group (SIG), has a Bluetooth security experts group made up of engineers from its member companies who provide critical security information and feedback that is taken into account as the Bluetooth wireless specification evolves.

Product developers that use Bluetooth wireless technology in their products have several options for implementing security. There are three modes of security for Bluetooth access between two devices.

Security Mode 1: non-secure
Security Mode 2: service level enforced security
Security Mode 3: link level enforced security

The manufacturer of each product determines these security modes. Devices and services also have different security levels. Three security levels are defined:
services that require authorization and authentication (mode 3)
services that require authentication only and (mode 2)
services that are open to all devices. (mode 1)

Lately, confusion and misinformation surrounding security and Bluetooth wireless technology has increased. The current security issues typically involve mobile phones. The encryption algorithm in the Bluetooth specifications is secure.

Cases where data has been compromised on mobile phones are the result of implementation issues on that platform. The recently reported issues of advanced "hackers" gaining access to information stored on select mobile phones using Bluetooth functionality are due to incorrect implementation. The names bluesnarfing, bluejacking and bluebugging have been given to these methods of illegal and improper access to information. The following sections provide users with more information about these current issues and will address their concerns for dealing with these security risks.

What is bluejacking?

Bluejacking allows phone users to send business cards anonymously using Bluetooth wireless technology. Bluejacking does NOT involve the removal or alteration of any data from the device. These business cards often have a clever or flirtatious message rather than the typical name and phone number. Bluejackers often look for the receiving phone to ping or the user to react. They then send another, more personal message to that device. Once again, in order to carry out a bluejacking, the sending and receiving devices must be within 10 meters of one another. Phone owners who receive bluejack messages should refuse to add the contacts to their address book. Devices that are set in non-discoverable mode are not susceptible to bluejacking.

What is bluebugging?

Bluebugging allows skilled individuals to access the mobile phone commands using Bluetooth wireless technology without notifying or alerting the phone's user. This vulnerability allows the hacker to initiate phone calls, send and receive text messages, read and write phonebook contacts, eavesdrop on phone conversations, and connect to the Internet. As with all the attacks, without specialized equipment, the hacker must be within a 10 meter range of the phone.

What is bluesnarfing?

Bluesnarfing allows hackers to gain access to data stored on a Bluetooth enabled phone using Bluetooth wireless technology without alerting the phone's user of the connection made to the device. The information that can be accessed in this manner includes the phonebook and associated images, calendar, and IMEI (international mobile equipment identity). By setting the device in non-discoverable, it becomes significantly more difficult to find and attack the device. Without specialized equipment the hacker must be within a 10 meter range of the device while running a device with specialized software. Only specific older Bluetooth enabled phones are susceptible to bluesnarfing.