News
Issue #2002 - 42 (November 2002)
(Updated Nov. 5, 2002)

OPINIONS

Bluetooth Not ready - Needs an Enterprise-Grade Solution, says Gartner

William Clark on ZDNet site reports on Gartner's position on Bluetooth thus:

Bluetooth products are insecure and interoperability is elusive because the specification allows vendors to select default security settings, and the implementation process ensures only low-level compatibility. 
What you need to know Gartner believes Bluetooth vendors will not offer adequate interoperability or security for more than single-vendor point solutions through year-end 2005. Even when vendor offerings mature, legacy Bluetooth devices will create opportunities for malicious activities in the near future, even if the Bluetooth SIG or a small set of major vendors creates an enterprise-grade set of Bluetooth products.

When enterprises purchase Bluetooth-enabled products, there is no guarantee that different products will work together. The richness of Bluetooth applications, which are called profiles, means that the combinations of testing patterns is vast when compared to other wireless standards, such as 802.11b. Interoperability must improve if Bluetooth is to reach its much-hyped potential beyond simply a cable-replacement technology.

Bluetooth deployment costs are higher than other wireless technologies because of limited interoperability and the need to implement policies to safeguard against data corruption and theft in Bluetooth-enabled devices. The complexity facing the Bluetooth Special Interest Group (SIG) regarding specifying a comprehensive security solution is daunting. Here, we consider how to increase Bluetooth interoperability and security based on Gartner's analysis of recent Bluetooth SIG specifications, including profile-level security for service discovery, headsets, dial-up service, LANs, and synchronization. 

Bluetooth potentially is the most-expensive wireless technology for enterprises to secure because of its peer-to-peer nature:

• Bluetooth will eventually be in the greatest number of devices because of its low cost; therefore, it will be the largest target for exploitation. 
• The Bluetooth SIG has specified that link-level security is optional to address the market opportunity potential for Bluetooth devices as remote controls; therefore, this security can be turned off by vendors in the default configuration. Thus, in many cases, the default configuration for devices will be unsafe for corporate and personal use. 
• During the next three to five years, Bluetooth vendors under competitive time-to-market pressures will make mistakes that will lead to increased usage costs when implementing Bluetooth component security. 
• Because security solutions cannot be implemented uniformly across a wide class of Bluetooth devices, users will make uninformed decisions in the configuration and use of their devices in public places. 
• Another set of "hidden" costs will be incurred as end users fumble with devices that are difficult to pair because of poor user interfaces and in situations where profiles are not fully implemented.

For more information: http://www.gartner.com and http://www.zdnet.com

MobileInfo Comments and Advisory:  Gartner report rightly points out dangers inherent in Bluetooth. In a sense, there is nothing new about these conclusions. Any common place emerging technology goes through uncontrolled deployment during the first few years. We do not think that Bluetooth will become an important component of enterprise network infrastructure unless we address management issues. In defense of Bluetooth, we could say that the same phenomenon happened with PCs, PC LANs, and other technologies as these came on the scene. Bluetooth will be more useful initially as short-distance cable replacement technology and that does not make it a serious enterprise issue. Vendors are aware of the enterprise concerns and we see some action already. Should enterprises delay use of Bluetooth until 2005? We advise - no, find niche applications and just tread carefully - not barefoot. To Bluetooth industry - please work on serious issues of the enterprise after you have satisfied the needs of the carriers. Learn from the mistakes of your big brother - we mean WiFi. 

Note: This news release may contain forward-looking statements within the meaning of section 27A of the Securities Act of 1933 and section 21E of Securities Exchange act of 1934 in USA. Similar provisions exist in other countries. There is no assurance that the stipulated plans of vendors will be implemented. MobileInfo does not warrant the authenticity of the information. Readers should take appropriate caution in developing plans utilizing these products, services and technology architectures.  All trademarks used in this summary are the property of their respective owners.