The Pairing Process; Secure Conversations; Disable ‘Discoverable’ Mode - Plantronics WIRELESS SECURITY - WHITE PAPER Manual

After pairing is completed, the Plantronics headsets are not visible to any other device and all transmition are
encrypted.

The pairing process

For the pairing process to be completed, the following information is exchanged:
1. Each device's Bluetooth addresses
2. A user-entered PIN number.
3. A unique time-stamp generated from the mobile phone
These items are combined to generate a 128-bit security key which is used for future connections between the
headset and phone (or Voyager base). The time-stamp is extremely difficult to guess at a later date, even if the
address and PIN are already known to a potential eavesdropper.
As all communication between Bluetooth devices uses frequency hopping spread-spectrum radio transmission
system, it is particularly difficult to intercept.

Secure conversations

The Plantronics headsets with DECT technology uses the 128-bit security key to digitally encrypt audio between the
headset and phone (or Voyager base), similar to the method by which GSM radio signals between the mobile phone
and base station are encrypted.
Many widely publicised Bluetooth vulnerabilities do not apply to headsets, but there are some things that can be done
to improve security on the phone- the most important being to disable the discoverable mode on the phone:
Disable 'Discoverable' mode:
Unless a user frequently exchanges business cards over Bluetooth, Plantronics recommend setting the phone to
hidden or 'non-discoverable' mode to improve security, since the phone does not need to be in 'discoverable' mode to
operate with a Plantronics headset; which is always in non-discoverable mode except while pairing.
'Hiding' your phones in this way also reduces the risk of "Bluesnarfing" (the stealing of telephone contact details from
a Bluetooth phone or PDA (NOT from Plantronics headsets, which stores no such data).
If used properly, Bluetooth headsets and the phones to which they are paired will be difficult to attack. However,
hackers are extremely ingenious in their methods making it impossible to guarantee that any device is completely
secure.
However, due to the low power of Bluetooth (typically 10 metres range), it is more difficult for an eavesdropper to
'hack' the secure connection. In fact, they will arguably have more success simply using their ears to simply listen to
what is being said.
(C) 2007 Plantronics, Inc. All rights reserved. No part of this document may be reproduced without prior written permission of Plantronics