The digital ink on my last Bluetooth piece was barely dry, if digital ink dries, before Roland Dobbins wrote with a comment I'm sure will be subscribed to by many readers:
If you'd either a) disable Bluetooth on your phone, etc. (the safest option) or b) at least set them so that they're not visible/browsable (due to design flaws in Bluetooth, they can be detected by an attacker with the right tools and motivations, but it still raises the bar), you'd be a lot better off, IMHO.
You're right, and I have turned it off. Which bothers me. Because I like some of the convenience I used to enjoy.
So I write about this because I'd rather leave my Bluetooth phone enabled, interacting only with devices run by entities I've told it to cooperate with.
We have a lot of work to do to get things to this point. I see our work on identity as being directed to that end, at least in part.
We need to be able to easily express and select the relationships we want to participate in – and avoid – as cyberspace progressively penetrates the world of physical things.
The problems of Bluetooth all exist in current Wifi too. My portable computer broadcasts another tracking beacon. I'm not picking on Bluetooth versus other technologies. Incredibly, they all need to be fixed. They're all misdesigned.
If anything has shocked me while working on the Laws of Identity, it has been the discovery of how naive we've been in the design of these systems to date – a product of our failure to understand the Fourth Law of Identity. The potential for abuse of these systems is collosal – enterprises like the UK's Filter are just the most benign tip of an ugly iceberg.
For everyone's sake I try to refrain from filling in what the underside of this iceberg might look like.
