You have a point there John, but it depends on how the people _use_ BlueTooth (or WiFi).

BlueTooth currently simply has a bad name, but the same can be said about IrDA, RFID or DECT. IrDA and DECT are just less used these days while RFID does receive criticism.

In contrast to e.g. DECT, BlueTooth 2.1 has strong encryption. As soon as someone tries to pair with your BlueTooth device, you will notice.

Even if you don't trust it, you don't have to depend on it. For example, one can easily run a secure AP without using WPA2 + PSK using SSH, AuthPF, IPsec (or VPN), and PF. One can run SSH over 27MC, or GPRS. This is possible with BlueTooth as well (e.g. with PAN). I bet its possible with IrDA as well.

The big advantage of BlueTooth over say WiFi is that it draws a lot less power. You can also use BlueTooth to let multiple devices communicate with each other. You cannot do that with IrDA.

If your BlueTooth device is hidden they have to guess your MAC address in order to talk to you. This is not a trivial task.

And, whether you like it or not, Nokia is actively contributing to BlueTooth via Wibree, WiMedia, and BlueTooth 3 initiatives. So, I'm sorry, IrDA is on the way out.

One thing I sometimes do when I'm bored and sitting in the train is looking around for BlueTooth devices. You can derive the brand and type of someone's phone from this, but also their name. Its funny to walk to Jenny telling her her BlueTooth is on, without her knowing how the hell you figured out her name. This however, is a configuration issue on their side. Perhaps, by default, BlueTooth should be disabled on a device.

BTW, Bruce Schneier wrote an article about why convenience and security are not inherent mutually exclusive.