I don't like to talk in absolutes about security, but... my headphones are 100% immune from the latest exploit, via this One Weird Trick! Now hear me out... I call it "eargapping". I learned about it in my Intro to Antique Coding class. quat: vendor of bluetooth chip used in sony, bose, and everyone else's headphones leaves debugging protocol completely open with no authentication over ...

I don’t like to talk in absolutes about security, but… my headphones are 100% immune from the latest exploit, via this One Weird Trick!

Now hear me out…

I call it “eargapping”. I learned about it in my Intro to Antique Coding class.

quat:

vendor of bluetooth chip used in sony, bose, and everyone else’s headphones leaves debugging protocol completely open with no authentication over bluetooth low energy:

uh oh:

remotely connect to headphones over thus protocol without needing a pairing interactiondump “now playing” dataconnect audio stream and eavesdropdump your phone numberbrick the headphonesdump the pairing key used to make your phone recognize your headphones as your headphones, and then impersonate your headphones

and that’s when the REAL fun starts:

talk to your voice assistant remotelymake and manage calls while your phone is in your pocketeavesdrop from your phone microphone (by making you call them and then dropping the bluetooth connection so your phone switches to builtin mic)steal your whatsapp from 10ft away (since they have your phone #, the ability to accept the “we’ll call and verify it’s you” phone call before your phone starts vibrating, and the ability to listen and hear the code)steal your amazon (since you can login thru a phone number and a whatsapp confirmation code)

Previously, previously, previously, previously, previously.

From jwz via this RSS feed