The Bluetooth chipset installed in popular models from major manufacturers is vulnerable. Hackers could use it to initiate calls and eavesdrop on devices.
downvoted for that website’s super illegal “pay us to not track you” policy
Consent required for free use
I think that’s explicitly forbidden by the EU, and it’s a German domain.
I hate that. I’m looking at you Healthline. I hate that it’s always so high in the results.
Not all sites charge - yet.
This really makes me hate that we don’t have headphone jack anymore
Ive always hated phones without the 3.5mm and won’t stop even if all phone manufacturers remove it
At least you can still get adapters for phones that don’t have it :)
Indeed, I don’t really see the problem. Instead of a single use port you have a practically universal port. That’s better, surely.
Wired headphones stay winning
There’s lots of money to be made by inserting a hardware back door in your product then later disclosing it as an unfixable vulnerability and force your customers to buy new hardware which has the same but different backdoor. Repeat.
Every spy in my vicinity is going to be dancing to The Meters - Cissy Strut.
A fine choice though.
Awwwwwwwwwwwwww YAH
Namana naanaa, bum darum du da… dadam da da!
Shitty Beatles & the meters… I’ll follow you anywhere
Hah, jokes on them, I managed to fuck my earbuds’ microphones so they’re useless now.
You did WHAT with them?
They don’t GO there…
I am the sweaty balls man and this happens often
Why are your earbuds… in your pants
Gotta feel the bass
my balls and my ears sweat at the same time
Oh, fair enough then
Sounds like the attack scenario is very sophisticated and targeted, and only works within the range of Bluetooth low energy (BLE) connectivity, so 10-15 meters under best circumstances. At that point they might as well eavesdrop on my calls in person.
I think BLE is only required for the initial compromise (extracting the pairing key). After that the attack can be performed over classic BT, and can impersonate either part (headphones or phone) to the other.
It’s still very targeted and sophisticated, so no reason to panic unless you have reasons to think someone with the resources could target you.
Regarding the attacks, they go way beyond eavesdropping calls, since BT headphones usually have access to contacts and smart assistants, that you can use to extract a lot more informationDirectional antennas exist and are very inexpensive
10-15 meters might be good enough to conduct the attack from a neighboring office or apartment, while actual eavesdropping is not so easy.
Honey i got to go there is a man outside our window with a lapton and an radio antenna "Ignore the man outside your window and just read off your credit card number
So glad I use wired earbuds and refused to buy a phone that didn’t support them.
Same. I can’t find any Bluetooth headphones whose batteries don’t die in 4 or 5 months anyway. Meanwhile my Moondrop wired headphones have been going strong for almost 3 years.
My sony earbuds lasted 5 years before I decided to replace the batteries in them, which cost me $20 and 30 min. I would hope other earbuds wouldnt die in only half a year
To be fair I kept buying models that cost $20 to $30 so maybe the higher end ones would last longer. That said, my Moondrops wired headphones cost the same but are way more reliable.
Which ones? I have 1004, they got fucked in the washer
Mine are the WF1000XM3
I still have never heard noise cancellation as good as those ones. I have a couple other pairs of earbuds as well, one set for side sleeping, and one set for water. I like to listen to audiobooks in the shower and the IPX7 ones have held up great
I want exactly this set up. I need different ones for bedtime, swimming and everyday wear
Well, I can recommend the soundcore anker life A1 earbuds for swimming, and the soundcore sleep A20 for low profile earbuds that dont stick out of your ear. Went through atleast 4 sets (wired and wireless) of earbuds for each until settling on these.
Just FYI, I would imagine anker have plenty of exploits but I appreiate the recommendations.
LOL at the big debate I read just yesterday about how better wireless headphones are, and how useless jacks on phones are nowadays…
I will never tire of pasting this:
https://biggaybunny.tumblr.com/post/166787080920/tech-enthusiasts-everything-in-my-house-is-wired
That person is being needlessly cautious.
- joke punchline -
A good swing with a steel baseball bat is enough to deal with a printer from 2004.
So how do you determine if your headphones have the vulnerable chip in them?
The flaws, discovered by German cybersecurity firm ERNW and first reported by Heise Online, affect dozens of headphone models from brands such as Sony, JBL, Bose, and Marshall, with no comprehensive firmware fixes available yet.
- Sony WH-1000XM4/5/6, WF-1000XM3/4/5, LinkBuds S, ULT Wear, CH-720N, C500, C510-GFP, XB910N
- Marshall ACTON III, MAJOR V, MINOR IV, MOTIF II, STANMORE III, WOBURN III
- JBL Live Buds 3, Endurance Race 2
- Jabra Elite 8 Active
- Bose QuietComfort Earbuds
- Beyerdynamic Amiron 300
- Jlab Epic Air Sport ANC
- Teufel Airy TWS 2
- MoerLabs EchoBeatz
- Xiaomi Redmi Buds 5 Pro
- earisMax Bluetooth Auracast Sender
ERNW emphasizes that this is only a partial list.
Sony WH-1000XM4/5/6
I don’t have one of those, but they’re pretty popular as headphones with good ANC.
Jlab Epic Air Sport ANC
I do have those, though.
Yeah. I have the previous version of the WH which seems not affected, but I also have the WF 3 which unfortunately seems to be.
Many people have sony headphones with those chips.
Damn that’s pretty big, hopefully they update and give a final list of affected devices. Not to mention, gotta pray the devices will see software updates to try and mitigate it.
You will need to do some research on your headphones, I guess.
According to the article, headphones using a Bluetooth SoC manufactured by Airoha may be vulnerable. So, need to find if your headphones use their SoC.
I had a neighbor about 6 years ago that blasted rap at full volume every evening.
rap booming in the background
one fine day
"hmmm, what were these headphones on bt again? wait… soundbar. I don’t have a soundbar.
hmmm, I wonder"
device paired
Jellyfin>Artists>… Meshuggah
Obzen
Combustion
play
Volume 100%
“I think I’ll go to the store for a while!”
Elastic would’ve been amazing (among other things, it has all songs on the album laid on top of another, playing simultaneously)
This one is great for destroying speakers: warning super loud (turn down your volume before playing) https://m.soundcloud.com/osium-1/official-paul-walker-tribute-fast-and-furious-7
Good Lord! Thank you for the warning! On lowest audible phone volume it blew me away lol
What is that and why does it exist??
The compressor and normalize sound effect applied over and over again. From the montageparody era.
I occasionally visit it to find my bluetooth earbuds.
My old FM BT transmitter that let me connect to my car had a surprising range, bout about a 100ft in every direction which as I understand it they aren’t supposed to be that strong. (Scosche brand from Best Buy)
Used to tune it to the popular country station and jam everyone around me from listening to that station, which made me happy. Couple times when there was a particularly loud or obnoxious driver…I definately didn’t blast porn hub with my stereo off in my car…
Tangent.
One of my last concerts I went to was Meshuggah
Had a great time.
What is that site asking me to agree to? No thanks
GDPR. First time opening a European website? German ones like this are particularly transparent (by law, not choice).
US websites don’t even ask, they just do it behind your back.
They said I was mad when they removed the headphone jack - well who’s mad now??! AHAHahahahaaaaaaahhhhcrap it’s me.
I’m still mad. Fuckers.
… and this is why I don’t use bluetooth on anything.
I never have it enabled unless I am in the car driving and need driving directions or listening to music/podcasts. I prefer wired headphones, but manufacturers are making that difficult.
Because they can’t sell you more Bluetooth crap if they give you a choice.
Stop buying no-Jack phones.
Archive link: archive.ph/wUAQn
Yep I only use wired…
