Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking

dance_ninja@lemmy.world · 10 hours ago

Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking

PierceTheBubble@lemmy.ml · 7 hours ago

But you need to be in close proximity (~15m max) to stalk a victim? You might as well just follow them around physically then. Perhaps when the victim is in a private location, eavesdrop on their conversation or locating their position within there, might be a possibility. But ear raping would, of course, constitute the most significant danger of all. Also WhisperPair, not WhisPair?

postnataldrip@lemmy.world · 6 hours ago

If you want to listen to their mic via bluetooth or whatever, yes. But there’s also this:

Some devices also support Google’s Find Hub network. This enables users to find their lost accessories using crowdsourced location reports from other Android devices. However, if an accessory has never been paired with an Android device, an attacker can add the accessory using their own Google account. This allows the attacker to track the user via the compromised accessory.

fishos@lemmy.world · 3 hours ago

That’s literally any device. Goes all the way back to things like people setting up routers and not changing the default password so anyone else can get in. That’s just user error plain and simple.

PierceTheBubble@lemmy.ml · 6 hours ago

If the devices weren’t previously linked to a Google account … then a hacker could … also link it to their Google account.

This already severely limits the pool of potential victims; but still a more practical exploit indeed. It’s almost as if this BLE tracking is a feature, rather than an exploit. And if you want to be notified of a device following you around, one has to perpetually enable BLE on their smartphone. But of course, headphone jacks are a thing of the past, and wireless is clearly the future. :)