this post was submitted on 16 Jan 2026
426 points (98.9% liked)

Technology

78880 readers
2776 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
426
Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking (www.wired.com)
submitted 4 days ago by dance_ninja@lemmy.world to c/technology@lemmy.world
90 comments fedilink hide all child comments
 

Flaws in how 17 models of headphones and speakers use Google’s one-tap Fast Pair Bluetooth protocol have left devices open to eavesdroppers and stalkers.

Link to see devices impacted: https://whisperpair.eu/

you are viewing a single comment's thread
view the rest of the comments
[–] PierceTheBubble@lemmy.ml 2 points 3 days ago* (last edited 2 days ago) (1 children)

I understand you've read the comment as a single thing, mainly because it is. However, the BLE part is an additional piece of critique, which is not directly related to this specific exploit; neither is the tangent on the headphone jack "substitution". It's, indeed, this fast pairing feature, which is the subject of the discussed exploit; so you understood that correctly (or I misunderstood it too...).

I'm however of the opinion, BLE being a major attack vector, by design. These are IoT devices that, especially when "find my device" is enabled (which in many cases isn't even optional: "turned off" iPhones for example), do announce themselves periodically to the surrounding mesh, allowing for the precise location of these devices; and therefore also the persons carrying them. If bad actors gain access, to for example Google's Sensorvault (legally in the case of state-actors), or would find ways of building such databases themselves; then I'd argue you're in serious waters. Is it a convenient feature, to help one relocate lost devices? Yes. But this nice-to-have, also comes with this serious downside, which I believe doesn't even near justify the means. Rob Braxman has a decent video about the subject if you're interested.

It's not even a case of kids not wanting to switch, most devices don't even come with 3.5mm jack connectors anymore...

[–] postnataldrip@lemmy.world 2 points 2 days ago (1 children)

Gotcha, and apologies for missing your point.

I agree 100%, the privacy and security tradeoffs are enormous and concerning.

[–] PierceTheBubble@lemmy.ml 2 points 2 days ago

No worries! :)