.png){kind=logo}
Hundreds of millions of wireless headphones, earbuds, and speakers utilize Google’s Fast Pair, a protocol that allows one-tap pairing between Bluetooth accessories and your device. But many of these products have not implemented the Fast Pair technology correctly, a group of researchers from Belgium’s KU Leuven University found, making your wireless device vulnerable to attacks.
By using the Bluetooth vulnerability, attackers can gain complete control of your device, use your microphone to spy on your conversations, or even track your location via Google’s Find Hub network. The attacker only needs to be within a 14-meter (aka roughly 46 feet) radius for the attack the researchers have dubbed “WhisperPair” to succeed in a matter of seconds.
Here’s where the Fast Pairing goes wrong. Normally, your device should disregard pairing requests if it’s not in pairing mode. But many devices fail to enforce that check, the researchers say, allowing unauthorized devices to start the pairing process and finish it by a simple regular Bluetooth pairing.
For location tracking, the attackers can make use of Google’s Find Hub network, which would normally allow Android devices to track lost accessories via crowdsourced location reports. But you’re still vulnerable to tracking even if you have never owned an Android device, because the attacker can add the compromised accessory to the Find Hub network themselves using their own Google account.
“The victim may see an unwanted tracking notification after several hours or days, but this notification will show their own device. This may lead users to dismiss the warning as a bug, enabling an attacker to keep tracking the victim for an extended period,” the researchers wrote in a report.
Brands with vulnerable devices include Sony, JBL, Xiaomi, Nothing, OnePlus, Jabra, and Google, and specifically Sony and Google headphones are vulnerable to the location tracking scheme through the Find Hub network. You can search for some of the vulnerable models here.
Google said that its Pixel Buds accessories were now protected. Developers rolled out a fix to prevent the Find Hub vulnerability, updated certification requirements, and provided manufacturers with recommended fixes.
“We appreciate collaborating with security researchers through our Vulnerability Rewards Program, which helps keep our users safe,” a Google spokesperson told Gizmodo. “We worked with these researchers to fix these vulnerabilities, and we have not seen evidence of any exploitation outside of this report’s lab setting.”
Once the fixes are in place, a software update should be able to fortify your wireless device against these attacks, but you would have to update it via the manufacturer’s app on your phone or computer. So, for example, if you have the allegedly vulnerable Sony WH-1000XM6 wireless headphones, you should probably download the Sony app and be on the lookout for any software updates that have been or will be issued.
“As a best security practice, we recommend users check their headphones for the latest firmware updates. We are constantly evaluating and enhancing Fast Pair and Find Hub security,” a Google spokesperson said.
Though the findings of the report are new, distrust towards the privacy and security provided by wireless headphones isn’t necessarily a novel thing.
Last year, former Vice President Kamala Harris shared that she only used wired earbuds because of everything she learned serving on the Senate Intelligence Committee.
“I have been in classified briefings, and I’m telling you, don’t be on the train using your earpods thinking someone can’t listen to your conversation,” Harris told Stephen Colbert in an interview. “I’m telling you, the [wired earphones] are a bit more secure.”
English (US) ·