Bluetooth Headphones Vulnerable to Privacy Breach

Bluetooth headphones are designed for convenience; you just wear them, hit play, and, well, forget they’re there. Yet, researchers have found out that some well-liked audio devices could be up to more than just streaming your favorite songs.

A cybersecurity firm, ERNW, has disclosed that 29 devices featuring the Airoha Bluetooth chip are susceptible to attacks, which may expose personal data or even capture conversations. Brands like Bose, Sony, JBL, Jabra, and Marshall are affected here. This includes various headphones, earphones, speakers, and wireless microphones.

The Bluetooth Security Flaw

The problem lies in a flaw tied to the Airoha chip used in many wireless audio devices, according to BleepingComputer. There have been three significant vulnerabilities identified, each enabling the attackers to access data without authorization. The most critical ones let hackers read or manipulate data by exploiting the unique protocols associated with the chip. These flaws carry a medium to high-severity rating.

Now, to be clear, this isn’t a casual sort of attack. It requires both close proximity and a bit of technical know-how. Yet, if they succeed, the implications are troubling. Researchers were able to extract call logs, contact lists, and even media files. They could even initiate a phone call without the user’s awareness. In one instance, a researcher connected to a device and could access whatever sound the phone had picked up.

In another demonstration, they acquired a Bluetooth link key from the headphones’ memory. This key enabled them to impersonate devices and hijack connections to phones, allowing them to issue commands using the Bluetooth hands-free profile, available on most phones these days.

Affected Devices

ERNW has pinpointed a number of devices that are vulnerable:

• Beyerdynamic Amiron 300
• Bose QuietComfort Earphones
• Earismax Bluetooth Auracast Sender
• Jabra Elite 8 Active
• JBL Endurance Race 2
• JBL Live Bad 3
• jlab epic air sport anc
• Marshall Acton III
• Marshall Major v
• Marshall Minor IV
• Marshall Motif II
• Marshall Stanmore III
• Marshall Woburn III
• Moerlabs echobeatz
• Sony CH-720N
• Sony Link Bads
• Sony Ult Wear
• Sony WF-1000XM3
• Sony WF-1000XM4
• Sony WF-1000XM5
• Sony WF-C500
• Sony WF-C510-GFP
• Sony WH-1000XM4
• Sony WH-1000XM5
• Sony WH-1000XM6
• Sony WH-CH520
• Sony WH-XB910N
• Sony Wi-C100
• Teufel Tatws2

This isn’t an exhaustive list of all affected products, and it may evolve as further research becomes available. Not every device is equally vulnerable; for instance, at least one manufacturer seems to be addressing some identified vulnerabilities. I’m not entirely sure if this is intentional or just coincidental, though.

Given these variables, it can be tough to pinpoint which devices are genuinely secure. As a consumer, staying informed about updates and checking in with device manufacturers is a good practice.

Firmware Updates and Ongoing Risks

Airoha has recently dealt with a vulnerability in their Software Development Kit (SDK), rolling out an updated version to manufacturers. Those companies are now responsible for creating and distributing firmware updates. If you haven’t seen one for your device yet, it’s probably on the way, though some updates are already trickling out.

However, there’s a catch here. Reports indicate that many firmware updates issued for vulnerable devices were made before Airoha provided their official fixes. Consequently, some products might still be running outdated and vulnerable code.

This situation is further complicated because consumers don’t always receive proper notifications for these updates. Firmware patches for headphones can be quite stealthy, or at times, not provided at all. So, it’s likely that many users remain oblivious to whether their devices are safe or at risk.

Attempts to reach out to the companies regarding these issues did not yield any responses before the deadline.

Tips to Protect Against Bluetooth Vulnerabilities

1. Regularly Check for Firmware Updates: Even if you’re not notified, visit the manufacturer’s app or website to manually verify if updates are available. Auto-updates don’t always work seamlessly, especially with audio devices.

2. Disable Bluetooth When Unused: Turning off Bluetooth when you’re not actively using it can minimize exposure and make targeting your device more difficult.

3. Use Devices in Low-Risk Areas: Since these attacks require close proximity, steer clear of using Bluetooth devices in crowded or unfamiliar locations.

4. Pair Only with Trusted Devices: Be cautious when linking Bluetooth headphones to unknown or unfamiliar phones, computers, or public kiosks. Maintaining a connection might increase the risk if any device gets compromised.

5. Remove Unused Pairings: Go through your Bluetooth settings and clear old or unrecognized pairings to prevent unauthorized reconnections from previously trusted devices.

Key Takeaways

The bigger concern isn’t just the Bluetooth flaw; it’s about the potential issues when the software in your everyday gadgets quietly fails. Such vulnerabilities are not entirely uncommon, but often, the way they’re managed keeps users in the dark. These situations will likely persist unless consumers can independently verify the software running on their headphones.

Should manufacturers proactively notify users about discovered security flaws? I’d love to hear your thoughts on this.