WhisperPair exposes Google Fast Pair to Bluetooth hijacking in headphones
TL;DR Summary
Belgian researchers warn of WhisperPair, a set of security flaws in Google’s Fast Pair protocol that can let a nearby attacker secretly pair with certain Bluetooth headphones and speakers, potentially eavesdropping on mics and tracking users via Google’s Find Hub. In tests, 17 of more than two dozen devices were hackable, including Sony WH-1000XM6/XM5/XM4 and Pixel Buds Pro 2. Google and OEMs have released fixes, but a bypass exists; with Fast Pair not being disableable, firmware updates from manufacturers are the main protection.
- Sony, Anker, and other headphones have a serious Google Fast Pair security vulnerability The Verge
- Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking WIRED
- You Need to Check Your Wireless Headphones for Updates, Right Now Gizmodo
- Many Bluetooth devices with Google Fast Pair vulnerable to “WhisperPair” hack Ars Technica
- Flaw in 17 Google Fast Pair audio devices could let hackers eavesdrop Engadget
Reading Insights
Total Reads
0
Unique Readers
0
Time Saved
49 min
vs 50 min read
Condensed
99%
9,980 → 83 words
Want the full story? Read the original article
Read on The Verge