Mastodawn

OccupytheWeb (@three_cube)

블루투스의 취약점을 악용해 Fast Pair를 강제로 유도함으로써 사용자의 위치를 추적할 수 있다는 새로운 보안 이슈를 소개한다. WhisperPair 관련 기사로, 무선 기술의 보안 위험을 다룬 중요한 내용이다.

https://x.com/three_cube/status/2039444667482206309

#bluetooth #security #fastpair #privacy #vulnerability

OccupytheWeb (@three_cube) on X

Check this out! This is important! Bluetooth is powerful and ubiquitous technology. Unfortunately, it has many weaknesses and flaws. Check out this new article on the WhisperPair. It enables hackers to track your position by forcing pairing through the Fast Pair access.

X (formerly Twitter)

CosicBe Mar 23

The paper on the security analysis of Google Fast Pair has been accepted at IEEE S&P (Oakland) 2026. It presents the first in-the-wild security analysis of Fast Pair and uncovers systemic ecosystem-wide failures.

#whisperpair #google #fastpair #bluetooth

https://whisperpair.eu/

WhisperPair: Hijacking Bluetooth Accessories Using Google Fast Pair

WhisperPair is a family of practical attacks leveraging a flaw in the Google Fast Pair implementation on flagship audio accessories.

Micdan 💾Mar 17

#Google and #FastPair taught us that #WiredHeadphones are superior. No latency, no spyware, no firmware updates, no potential AI slop, just your music as God intended. 🫡

Long live wired headphones man

ℵ₀ 🏳️‍⚧️🏴‍☠️Feb 2

https://www.youtube.com/watch?v=-j45ShJINtc
https://whisperpair.eu/vulnerable-devices
https://www.cve.org/CVERecord?id=CVE-2025-36911
#whisperpair #bluetooth #fastpair #cve202536911

WhisperPair - A Security Analysis of the Google Fast Pair Protocol

YouTube

Show thread

Umherstreunender Auflauf Jan 20

As if only Jabra and Apple are competent enough as a company to implement Bluetooth things well.

#grapheneos #customandroid #jabra #ungoogle #iphone #WhisperPair #google #fastpair #bluetooth

Show thread

Umherstreunender Auflauf Jan 20

#grapheneos #customandroid #ungoogle #iphone

#WhisperPair #google #fastpair #bluetooth

Also if you use Android without Google package or Iphone, you are still at risk because your phone won't pair it to Googles tracking network.

For many devices, the only way to prevent anyone from setting a google tracking account owner key in the headset is to set one yourself -> binding your headset to a google account and have it tracked by google.

Can we fucking burn down all this shit?

Umherstreunender Auflauf Jan 20

Everyone having that problem:
Many of the vulnerable ones are also vulnerable to...

#WhisperPair #google #fastpair #bluetooth

... this:

https://media.ccc.de/v/39c3-bluetooth-headphone-jacking-a-key-to-your-phone

This is a great way to enable custom firmware AND a WORMABLE vulnerability.

Bluetooth Headphone Jacking: A Key to Your Phone

media.ccc.de

CosicBe Jan 19

🎧 #COSIC research on #Bluetooth earbuds & speakers vulnerable to hacking & tracking, featured in NY Times Wirecutter. https://www.nytimes.com/wirecutter/reviews/bluetooth-earbuds-hacking-threat/
▶️ Demo: https://youtube.com/watch?v=-j45ShJINtc
#KULeuven #nytimes #google #whisperpair #fastpair

Wireless Earbuds Can Be Hacked. Here’s How to Protect Yourself.

Wireless headphones that easily pair to Android phones can be hacked. Update your devices’ firmware to protect yourself.

Wirecutter: Reviews for the Real World

Alexandra Beekers 🏳️‍🌈🌍Jan 17

WhisperPair exposes #Bluetooth earbuds and headphones to tracking and eavesdropping
#Cybersecurity #Google #Fastpair
https://www.malwarebytes.com/blog/news/2026/01/whisperpair-exposes-bluetooth-earbuds-and-headphones-to-tracking-and-eavesdropping

WhisperPair exposes Bluetooth earbuds and headphones to tracking and eavesdropping

Researchers demonstrated WhisperPair, a set of attacks that can take control of many widely used Bluetooth earbuds and headphones without user interaction.

Malwarebytes