Andy GreenbergJan 15
Hundreds of millions of earbuds, headphones and speakers need a security update (yes, you need to update your earbuds) to prevent a wireless hacking technique that can hijack audio, eavesdrop via mics, and in some cases remotely track the accessory’s location. https://www.wired.com/story/google-fast-pair-bluetooth-audio-accessories-vulnerability-patches/
Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking

Flaws in how 17 models of headphones and speakers use Google’s one-tap Fast Pair Bluetooth protocol have left devices open to eavesdroppers and stalkers.

WIRED
Show threadAndy GreenbergJan 15
This was caused by flawed implementations of Google's Fast Pair one-tap Bluetooth protocol. But it doesn't just affect Android users. Anyone (yes, iPhone users) with audio accessories from Sony, Jabra, JBL, Marshall, Xiaomi, Nothing, OnePlus, Soundcore, Logitech, and Google itself may be vulnerable.
Show threadAdam Shostack  Jan 15
@agreenberg Is there reason to think it's just them, or is it anyone who does Fast Pair, and they just tested those?
Show threadAndy GreenbergJan 15
@adamshostack They tested others that weren't vulnerable in their implementation. Here's their full chart of results:
Show threadAdam Shostack  
@agreenberg is a link to the paper available? I don't see one in your story or the whisperpair website, which says "[citation will be here later]"
Jan 15 at 6:56pmWeb