← Back to context

Comment by mi_lk

6 hours ago

> This includes firmware dumps, user preferences, Bluetooth Classic session keys, current playing track, ..

That doesn't sound very serious if they're exposed, is it? Can it be used to eavesdrop my conversation if I'm speaking through the headphone

4 comments

mi_lk

Reply
DangerousPie  6 hours ago

They also demonstrated how this could be used to silently find out someone’s phone number and then hijack a TFA validation call from an app like WhatsApp to take over their account with no user interaction.

  • Fnoord  5 hours ago

    This attack was not silent, it was noisy. They specifically pointed that out in their talk.

miduil  6 hours ago

the session (or pairing key) means you can both connect to the headphone or impersonate it.

It can toggle the hands-free mode and listen to whatever is being talked, you'd notice that it has switched to the mode though - but if you're headphones are powered on and you're not listening to in they can be used for eavesdropping.

During the talk they both demonstrate listening to the microphone and also receiving a WhatsApp 2FA call.

  • mi_lk  6 hours ago

    presumably, even in hands-free mode the attacker needs to be very close to the speaker to hear it