Skip to content

Zero-day: Bluetooth gap turns millions of headphones into listening stations

Technology
123 88 697
  • The flaws, discovered by German cybersecurity firm ERNW and first reported by Heise Online, affect dozens of headphone models from brands such as Sony, JBL, Bose, and Marshall, with no comprehensive firmware fixes available yet.

    • Sony WH-1000XM4/5/6, WF-1000XM3/4/5, LinkBuds S, ULT Wear, CH-720N, C500, C510-GFP, XB910N
    • Marshall ACTON III, MAJOR V, MINOR IV, MOTIF II, STANMORE III, WOBURN III
    • JBL Live Buds 3, Endurance Race 2
    • Jabra Elite 8 Active
    • Bose QuietComfort Earbuds
    • Beyerdynamic Amiron 300
    • Jlab Epic Air Sport ANC
    • Teufel Airy TWS 2
    • MoerLabs EchoBeatz
    • Xiaomi Redmi Buds 5 Pro
    • earisMax Bluetooth Auracast Sender

    ERNW emphasizes that this is only a partial list.

    Source

    Sony WH-1000XM4/5/6

    I don't have one of those, but they're pretty popular as headphones with good ANC.

    Jlab Epic Air Sport ANC

    I do have those, though.

  • Every spy in my vicinity is going to be dancing to The Meters - Cissy Strut.

    A fine choice though.

  • The Bluetooth chipset installed in popular models from major manufacturers is vulnerable. Hackers could use it to initiate calls and eavesdrop on devices.

    Source

    Even if these attacks seem frightening on paper, the ERNW researchers are reassuring: many conditions must be met to carry out an eavesdropping attack. First and foremost, the attacker(s) must be within range of the Bluetooth short-range radio; an attack via the Internet is not possible. They must also carry out several technical steps without attracting attention. And they must have a reason to eavesdrop on the Bluetooth connection, which, according to the discoverers, is only conceivable for a few target people. For example, celebrities, journalists or diplomats, but also political dissidents and employees in security-critical companies are possible targets.

    I guess they didn’t point this out because it’s kind of obvious, but it sounds like they also have to actually be on to be exploited. So it’s not going to turn on and start listening to you at least. Definitely concerning, but I’m still gonna be listening to my audio books and podcasts with my wireless headphones.

  • The Bluetooth chipset installed in popular models from major manufacturers is vulnerable. Hackers could use it to initiate calls and eavesdrop on devices.

    Source

    There's lots of money to be made by inserting a hardware back door in your product then later disclosing it as an unfixable vulnerability and force your customers to buy new hardware which has the same but different backdoor. Repeat.

  • And this is why people wanted headphone jacks... and also why corporations didn't want them.

    I mean, there were legitimate technical issues with the standard, especially on smartphones, which is where they really got pushed out. Most other devices do have headphones jacks. If I get a laptop, it's probably got a headphones jack. Radios will have headphones jacks. Get a mixer, it's got a headphones jack. I don't think that the standard is going to vanish anytime soon in general.

    I like headphones jacks. I have a ton of 1/8" and 1/4" devices and headphones that I happily use. But they weren't doing it for no reason.

    • From what I've read, the big, driving one that drove them out on smartphones was that the jack just takes up a lot more physical space in the phone than USB-C or Bluetooth. I'd rather just have a thicker phone, but a lot of people don't, and if you're going all over the phone trying to figure out what to eject to buy more space, that's gonna be a big target. For people who do want a jack on smartphones, which invariably have USB-C, you can get a similar effect to having a headphones jack by just leaving a small USB-C audio interface with a headphones jack on the end of your headphones (one with a passthrough USB-C port if you also want to use a USB-C port for other things).

    • A second issue was that the standard didn't have a way to provide power (there was a now-dead extension from many years back that is now dead, IIRC for MD players, that let a small amount of power be provided with an extra ring). That didn't matter for a long time, as long as your device could put out a strong enough signal to drive headphones of whatever impedance you had. But ANC has started to become popular now, and you need power for ANC. This is really the first time I think that there's a solid reason to want to power headphones.

    • The connection got shorted when plugging things in and out, which could result in loud sound on the membrane.

    • USB-C is designed so that the springy tensioning stuff that's there to keep the connection solid is on the (cheap, easy to replace) cord rather than the (expensive, hard to replace) device; I understand from past reading that this was a major reason that micro-USB replaced mini-USB. Instead of your device wearing out, the cord wears out. Not as much of an issue for headphones as mini-USB, but I think that it's probably fair to say that it's desirable to have the tensioning on the cord side.

    • On USB-C, the right part breaks. One irritation I have with USB-C is that it is...kind of flimsy. Like, it doesn't require that much force pushing on a plug sideways to damage a plug. However --- and I don't know if this was a design goal for USB-C, though I suspect it was --- my experience has been that if that happens, it's the plug on the (cheap, easy to replace) cord that gets damaged, not the device. I have a television with a headphones jack that I destroyed by tripping over a headphones cord once, because the headphones jack was nice and durable and let me tear components inside the television off. I've damaged several USB-C cables, but I've never damaged the device they're connected to while doing so.

    On an interesting note, the standard is extremely old, probably one of the oldest data standards in general use today; the 1/4" mono standard was from phone switchboards in the 1800s.

    EDIT: Also, one other perk of using USB-C instead of a built-in headphones jack on a smartphone is that if the DAC on your phone sucks, going the USB-C-audio-interface route means that you can use a different DAC. Can't really change the internal DAC. I don't know about other people, but last phone I had that did have an audio jack would let through a "wub wub wub" sound when I was charging it on USB off my car's 12V cigarette lighter adapter --- dirty power, but USB power is often really dirty. Was really obnoxious when feeding my car's stereo via its AUX port. That's very much fixable by putting some filtering on the DAC's power supply, maybe needs a capacitor on the thing, but the phone manufacturer didn't do it, maybe to save space or money. That's not something that I can go fix. I eventually worked around it by getting a battery-powered Bluetooth receiver that had a 1/8" headphones jack, cutting the phone's DAC out of the equation. The phone's internal DAC worked fine when the phone wasn't charging, but I wanted to have the phone plugged in for navigation stuff when I was driving.

  • Even if these attacks seem frightening on paper, the ERNW researchers are reassuring: many conditions must be met to carry out an eavesdropping attack. First and foremost, the attacker(s) must be within range of the Bluetooth short-range radio; an attack via the Internet is not possible. They must also carry out several technical steps without attracting attention. And they must have a reason to eavesdrop on the Bluetooth connection, which, according to the discoverers, is only conceivable for a few target people. For example, celebrities, journalists or diplomats, but also political dissidents and employees in security-critical companies are possible targets.

    I guess they didn’t point this out because it’s kind of obvious, but it sounds like they also have to actually be on to be exploited. So it’s not going to turn on and start listening to you at least. Definitely concerning, but I’m still gonna be listening to my audio books and podcasts with my wireless headphones.

    A speaker i have from bose is always on and "sleeping" and can be connected to from the phone no matter what i do, drains the fucking battery and when i want to use it finaly its dead.. wouldnt be surprised if some headphones worked the same..

  • A speaker i have from bose is always on and "sleeping" and can be connected to from the phone no matter what i do, drains the fucking battery and when i want to use it finaly its dead.. wouldnt be surprised if some headphones worked the same..

    It sounds like they have some kind of wake function that it’s always listening for? I don’t think that’s a common feature in headphones just because of the battery drain, but they’re always chucking useless features on electronics so I’m sure some are floating around out there. I doubt it’s something you wouldn’t know about unless they were secondhand, though.

  • And this is why people wanted headphone jacks... and also why corporations didn't want them.

  • The Bluetooth chipset installed in popular models from major manufacturers is vulnerable. Hackers could use it to initiate calls and eavesdrop on devices.

    Source

    This is why I chose to get a Corsair Virtuoso, which has a removable microphone.

  • The flaws, discovered by German cybersecurity firm ERNW and first reported by Heise Online, affect dozens of headphone models from brands such as Sony, JBL, Bose, and Marshall, with no comprehensive firmware fixes available yet.

    • Sony WH-1000XM4/5/6, WF-1000XM3/4/5, LinkBuds S, ULT Wear, CH-720N, C500, C510-GFP, XB910N
    • Marshall ACTON III, MAJOR V, MINOR IV, MOTIF II, STANMORE III, WOBURN III
    • JBL Live Buds 3, Endurance Race 2
    • Jabra Elite 8 Active
    • Bose QuietComfort Earbuds
    • Beyerdynamic Amiron 300
    • Jlab Epic Air Sport ANC
    • Teufel Airy TWS 2
    • MoerLabs EchoBeatz
    • Xiaomi Redmi Buds 5 Pro
    • earisMax Bluetooth Auracast Sender

    ERNW emphasizes that this is only a partial list.

    Source

    Damn that's pretty big, hopefully they update and give a final list of affected devices. Not to mention, gotta pray the devices will see software updates to try and mitigate it.

  • I mean, there were legitimate technical issues with the standard, especially on smartphones, which is where they really got pushed out. Most other devices do have headphones jacks. If I get a laptop, it's probably got a headphones jack. Radios will have headphones jacks. Get a mixer, it's got a headphones jack. I don't think that the standard is going to vanish anytime soon in general.

    I like headphones jacks. I have a ton of 1/8" and 1/4" devices and headphones that I happily use. But they weren't doing it for no reason.

    • From what I've read, the big, driving one that drove them out on smartphones was that the jack just takes up a lot more physical space in the phone than USB-C or Bluetooth. I'd rather just have a thicker phone, but a lot of people don't, and if you're going all over the phone trying to figure out what to eject to buy more space, that's gonna be a big target. For people who do want a jack on smartphones, which invariably have USB-C, you can get a similar effect to having a headphones jack by just leaving a small USB-C audio interface with a headphones jack on the end of your headphones (one with a passthrough USB-C port if you also want to use a USB-C port for other things).

    • A second issue was that the standard didn't have a way to provide power (there was a now-dead extension from many years back that is now dead, IIRC for MD players, that let a small amount of power be provided with an extra ring). That didn't matter for a long time, as long as your device could put out a strong enough signal to drive headphones of whatever impedance you had. But ANC has started to become popular now, and you need power for ANC. This is really the first time I think that there's a solid reason to want to power headphones.

    • The connection got shorted when plugging things in and out, which could result in loud sound on the membrane.

    • USB-C is designed so that the springy tensioning stuff that's there to keep the connection solid is on the (cheap, easy to replace) cord rather than the (expensive, hard to replace) device; I understand from past reading that this was a major reason that micro-USB replaced mini-USB. Instead of your device wearing out, the cord wears out. Not as much of an issue for headphones as mini-USB, but I think that it's probably fair to say that it's desirable to have the tensioning on the cord side.

    • On USB-C, the right part breaks. One irritation I have with USB-C is that it is...kind of flimsy. Like, it doesn't require that much force pushing on a plug sideways to damage a plug. However --- and I don't know if this was a design goal for USB-C, though I suspect it was --- my experience has been that if that happens, it's the plug on the (cheap, easy to replace) cord that gets damaged, not the device. I have a television with a headphones jack that I destroyed by tripping over a headphones cord once, because the headphones jack was nice and durable and let me tear components inside the television off. I've damaged several USB-C cables, but I've never damaged the device they're connected to while doing so.

    On an interesting note, the standard is extremely old, probably one of the oldest data standards in general use today; the 1/4" mono standard was from phone switchboards in the 1800s.

    EDIT: Also, one other perk of using USB-C instead of a built-in headphones jack on a smartphone is that if the DAC on your phone sucks, going the USB-C-audio-interface route means that you can use a different DAC. Can't really change the internal DAC. I don't know about other people, but last phone I had that did have an audio jack would let through a "wub wub wub" sound when I was charging it on USB off my car's 12V cigarette lighter adapter --- dirty power, but USB power is often really dirty. Was really obnoxious when feeding my car's stereo via its AUX port. That's very much fixable by putting some filtering on the DAC's power supply, maybe needs a capacitor on the thing, but the phone manufacturer didn't do it, maybe to save space or money. That's not something that I can go fix. I eventually worked around it by getting a battery-powered Bluetooth receiver that had a 1/8" headphones jack, cutting the phone's DAC out of the equation. The phone's internal DAC worked fine when the phone wasn't charging, but I wanted to have the phone plugged in for navigation stuff when I was driving.

    Great post, thank you.

  • Sony WH-1000XM4/5/6

    I don't have one of those, but they're pretty popular as headphones with good ANC.

    Jlab Epic Air Sport ANC

    I do have those, though.

    Yeah. I have the previous version of the WH which seems not affected, but I also have the WF 3 which unfortunately seems to be.

    Many people have sony headphones with those chips.

  • The only time a hacker is going to target you like this is if you're an extremely high value target like a CEO or if you're in the crosshairs of a nation-state. The average hacker isn't going to waste this kind of effort to hack someone with $200 in their bank account and no power over anything or anyone.

  • The Bluetooth chipset installed in popular models from major manufacturers is vulnerable. Hackers could use it to initiate calls and eavesdrop on devices.

    Source

    I was hoping this would allow me to take over Bluetooth speakers that people use while skiing and replace their music with a PSA about how no one wants to hear their music

    Most annoying people on the mountain

  • Double post

  • and also why corporations didn't want them.

    Exactly! So they can spy on us more!

    No, the real reason is it saves a few pennies per phone. They can already spy on us through the internal mic.

  • I mean, there were legitimate technical issues with the standard, especially on smartphones, which is where they really got pushed out. Most other devices do have headphones jacks. If I get a laptop, it's probably got a headphones jack. Radios will have headphones jacks. Get a mixer, it's got a headphones jack. I don't think that the standard is going to vanish anytime soon in general.

    I like headphones jacks. I have a ton of 1/8" and 1/4" devices and headphones that I happily use. But they weren't doing it for no reason.

    • From what I've read, the big, driving one that drove them out on smartphones was that the jack just takes up a lot more physical space in the phone than USB-C or Bluetooth. I'd rather just have a thicker phone, but a lot of people don't, and if you're going all over the phone trying to figure out what to eject to buy more space, that's gonna be a big target. For people who do want a jack on smartphones, which invariably have USB-C, you can get a similar effect to having a headphones jack by just leaving a small USB-C audio interface with a headphones jack on the end of your headphones (one with a passthrough USB-C port if you also want to use a USB-C port for other things).

    • A second issue was that the standard didn't have a way to provide power (there was a now-dead extension from many years back that is now dead, IIRC for MD players, that let a small amount of power be provided with an extra ring). That didn't matter for a long time, as long as your device could put out a strong enough signal to drive headphones of whatever impedance you had. But ANC has started to become popular now, and you need power for ANC. This is really the first time I think that there's a solid reason to want to power headphones.

    • The connection got shorted when plugging things in and out, which could result in loud sound on the membrane.

    • USB-C is designed so that the springy tensioning stuff that's there to keep the connection solid is on the (cheap, easy to replace) cord rather than the (expensive, hard to replace) device; I understand from past reading that this was a major reason that micro-USB replaced mini-USB. Instead of your device wearing out, the cord wears out. Not as much of an issue for headphones as mini-USB, but I think that it's probably fair to say that it's desirable to have the tensioning on the cord side.

    • On USB-C, the right part breaks. One irritation I have with USB-C is that it is...kind of flimsy. Like, it doesn't require that much force pushing on a plug sideways to damage a plug. However --- and I don't know if this was a design goal for USB-C, though I suspect it was --- my experience has been that if that happens, it's the plug on the (cheap, easy to replace) cord that gets damaged, not the device. I have a television with a headphones jack that I destroyed by tripping over a headphones cord once, because the headphones jack was nice and durable and let me tear components inside the television off. I've damaged several USB-C cables, but I've never damaged the device they're connected to while doing so.

    On an interesting note, the standard is extremely old, probably one of the oldest data standards in general use today; the 1/4" mono standard was from phone switchboards in the 1800s.

    EDIT: Also, one other perk of using USB-C instead of a built-in headphones jack on a smartphone is that if the DAC on your phone sucks, going the USB-C-audio-interface route means that you can use a different DAC. Can't really change the internal DAC. I don't know about other people, but last phone I had that did have an audio jack would let through a "wub wub wub" sound when I was charging it on USB off my car's 12V cigarette lighter adapter --- dirty power, but USB power is often really dirty. Was really obnoxious when feeding my car's stereo via its AUX port. That's very much fixable by putting some filtering on the DAC's power supply, maybe needs a capacitor on the thing, but the phone manufacturer didn't do it, maybe to save space or money. That's not something that I can go fix. I eventually worked around it by getting a battery-powered Bluetooth receiver that had a 1/8" headphones jack, cutting the phone's DAC out of the equation. The phone's internal DAC worked fine when the phone wasn't charging, but I wanted to have the phone plugged in for navigation stuff when I was driving.

    A lot of great points here, I would be on aboard if phones therefore had two USB-C ports as standard

  • A speaker i have from bose is always on and "sleeping" and can be connected to from the phone no matter what i do, drains the fucking battery and when i want to use it finaly its dead.. wouldnt be surprised if some headphones worked the same..

    A smart outlet (and running home assistant) will solve that problem.

  • It sounds like they have some kind of wake function that it’s always listening for? I don’t think that’s a common feature in headphones just because of the battery drain, but they’re always chucking useless features on electronics so I’m sure some are floating around out there. I doubt it’s something you wouldn’t know about unless they were secondhand, though.

    It's BLE - Bluetooth Low Energy.

    Basically devices with BLE can listen for a wake-up command and turn on, similar to the "magic packet" of wake on Ethernet.

    Super convenient for "find my device" applications, also nice to be able to connect and activate the device without having to press a power button like a peasant.

    It also means that most devices with BLE end up flat within a month. I had a speaker with BLE and had to deliberately download a much older version of the Android partner app to turn it off, as they dropped the option to do so in later versions for "convenience". With BLE on it would be flat in about 6 weeks regardless of whether I'd used it or not , which really ruined ad-hoc usage for me.

  • I was hoping this would allow me to take over Bluetooth speakers that people use while skiing and replace their music with a PSA about how no one wants to hear their music

    Most annoying people on the mountain

    Or public transit. Or public parks. Or grocery stores.

  • 31 Stimmen
    1 Beiträge
    14 Aufrufe
    Niemand hat geantwortet
  • Ready-made stem cell therapies for pets could be coming

    Technology technology
    1
    1
    27 Stimmen
    1 Beiträge
    14 Aufrufe
    Niemand hat geantwortet
  • Teamviewer Terminates Perpetual Licenses

    Technology technology
    38
    236 Stimmen
    38 Beiträge
    197 Aufrufe
    C
    Right on, thanks for the info!
  • 454 Stimmen
    149 Beiträge
    671 Aufrufe
    eyekaytee@aussie.zoneE
    They will say something like solar went from 600gw to 1000 thats a 66% increase this year and coal only increased 40% except coal is 3600gw to 6400. Hrmmmm, maybe these numbers are outdated? Based on this coal and gas are down: In Q1 2025, solar generation rose 48% compared to the same period in 2024. Solar power reached 254 TWh, making up 10% of total electricity. This was the largest increase among all clean energy sources. Coal-fired electricity dropped by 4%, falling to 1,421 TWh. Gas-fired power also went down by 4%, reaching 67 TWh https://carboncredits.com/china-sets-clean-energy-record-in-early-2025-with-951-tw/ are no where close to what is required to meet their climate goals Which ones in particular are you talking about? Trump signs executive order directing US withdrawal from the Paris climate agreement — again https://apnews.com/article/trump-paris-agreement-climate-change-788907bb89fe307a964be757313cdfb0 China vowed on Tuesday to continue participating in two cornerstone multinational arrangements -- the World Health Organization and Paris climate accord -- after newly sworn-in US President Donald Trump ordered withdrawals from them. https://www.france24.com/en/live-news/20250121-china-says-committed-to-who-paris-climate-deal-after-us-pulls-out What's that saying? You hate it when the person you hate is doing good? I can't remember what it is I can't fault them for what they're doing at the moment, even if they are run by an evil dictatorship and do pollute the most I’m not sure how european defense spending is relevant It suggests there is money available in the bank to fund solar/wind/battery, but instead they are preparing for? something? what? who knows. France can make a fighter jet at home but not solar panels apparently. Prehaps they would be made in a country with environmental and labour laws if governments legislated properly to prevent companies outsourcing manufacturing. However this doesnt absolve china. China isnt being forced at Gunpoint to produce these goods with low labour regulation and low environmental regulation. You're right, it doesn't absolve china, and I avoid purchasing things from them wherever possible, my solar panels and EV were made in South Korea, my home battery was made in Germany, there are only a few things in my house made in China, most of them I got second hand but unfortunately there is no escaping the giant of manufacturing. With that said it's one thing for me to sit here and tut tut at China, but I realise I am not most people, the most clearest example is the extreme anti-ai, anti-billionaire bias on this platform, in real life most people don't give a fuck, they love Amazon/Microsoft/Google/Apple etc, they can't go a day without them. So I consider myself a realist, if you want people to buy your stuff then you will need to make the conditions possible for them to WANT to buy your stuff, not out of some moral lecture and Europe isn't doing that, if we look at energy prices: Can someone actually point out to me where this comes from? ... At the end of the day energy is a small % of EU household spending I was looking at corporate/business energy use: Major European companies are already moving to cut costs and retain their competitive edge. For example, Thyssenkrupp, Germany’s largest steelmaker, said on Monday it would slash 11,000 jobs in its steel division by 2030, in a major corporate reshuffle. https://oilprice.com/Latest-Energy-News/World-News/High-Energy-Costs-Continue-to-Plague-European-Industry.html Prices have since fallen but are still high compared to other countries. A poll by Germany's DIHK Chambers of Industry and Commerce of around 3,300 companies showed that 37% were considering cutting production or moving abroad, up from 31% last year and 16% in 2022. For energy-intensive industrial firms some 45% of companies were mulling slashing output or relocation, the survey showed. "The trust of the German economy in energy policy is severely damaged," Achim Dercks, DIHK deputy chief executive said, adding that the government had not succeeded in providing companies with a perspective for reliable and affordable energy supply. https://www.reuters.com/business/energy/more-german-companies-mull-relocation-due-high-energy-prices-survey-2024-08-01/ I've seen nothing to suggest energy prices in the EU are SO cheap that it's worth moving manufacturing TO Europe, and this is what annoys me the most. I've pointed this out before but they have an excellent report on the issues: https://commission.europa.eu/document/download/97e481fd-2dc3-412d-be4c-f152a8232961_en?filename=The+future+of+European+competitiveness+_+A+competitiveness+strategy+for+Europe.pdf Then they put out this Competitive Compass: https://commission.europa.eu/topics/eu-competitiveness/competitiveness-compass_en But tbh every week in the EU it seems like they are chasing after some other goal. This would be great, it would have been greater 10 years ago. Agreed
  • 93 Stimmen
    35 Beiträge
    135 Aufrufe
    D
    Same as American companies. Send you targeted ads and news articles to influence your world view as a form of new soft power.
  • 221 Stimmen
    16 Beiträge
    88 Aufrufe
    V
    Does it mean that some people take orders from AI and don't know it's AI ?
  • 880 Stimmen
    356 Beiträge
    2k Aufrufe
    communist@lemmy.frozeninferno.xyzC
    Is that useful for completing tasks?
  • 124 Stimmen
    12 Beiträge
    63 Aufrufe
    T
    Premium supported. You get plenty with the free tier, but you get lots more with paid.