hngopher.com

       [HN Gopher] AirPods fast connect security vulnerability
       ___________________________________________________________________
        
       AirPods fast connect security vulnerability
        
       Author : memalign
       Score  : 125 points
       Date   : 2024-06-29 17:40 UTC (5 hours ago)
        
 (HTM) web link (blogs.gnome.org)
 (TXT) w3m dump (blogs.gnome.org)
        
       | a1o wrote:
       | Very nice write-up
       | 
       | > ... see if I could get all the functionality working on Linux
       | as well. ... I'll talk about the specifics in another blog post
       | ...
       | 
       | I am super curious to read when you do write-up about
       | implementation of this functionality in Linux! Thanks for that
       | and I will refresh the blog until that is written :)
        
       | rock_artist wrote:
       | > That's because AirPods auto-update their firmware by
       | themselves, but only when they're used together with an iPhone or
       | MacBook, so Android users have no easy way to update their
       | firmware.
       | 
       | From what I remember, advantage of affected Beats devices which
       | also use same chip is they can actually be updated from the beats
       | app on Android
        
         | nuccy wrote:
         | I use Airpods Pro (1st before and now 2nd gen) with Android
         | phones. And indeed no way to update firmware from Android, no
         | way to check firmware version, no way to select modes, no way
         | to change long press behaviour, no way to check battery level
         | (there are third party apps but they work unreliably). Luckily
         | all that can be done on Mac (except fitting test, which
         | requires iPhone only), though the firmware upgrade process is
         | as confusing as it can possibly be - a user has zero control
         | whatsoever and zero information about status/progress.
         | 
         | One of the support team members in an Apple Store once
         | suggested: you need to leave AirPods connected to the Mac
         | inserted into open case, which is plugged and charging for
         | about 30 minutes to upgrade the firmware. Though in my
         | experience there is definitely a random factor in play for such
         | an upgrade. Moreover I have an impression that even Apple Store
         | employees sometimes have very vague idea how Apple products
         | interplay with any other Apple product excepting the iPhone.
         | Two times I had hardware issue with 1st and 2nd gen Airpods
         | they were very confused that I don't use those with iPhone but
         | with a Mac and Android only.
        
       | StrLght wrote:
       | I understand that chances are pretty slim but I still hope that
       | this will make Apple do something regarding AirPods updates on
       | other OSes or at least on Android.
        
       | diebeforei485 wrote:
       | There is no manual update option. Auto-update is the only way to
       | update, and it's unclear how to cajole it to auto-update.
        
         | Operyl wrote:
         | If I recall correctly, removing/unpairing the AirPods and
         | forcing a re-pair will forcibly trigger an update.
        
       | cjk2 wrote:
       | I didn't even know about this vulnerability and mine are updated.
       | Just how I like things.
        
       | zeroz wrote:
       | Settings > Bluetooth > Your AirPods (click on [i]) shows the
       | version, even if AirPods are not actively connected.
       | 
       | 6A326 seems to be the version including the fix.
       | 
       | https://support.apple.com/en-us/HT214111
        
         | mh- wrote:
         | _> AirPods Firmware Update 6A326, AirPods Firmware Update 6F8,
         | and Beats Firmware Update 6F8_
         | 
         | I'm on 6F8, which I presume is for AirPods Pro 2nd gen.
        
       | schrodinger wrote:
       | Obviously any vulnerability is bad, but I'm trying to understand
       | just how bad this one is. What "scary" things could an attacker
       | do?
       | 
       | It doesn't sound like they could listen in on a phone call you're
       | having without your knowledge, or even an audio stream, since it
       | breaks the original connection, right? So is the worst they could
       | do is come within a pretty short distance of you, scan for your
       | mac address, and the auto-connect and play some noise into your
       | ears? Or is there more?
       | 
       | I suppose you could do something like take over the airpods of a
       | high-level celebrity or politician while they're on a video call,
       | that could be bad (but caught instantly). Anything worse?
        
         | Gigachad wrote:
         | Realistically the worst thing is just being annoying. If it was
         | left unpatched, someone would make an airpod jammer app for the
         | flipper zero and cause annoyance in public places killing the
         | audio on everyones airpods.
        
       ___________________________________________________________________
       (page generated 2024-06-29 23:00 UTC)