Meh. So realistic attack would be that you know someone you want to track has one of those 17 models (which is hard to tell by just looking at the headphones) and never paired it with Android and he carries them everywhere. You force-pair and now you can track them. It's pretty silly as a random attack because why would you track a random person. It's silly to use it to record conversations because from 15 m there are easier methods to do it. I would say the risk that this will be used to actually track/record someone is low.
this post was submitted on 16 Jan 2026
277 points (98.6% liked)
Technology
78785 readers
2355 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
GOOGLE DESIGNED THE wireless protocol known as Fast Pair to optimize for ultra-convenient connections: It lets users connect their Bluetooth gadgets with Android and ChromeOS devices in a single tap.
Bluetooth pairing is not a difficult process, imagine creating a whole new attack vector for that. And of course security was an afterthought. Capitalism is amazing for wasting resources and getting bad results for it.
Given its google I would really not be surprised if it were a feature, not a bug
I'd agree security needs more attention when developing protocols and products, and, I'd also consider Bluetooth simple. That being said, I know plenty of folks that don't like the Bluetooth pairing process, especially those without a technical background.
Fast Pair is really convenient, and I'd say it can open the door for a lot of new experiences, but I do wish the developers put more effort into their TARA.
My wired headphones dont have this issue, likely sound far better, require no batteries, and are user serviceable.
Guys, we peaked in 2012 (potentially earlier) as a race technologically, stop trying to create new grifts for billionaires.
I want to agree, I used to hate wireless headphones, until I realised that wired don't last long if I wear them anywhere outside my desk.
The cable keeps getting caught in door handles, accidentally stepped when I need to crouch and then snapped when I get up or the plug simply gives up from being constantly bent inside the pocket.
I'm a person who can use a soldering but that doesn't make repair much easier, phones don't usually like the 3.5mm jacks available in the market, opening and closing whatever plastic thing covers the contacts or the back of the drivers often break after a third time opening it.
The cables themselves start to breakdown and that time I ordered a whole replacement cable off eBay the phone lost all bass (probably high impedance).
Another issue is that modern phones output a very quiet signal that doesn't get loud enough even when plugged the HD25.
In end wireless headphones solve this problem, I still use wired headphones on my desk. But for mobile use wireless it is.
The quiet issue is due to impedance. You need a better amplifier than your phones garbage dac. High ohm headphones require more juice.
I dont listen to headphones on the go really. Only in office. Usually it sounds awful and there's too much noise around me to enjoy it, and I prefer to enjoy music on my actual listening setup at home amyway, headphones will always sound worse due to no depth. But im weird about sound. Music isnt background noise to me.
Noise cancelling headphones and background music helps a ton when I'm in the office. Stupid open office...
You can hardly find wired headphones now. When you do they are junk. I want a sturdy headphone where they did not save every penny making the wire near microscopic, cheap joints, etc.
Paying more does not mean it is quality either.
By wired do you mean exclusively RCA or do you count usb as well? Both pair of my Sennheisers work via USB if you plug it in.
The Sony XM3 and other headphones in the series are a great option since you don't have to choose, they have a headphone jack so you can go wired if you want.
Same thing with Shure Aonic 50s.
Beyer dt 770. Very tough.
My mains are those, grado rs2, and senn hd595. Some sony md7506 but I hate the sound on them.
Recording musicians use them for monitoring. Bluetooth has too much latency when you are trying to keep your groove in the pocket.
I'm finding lots of great 10-15 yo used recording gear/tech that was originally $200+, going for cheap, like less than $50, because it doesn't have Bluetooth, which you don't want with recording gear anyway.
Go to where the audiophiles are. There are plenty of headphones and IEMs (earbuds) under $50 (and even $25) that sound fantastic and sound better than $200 dollar options out there. My favs that I actually tried are the MOONDROP Chu 2 $23, Koss KSC75 $20, and the Sennheiser HD 600 (which I got on eBay for like $250). Check out the audiophile subreddit, there are plenty of people who have made ranking lists.
Yeah if youre buying headphones on Amazon or Walmart, you'll get shit.
I refuse to shop at either of those places for anything really. Wish others would be brave enough to do so as well and stop giving billionaires money for no reason.
What's your budget? over ears or earbuds? if over ears open back or sealed?
Idk, 20, 40, more if needed if it will hold up to use at work. I usually get the sports ones that have the ear loop so you don't have to constantly put earbuds back in the ear.
Ah yes its hard to build quality headphones for that little.
in that price range I'd buy some chifi IEMs like the zero:2 or chu II
How much for quality headphones then? Especially like earbuds with the sports clip that loops on the ear so they don't fall out, to be able to use for work and running and such? If it lasts I will pay more. The more expensive stuff I've bought has broken as soon as the cheaper stuff.
You can hardly find wired headphones now. When you do they are junk. I want a sturdy headphone
Shop where the musicians shop.
Just see mondrop chu c2 for 20$ destroying 150$ Bluetooth earphones.
“But that wire…”
- some techno gusher probably.
We all laughed at the time, but The Matrix was right - civilization peaked in 1999.
Talking about computers, definitely yes, functionally. The socially important problems got solutions, imperfect, but replaceable ones.
We had publishing to all the world via Usenet and Web, file exchange with all the world via plenty of FTP servers, way to find those files and published pages via search engines (those real ones, which just indexed file attributes and page contents), our social identities were ICQ numbers and email addresses, our way to repost stuff was sending a link, our way to rate and discover good things was web directories made by people.
For evaluating something on the Web a vote is simply not a universal unit. Every vote is a different person. So upvotes and downvotes lead to numbers being important for ratings on something, which means that the least useful things get the biggest ratings. Because everything useful is offensive to someone.
The only downside that environment had was insufficient easiness of making a webpage, hosting a website, hosting something else.
If I were imagining a solution, it would look like an all-in-one suite like Hotline, but based on how the Web was then, including an intuitive editor (something more like QuarkXPress) for pages and with hosting and mirroring being transparent. A p2p system with cryptographic identities, but manual choice of hosting something. With a p2p contact directory, but many trees of trust inside that directory, where one tree of trust is like one email provider or one xmpp server for identities, that you subscribe to. With "domains" (sort of) being done similarly to that contact directory. With good old Kademlia for finding contacts, domains, groups and separate pages, posts or files. And other than good old Kademlia, possibly some kind of interchangeable client-server things, like storage areas and trackers and relays, to help with offline messaging and NAT's.
OK, my thought floated away, intuitive management of anything creative in that system is honestly the main flaw of how it was in year 1999. I even wonder if that "agentic AI" they are talking about has a place in such an application suite.
Those protocols and services still exist among improved means that are also decentralized. One only has to seek them out.
Not really. That's like saying that a bunch of non-standardized tracks all over some country is a railway system.
Sennheiser hd630 is amazing. I use my technics az80 at work to block noise and appreciate having no wires getting caught up on mechanical stuff.
I love not having to worry about charging my headphones. I had wireless for years but I went back to wired.
I don't find this being an issue when I have to charge it maybe once a month. Not talking about IEMs of course.
My issue was needing them when they didn’t have a charge or had low charge, and not being able to charge them while using them.
Placing a bet now: under 10% of vulnerable units will be patched within a year's time.
I like your optimism.
I mean 0.1% is still technically under 10%
Ah. I should really figure out how to read. Whoops.
I'll add to that- within a year's time, less than 50% of the affected devices will even have a patch available.
load more comments
(3 replies)
laughs in 3.5mm
Laughs in 6.3 mm
6.3 mm
and huge muscles from lugging that thing around
security researchers [...] are revealing a collection of vulnerabilities they found in 17 audio accessories that use Google’s Fast Pair protocol and are sold by 10 different companies: Sony, Jabra, JBL, Marshall, Xiaomi, Nothing, OnePlus, Soundcore, Logitech, and Google itself.
load more comments
(7 replies)
view more: next ›