Bluetooth headphone hacking: paranoia or a genuine cause for concern?
<div class="copy">
<p>US Vice President Kamala Harris made waves recently, when an <a rel="noreferrer noopener" href="https://www.politico.com/newsletters/west-wing-playbook/2021/12/06/kamala-harris-is-bluetooth-phobic-495343" target="_blank">article</a> from Politico’s ‘West Wing Playbook’ reported that she refuses to use Bluetooth headphones, believing them to be vulnerable to attack by <a rel="noreferrer noopener" href="https://cosmosmagazine.com/technology/like-catching-smoke-can-we-stop-a-cyberwar/" target="_blank">malicious hackers</a>. The article described the Vice President as “Bluetooth phobic”, but is there more than paranoia at play here? Is Bluetooth headphone hacking really a thing?</p>
<p>Bluetooth technology has streamlined our gadgets, stripping away most of the troublesome wires and jacks that are forever getting tangled in the bottoms of our bags and in the far reaches of our drawers. But it does come with a cost – limited by a short operational range, and designed to be used only between devices in close proximity, Bluetooth technologies have tended to create a lackadaisical attitude towards security.</p>
<h2>What do experts say about Bluetooth headphone hacking?</h2>
<p>“The risk is significant,” says Christophe Doche, Associate Dean at the Australian Institute of Business Intelligence. “Bluetooth is one of these technologies that was initially designed without too much concern for security.” </p>
<p>This is particularly true for innocuous add-ons, such as headphones.</p>
<p>Different devices are generally equipped with different security features, with the most stringent protections found where you’d expect them – in computers and laptops. But in headphones? Not so much.</p>
<p>“Bluetooth headphones are typically fairly ‘dumb’ devices,” says Paul Haskell-Dowland, Professor of Cyber Security Practice and Associate Dean for Computing and Security in the School of Science at Edith Cowan University.</p>
<p>We don’t tend to bother encrypting devices such as headphones, he says.</p>
<p>“Most headsets can be simply connected by pressing a button on the headset to initiate the ‘sync’, or may even be selectable directly on the phone with no further interaction required,” he says.</p>
<p>Even so, it’s not particularly likely that our headphones will provide the ‘crack’ through which attackers can directly infiltrate, and we generally have little to fear from enjoying a wireless groove session.</p>
<p>“When simply listening to music, such headphones don’t really represent any significant risk,” says Haskell-Dowland.</p>
<p>Instead, their biggest vulnerability stems from their susceptibility to eavesdropping.</p>
<h2>How can others eavesdrop on your Bluetooth headphones?</h2>
<p>This is because we do much more than listen to our favourite tunes on our headphones – they are routinely used for phone calls, and increasingly for remote conferencing. As a radio-frequency device, there are opportunities to capture the radio signals and eavesdrop into communications.</p>
<p>“A competent and determined attacker could take advantage of Bluetooth headphones and protocols, to implement, for instance, a man-in-the-middle attack, effectively intercepting all the traffic coming in and out the headphones,” says Doche.</p>
<p>Haskell-Dowland expresses similar concerns, but reiterates that much of the threat is context-dependent.</p>
<p>“Given that a lot of Bluetooth headset use is undertaken in public settings, the concerns are perhaps no different to being overheard by the person sat next to you on the train – although capturing the Bluetooth audio would include all parties in the call,” he says.</p>
<p>This means that any sensitive information divulged is only ever as secure as the weakest point in the chain. You can take measures to guard security at your end, but it only takes one group member wearing Bluetooth headphones to open the whole conversation to prying ears.</p>
<p>In some very rare instances, a more sophisticated attack known as privilege escalation might be executed. This involves moving from the wireless communication channel to accessing the data on the device itself.</p>
<p>“Privilege escalation to your phone or tablet can be even more destructive, because there we have credentials for our online services and possibly sensitive financial and medical data as well,” says Kim Crawley, cybersecurity researcher for <a rel="noopener" href="https://www.hackthebox.com/" target="_blank">Hack The Box</a> and author of the book <em>8 Steps to Better Security: A Simple Cyber Resilience Guide for Business (Wiley Tech).</em></p>
<h2>Does this mean Harris’s caution is warranted?</h2>
<p>Crawley believes Kamala Harris is right to be cautious about Bluetooth headphone hacking, given her position.</p>
<p>“There’s not much that I agree with Vice President Harris on, but I definitely agree with her use of wired earbuds and microphones,” she says.</p>
<p> “She is a prominent cyberattack target who is very often privy to highly classified information. Removing the possibility of wireless interception from the device-to-peripheral level does what we in cybersecurity call ‘reducing your attack surface’.”</p>
<p>Doche agrees, but notes that just because Harris might be justified in her cautious approach, this doesn’t mean we all need to be similarly worried.</p>
<p>“The everyday person faces exactly the same issues,” he says. “However, the likelihood that a competent and determined attacker would try to breach their headphones is less, just because they are not a high-profile target. It is fair to say that they face a smaller risk.”</p>
<p>While the risk from Bluetooth headsets is small and generally focused towards specific individuals, being aware of risk and minimising vulnerabilities is always a good idea.</p>
<p>“Absolutely nothing that we do with computer technology is zero risk,” says Crawley. “It’s all about deciding what level of risk is acceptable to us.</p>
<p>“Every new Bluetooth standard features stronger encryption and more secure cryptographic implementation. But the technology <a rel="noreferrer noopener" href="https://cosmosmagazine.com/technology/what-is-ransomware-and-how-is-it-dealt-with/" target="_blank">cyberattackers</a> use to crack or bypass encryption is always getting stronger, too. Encryption and decryption is a constant cat-and-mouse game and digital arms race.”</p>
<h2>What are the best ways to safeguard your privacy?</h2>
<ul>
<li>The first step comes at the point of purchase. Buying a headset that requires a PIN code to connect to your phone or computer is a good start, but you can also look for headsets that support stronger levels of security through the use of encryption. If possible, change the PIN code to a unique value – when headsets share a common default code, it is easy to track down the code in online manuals. </li>
<li>Try to use headsets supporting the most recent versions of Bluetooth. </li>
<li>Only leave your Bluetooth in ‘discoverable’ mode when you’re pairing new headphones with your phone or laptop. Once linked, your device will retain the headset’s unique identifying code – there is no need to replicate the linking process each time you use the same headphones.</li>
<li>Turn off Bluetooth when not in use (though this may be challenging in countries where COVID track-and-trace apps use Bluetooth).</li>
</ul>
<em>Image credits: Getty Images</em></div>
<div id="contributors">
<p><em>This article was originally published on <a rel="noopener" href="https://cosmosmagazine.com/technology/computing/bluetooth-headphone-hacking/" target="_blank">cosmosmagazine.com</a> and was written by Jamie Priest. </em></p>
</div>