Flaws in how 17 models of headphones and speakers use Google’s one-tap Fast Pair Bluetooth protocol have left devices open to eavesdroppers and stalkers.
List of vulnerable devices https://whisperpair.eu/vulnerable-devices
The flaw stems from many accessories failing to enforce a critical step in the pairing process. To start the Fast Pair procedure, a Seeker (a phone) sends a message to the Provider (an accessory) indicating that it wants to pair. The Fast Pair specification states that if the accessory is not in pairing mode, it should disregard such messages. However, many devices fail to enforce this check in practice, allowing unauthorised devices to start the pairing process. After receiving a reply from the vulnerable device, an attacker can finish the Fast Pair procedure by establishing a regular Bluetooth pairing.
If you have to be within 50ft (15m) of the target to connect, you can probably see them already right?
Idk, can it be done with a throwaway esp32?
add a battery and radio capable of relaying the signal… wonder how small you could make a package like that
https://flipper.net/
This already existsthose are sick, I was thinking something inconspicuous that’s left in place and occasionally gets polled for its buffer via radio, which is also not an original idea
Esp32 has Bluetooth and wifi. Just gotta have it connect to a nearby network and phone home. Or setup a wifi mesh with other nodes and connect to it from a couple blocks away.
