I’d kind of like to know whether these can be used against an unpaired device or not. That’d seem to have a pretty dramatic impact on the scope of the vulnerability.

Don’t see how that would matter much. The “scope of the vulnerability” is sufficiently large enough that it should not be partially or otherwise discredited as a risk.

If someone owns a Bluetooth device, then its fair to think that at some point they’d actually use it, being vulnerable to the backdoor access. That’s billions of uses right there, on a regular basis.

~This~ ~comment~ ~is~ ~licensed~ ~under~ ~CC~ ~BY-NC-SA~ ~4.0~