10-15 meters might be good enough to conduct the attack from a neighboring office or apartment, while actual eavesdropping is not so easy.
Comment on Zero-day: Bluetooth gap turns millions of headphones into listening stations
viking@infosec.pub 9 months ago
Sounds like the attack scenario is very sophisticated and targeted, and only works within the range of Bluetooth low energy (BLE) connectivity, so 10-15 meters under best circumstances. At that point they might as well eavesdrop on my calls in person.
solrize@lemmy.ml 9 months ago
joel_feila@lemmy.world 9 months ago
Honey i got to go there is a man outside our window with a lapton and an radio antenna "Ignore the man outside your window and just read off your credit card number
tehfishman@lemmy.world 9 months ago
Directional antennas exist and are very inexpensive
wintermute@discuss.tchncs.de 9 months ago
I think BLE is only required for the initial compromise (extracting the pairing key). After that the attack can be performed over classic BT, and can impersonate either part (headphones or phone) to the other.
It’s still very targeted and sophisticated, so no reason to panic unless you have reasons to think someone with the resources could target you.
Regarding the attacks, they got way beyond eavesdropping calls, since BT headphones usually have access to contacts and smart assistants, that you can use to extract a lot more information