Thursday, July 4, 2024

AirPods Fast Connect Vulnerability

Jonas Dreßler (via Hacker News):

There’s a security vulnerability (CVE-2024-27867) in the firmware of Apple AirPods. Anyone who knows the Bluetooth MAC address (which is somewhat public) can connect to your AirPods and listen to the microphone or play music.

[…]

Fast Connect is a proprietary and US-patented protocol by Apple that creatively uses the “ping” feature of the Bluetooth specification. Its main purpose seems to be reducing the time it takes to establish a connection between two Apple devices from roughly 1 second down to about 0.5 seconds.

[…]

Turns out that Apple (most likely) forgot to do some checks in the separate code paths that implement Fast Connect. Some very important ones: The AirPods forget to check the security level of the connection, i.e. “did the other side actually authenticate itself and turn on encryption?”

So anyone can connect to your AirPods and use the microphone to record your local environment, as well as engage in more creative mischief. This is fixed in a firmware update, but if your AirPods only connect to non-Apple devices you would need to go to an Apple Store to update the firmware.

5 Comments RSS · Twitter · Mastodon


I'm sorry, all that engineering to go from 1 second to half a second? If this was a fighting game and you could fix 30 frames of lag, that would be amazing! However, for a device connection on Bluetooth, is a half second even noticeable?


Nathan (not particularly retro)

Its main purpose seems to be reducing the time it takes to establish a connection between two Apple devices from roughly 1 second down to about 0.5 seconds.

30 frames of lag

500ms when you want your headphones to switch ASAP from your computer to some short-form video on your iPhone isn't nothing.


Agreed. One of my favorite improvements with AirPods over the years is how much quicker they connect to whatever device I’m using. I might connect a dozen or so times a day, so any effort to improve connection latency is well worth it.


@Nigel Yeah, it’s not clear to me whether this is the reason AirPods feel faster, but they definitely do, and that matters.


I made a webb app using chatGPT so that I could show clients just how long a delay of a second (or two, or half asecond is)

It's ugly as sin but it was completed in under 10 minutes from when I got the idea to when I had a public link I can share with anyone

https://blossom-disco-battery.glitch.me

Half a second is definitely noticeable

Leave a Comment