Joe Dog Software

Do you have a stalker ex who wants to make your life miserable? Then I have bad news. A critical flaw in Google's Fast Pair protocol can allow nefarious actors to track your movements and eavesdrop on your conversations. Security researchers at Belgium’s KU Leuven University have the details. 

The team found seventeen audio devices sold by ten different companies that are vulnerable to an attack. Hundreds of millions of people are vulnerable, even those who've never owned a Google device. In their tests, the team connected to vulnerable devices within Bluetooth range, then controlled audio, eavesdropped on a conversation, played music, and tracked the victim using Find Hub.

The researchers discovered the flaw in August and notified Google, which alerted all manufacturers. Fixes are available from the OEM. But here's the thing: These are devices. The patch must be installed in the firmware. That requires downloading an installer app to a phone or laptop, then using the app to update the device's firmware. Given the total number of digital clocks blinking "12:00," this flaw will be with us for years to come. 

The following devices are listed as vulnerable on the Whisper Pair site:

• Siege
  • About
  • Manual
  • FAQ
  • README
  • History
• Fido
  • About
  • Manual
  • FAQ
• AJPing
  • About
  • Manual
• Pinochle
  • About
  • Playing Pinochle
  • Configure
  • Rules of Pinochle
• Wackyd
  • Wackyd
  • README
  • History
  • Manual
• Perl Modules
• Articles
  • Getopt For PHP
  • Global Response
  • Cache Control
  • Bandwagon Fans
  • Mr. Microphone