Skip to main content

Here’s why it’s highly unlikely your Bluetooth headphones will be hacked

We’ve seen a bumper crop of scary-sounding headlines these past few days, including, “Bluetooth is bad and you should stop using it,” “Turn off your Bluetooth, experts warn amid ‘profound security risk,'” and “Critical Bluetooth flaw leaves millions open to attack.”

Based purely on the content of these statements, you might think that Bluetooth has suddenly become a wide-open door on your devices, through which anyone with ill intent could walk and cause irreparable harm, or steal all of your personal info. But the truth is that while these newly discovered threats are real, the odds of your Bluetooth devices being hacked are low — and lower still if you’re only using Bluetooth with your headphones. Here’s what’s really going on.

Beware the KNOB

It was revealed on August 13 that older Bluetooth chips and communication protocols are able to be forced into accepting unwanted connections — and that those connections can be used with nefarious intent. Little panic ensued at the time, and fixes for the exploit were already being issued by major manufacturers. Then suddenly, on August 23, entities like Mashable and Fox News started warning everyone to turn off Bluetooth. We don’t know why these sources decided to ring the alarm now, but here’s a quick recap of the problem.

The exploit in question is known, somewhat hilariously, as KNOB: Key Negotiation of Bluetooth. Without getting too technical, it uses a recently discovered weakness in the way Bluetooth devices ask for and receive permission to exchange data. That weakness means that a receiving device could be tricked into accepting a much lower level of security — one that could be easily outfoxed by a hacker — for these data exchange connections. From there, we are led to believe, all kinds of nasty things could be done to the targeted device, from unintended operations (sudden volume changes) to the theft of personal information.

Am I at risk?

In order for a hacker to successfully exploit this weakness, they would need the right gear (not exactly off-the-shelf hardware at your local Best Buy), be near a set of Bluetooth devices that had not already been patched against the vulnerability, and intercept the communication between the two devices at precisely the right moment. In other words, the odds of it happening to you when sitting in a bar, restaurant, bus, or another public place are low — very low. If you’re at home, the odds are lower still.

What could happen?

Let’s say you suffered from extremely bad luck and just happened to sit down next to someone with all of the right gear and the ability to use it, and you were using Bluetooth to listen to Spotify on your phone via wireless headphones. What could happen? Worst-case scenario, your musical guilty pleasure — that Nickelback playlist you hit when you think no one is listening — just made itself known to a complete stranger. OK, they might also be able to turn the volume up or down or skip tracks (maybe that’s not such a bad thing), but the bottom line is, the threat isn’t horrible.

So why the ruckus?

We don’t want to underplay the severity of the exploit that was discovered. It’s a potential nightmare under specific circumstances, which is why every major company that uses Bluetooth technology rushed to issue software patches right away.

If you’re running the latest version of Android, iOS, macOS, Windows, etc., and you’re staying on top of your security updates, you have little to fear. Perhaps the biggest takeaway from this event — and really every other exploit that gets discovered — is that you’re never 100% safe from security risks when using modern technology. But if you’re vigilant when it comes to software updates on ALL of your devices, you’ve taken the most important step toward keeping yourself safe.

Now, we can’t really fault some of the other publications for telling people to turn Bluetooth off. It’s not bad advice. If you’re not using it, you should turn Bluetooth off. It sucks battery life, and in some retail environments, it can be used to acquire tracking info about your device. But we don’t think the average person using wireless headphones or earbuds needs to worry about becoming a victim while listening to their favorite tunes.

Editors' Recommendations

Simon Cohen
Contributing Editor, A/V
Simon Cohen covers a variety of consumer technologies, but has a special interest in audio and video products, like spatial…
Sennheiser’s new budget-friendly headphones get a very high-end feature
Sennheiser Accentum wireless headphones in black and white colors.

Sennheiser's new Accentum wireless noise-canceling headphones look a lot like its top-of-the-line $380 Sennheiser Momentum 4 Wireless headphones. And while they have similar features, the Accentum are priced at $180 and can do something the Momentum 4 can't: they accept lossless digital audio via their USB-C port. The black version is up for preorder on September 25 and is expected to ship starting on October 4, while the white version begins shipping in late November. Both models will be available at select retailers and at sennheiser-hearing.com.

The Accentum are the successors to Sennheiser's 2020 HD 450 BT, and the company's approach to this more affordable product line remains the same -- preserve as many features from the Momentum line as possible while keeping the price under $200. Needless to say, you can't do this without some trade-offs. The Accentum don't come with a carry case or any kind of analog input. They use only physical controls, not touch controls, and they don't have wear sensors for auto-pausing your tunes when you remove them.

Read more
Bluetooth headphones have been on planes for 10 years, so why do I still need a cable?
sony noise cancelling headphones whc700n amazon deal wireless bluetooth over the ear  wh ch700n

United Airlines passengers are about to get a big upgrade to their in-flight entertainment (IFE) experience over the coming years thanks to its purchase of 300,000 IFE systems from Panasonic Avionics. The new seatback systems are wildly better than what we’ve been used to, sporting large and colorful 4K OLED screens, USB-C charging ports, spatial audio support — and a feature that seems almost old-fashioned by comparison: you can connect your Bluetooth wireless headphones.

United’s upgraded Boeing 787 and Airbus A321XLR aircraft won’t be its first planes with Bluetooth, but the fact that it's a feature the airline felt was worth calling out is a stark reminder that Bluetooth -- a wireless audio technology that has been around for about 25 years -- remains a rarity on airplanes. This is despite the fact that the Federal Aviation Administration (FAA) got over its long-running fear of the tech in 2013 when it overturned its previous rules about portable device use and effectively gave airlines the green light on going blue.

Read more
Bluesound gives its Node streamer a new DAC/headphone amp for its 10th birthday
Bluesound Node X with headphones.

It has been 10 years since Bluesound debuted its Node wireless media streamer and to commemorate that event, the company has decided to release a limited-run anniversary edition of the device, known appropriately as the Node X. It looks almost identical to the regular Node, but headphone addicts will be quick to note the one difference: the Node's 3.5mm headphone jack has been swapped with a quarter-inch output. And if you suspect that change is more than just about accommodating a larger plug, you're right.

Bluesound says that the centrally-mounted headphone jack is powered by a THX Achromatic Audio Amplifier (AAA) -- the same technology found in the $200 THX Onyx headphone DAC/amp -- "with patented feed-forward error correction resulting in infinitesimally low levels of noise, distortion, and power consumption."

Read more