I don't have time right now to watch the video and will be coming back to do so later, but here's a couple of snippets from the text on that page that made me want to bother watching (either they're overhyping it, or it sounds interesting and significant)

> The identified vulnerabilities may allow a complete device compromise. We demonstrate the immediate impact using a pair of current-generation headphones. We also demonstrate how a compromised Bluetooth peripheral can be abused to attack paired devices, like smartphones, due to their trust relationship with the peripheral.

> This presentation will give an overview over the vulnerabilities and a demonstration and discussion of their impact. We also generalize these findings and discuss the impact of compromised Bluetooth peripherals in general. At the end, we briefly discuss the difficulties in the disclosure and patching process. Along with the talk, we will release tooling for users to check whether their devices are affected and for other researchers to continue looking into Airoha-based devices.

[...]

> It is important that headphone users are aware of the issues. In our opinion, some of the device manufacturers have done a bad job of informing their users about the potential threats and the available security updates. We also want to provide the technical details to understand the issues and enable other researchers to continue working with the platform. With the protocol it is possible to read and write firmware. This opens up the possibility to patch and potentially customize the firmware.

And everyone got mad at OpenBSD for refusing to develop bluetooth.

It’s a messy standard and we shouldn’t be surprised that the race to the bottom has left some major gaps.. though Sony WH1000’s are premium tier hardware and they have no real excuses..

I always wondered how people could justify the growth of the bluetooth headphone market in such a way.. Everyone seems to use bluetooth headphones exclusively (in Sweden at least), I’m guilty of buying into it too (I own both Airpods Pro’s and the affected Sony WH1000-XM5) but part of me has always known that bluetooth is just hacks on hacks… I allowed myself to be persuaded due to popularity. Scary.

I was also trying to debug bluetooth “glitching audio” issues and tried to figure out signal strength as the first troubleshooting step: I discovered that people don’t even expose signal strength anymore… the introspection into what’s happening extends literally nowhere, including not showing signal strength… truly, the whole thing is cursed and I’m shocked it works for the masses the way it does.. can you imagine not displaying wifi signal strength?

Meanwhile all the phones dropping jack because Apple started it. Official reason is to "waterproof phones"

Ah yes, the removal of headphone jacks, the gift that keeps on giving

Funny that there were always some people here pushing bt audio as "the future", whom I can only assume were the technically shallow but very opinionated people that would die on the smallest technical hills

Haven't watched the video yet, but I think this capability was leaked by VP Kamala Harris during her recent interview with the Late Night Show [0]. She stated she doesn't use wireless headphones because she's been in security meetings and knows they're not safe.

[0] https://youtu.be/BD8Nf09z_38 (Timestamp 18:40)

Glad this submission is finally receiving upvotes.

This was just shown at the 39C3 in Hamburg, few days back.

Common (unpached) Bluetooth headsets using Airoha's SoCs can be completely taken over by any unauthenticated bystander with a Linux laptop. (CVE-2025-20700, CVE-2025-20701, CVE-2025-20702)

This includes firmware dumps, user preferences, Bluetooth Classic session keys, current playing track, ...

> Examples of affected vendors and devices are Sony (e.g., WH1000-XM5, WH1000-XM6, WF-1000XM5), Marshall (e.g. Major V, Minor IV), Beyerdynamic (e.g. AMIRON 300), or Jabra (e.g. Elite 8 Active).

Most vendors gave the security researchers either silent treatment or were slow, even after Airoha published fixes. Jabra was one of the positive outlier, Sony unfortunately negatively.

What is exciting, even though the flaws are awful, that it is unlikely for current generation of those Airoha bluetooth headsets to change away from Aiorha's Bluetooth LE "RACE" protocol. This means there is great opportunity for Linux users to control their Bluetooth headsets, which for example is quite nice in an office setting to toggle "hearthrough" when toggling volume "mute" on your machine.

RACE Reverse Engineered - CLI Tool: https://github.com/auracast-research/race-toolkit

I feel like this should receive state-level attention, the remote audio surveillance of any headset can be a major threat. I wonder what the policies in countries official buildings are when it comes to Bluetooth audio devices, considering that Jabra is a major brand for conference speakers, I'd assume some actual espionage threats.

Most audiophiles ignore bluetooth headphones due to sound quality + latency, so we (audiophiles) stick to wired at home and we also have dedicated headphone amps since the pissy sound card D/A convertors are incredibly bad. Bluetooth only when I’m doing yard work. Sadly, modern music is tuned to crappy headphones, crappy car systems, crappy speakers … I miss the 80’s audiophile obsession, the equipment had heart, and mixing and mastering was generations ahead of current (mainstream) music production.

This is probably going to make some state actors unhappy.

A bit irritating to see people ruining the demo by calling the phone number

Shame on Airoha. Terrible security pracices.

You'd think Sony would have learned from the PSN debacle, but alas...

Now I need to setup to check if my headphones are still vulnerable...