Unpatched Bluetooth-Connected Devices

I am not a chicken-little by nature but this has too many potential issues

Think about your Sena while riding down the road

Unpatched Bluetooth-Connected Devices

Would it start playing Barry Manilow if hacked?

The S20 is BT4.0 and an SMH10 is BT3.0, both of which should be safe (thank god - I couldn't take "Mandy" over and over).

"AND, if this commercial scares you, we will sell you a patch that will protect you from someone hacking your MP3 player, for just a small nominal fee." Gotta say, that sounds like BS to me.

It's a real vulnerability- but not as nefarious and catastrophic as the ad makes it sound. Devices that are current won't be vulnerable. Even when they are, it's not like they can remote control the device. More like, if everything lines up, cause it to crash with a buffer overflow or something similar, although some control issues, and the potential for a "man in the middle" like attack are also possible, given the right circumstance. Armis is cited as an example in CERT's VU#240311, so at least their findings are credible.

Bill Lumberg said:

cited as an example in CERT's VU#240311

Click to expand...

Which is the far better link to consider for folks on this forum. CERT isn't trying to sell you anything and detailed CERT VU#240311. It's one site security professionals use for objective information.

I give up.

The Sena isn't at risk, it's your phone that needs to be patched.

For me, the worst thing that could happen is stealing my bank info, or a ransomware attack.

In the former, my bank will cover it and for the latter, I'd rest my phone.

I don't keep BT turned on all the time, but I know other people (including my GF) that are less technical, that have BT and WiFi turned on all the time, 24x7.