NateTheTech

NateTheTech

Share

Support your local small businesses! https://g.page/natethetech?gm

Wake Forest, NC : On-Site in-home/office diagnostics, expansion, and repair services for your computers, ethernet & WiFi networks, electronic equipment and cabling.

05/27/2026

Just doing what we do best!

Photos from NateTheTech's post 05/26/2026

All in a day’s work!

Photos from NateTheTech's post 05/22/2026

Another proud before & after by NateTheTech!

31x ethernet endpoints and an awful mess of a wiring closet, transformed into a clean and functional masterpiece.

Messy wiring closet and underutilized network?
Call NateTheTech for your own OCD-friendly overhaul!

Photos from NateTheTech's post 05/13/2026

Wednesday Werkin

Residential Ubiquiti camera system installation

05/08/2026

Glowing praise from another very happy client!

Photos from NateTheTech's post 05/07/2026

These closet & system before/after posts are SO satisfying, and it’s been a while so I figured I’d share.

Always rewarding to leave my clients absolutely thrilled.

01/18/2026

"as if a networking wizard had cast a spell"
"with extreme care and cleanliness"

πŸ§™β€β™‚οΈ

Thank you, Nathan - it was our sincere pleasure to work for you.

01/02/2026

Heads up to literally everyone!!

https://www.facebook.com/share/p/1D3RyzSYgV/?mibextid=wwXIfr

Your headphones just became a backdoor to your phone. No pairing. No popup. Just Bluetooth range. 70 million chips. Sony. Bose. Marshall. JBL. A debug protocol active on production devices. Attackers can dump your Bluetooth keys, impersonate your headphones, and hijack your phone. πŸ€”

Three CVEs. Zero authentication required. Full technical disclosure: December 27, 2025 at 39C3.

The vulnerabilities

β†’ CVE-2025-20700: No authentication on Bluetooth Low Energy
β†’ CVE-2025-20701: No authentication on Bluetooth Classic
β†’ CVE-2025-20702: Debug protocol exposed that should never be accessible

RACE is Airoha's factory protocol. Meant for testing and firmware updates during production. It exposes read/write access to RAM and flash memory over three channels: USB HID, Bluetooth Classic RFCOMM (channel 21), and BLE GATT services.

The protocol was never disabled before shipping.

An attacker within 10 meters connects via BLE or Bluetooth Classic. No user interaction. The connection is silent.

Once connected, RACE commands dump the flash. Inside: the Bluetooth Link Key. This 128-bit key is what your phone uses to verify your headphones are trusted.

With the Link Key, the attacker clones your headphones' Bluetooth identity. Your phone sees "Sony WH-1000XM5" connecting. It trusts it automatically. No pairing popup.

β†’ Get your phone number using HFP commands
β†’ Access contacts and call history
β†’ Trigger Siri or Google Assistant
β†’ Accept incoming calls silently
β†’ Make outgoing calls to premium numbers
β†’ Activate your phone's microphone and listen

At 39C3 the researchers demonstrated WhatsApp and Amazon account takeover. Live.

Confirmed vulnerable

Sony WH-1000XM4, WH-1000XM5, WH-1000XM6, WF-1000XM5, LinkBuds S
Bose QuietComfort Earbuds
Marshall Major V, Minor IV, Acton III, Stanmore III
JBL Live Buds 3, Endurance Race 2
Jabra Elite 8 Active (patched)
Beyerdynamic Amiron 300
Teufel Tatws2
JLab Epic Air Sport ANC

Not the complete list. Airoha chips are in hundreds of products. Some manufacturers do not even know they use Airoha because they outsourced the Bluetooth module.

NOT vulnerable: Apple AirPods.

β†’ Airoha released a fix to manufacturers June 4, 2025. Six months later, most devices still run vulnerable firmware.
β†’ Jabra acknowledged the CVEs. Marshall quietly patched. Sony did not respond until they heard about the public disclosure.

Firmware updates come through manufacturer apps. Most users never open these apps after setup. Patches exist but are not reaching devices.

β†’ Update firmware through your manufacturer's app
β†’ Remove old Bluetooth pairings from your phone
β†’ Disable Bluetooth when not in use
β†’ High-value targets: use wired headphones

Want to learn how wireless attacks work and how to test network security? I cover WiFi hacking, man-in-the-middle attacks, and network protocols in my ethical hacking course:

β†’ https://www.udemy.com/course/ethical-hacking-complete-course-zero-to-expert/?couponCode=FEBRUARY26

Hacking is not a hobby but a way of life.



Writing: Jolanda de Koff | HackingPassion.com
Sharing is fine. Copying without credit is not.

Photos from NateTheTech's post 09/02/2025

Before/After Closet Wiring by NateTheTech

Get a quote for your home today!

Photos from NateTheTech's post 03/07/2025

I haven't posted in a while, mostly because it's been a super-busy month! Following the doldrums of December-January, February took off like a rocket, and we've been slammed with commercial and residential work.

Really looking forward to the warm Spring and Summer to come, and the wonderful year 2025 appears to be shaping up to be!

Want your business to be the top-listed Computer & Electronics Service in Wake Forest?
Click here to claim your Sponsored Listing.

Category

Address


Wake Forest, NC
27596

Opening Hours

Monday 9am - 6pm
Tuesday 9am - 6pm
Wednesday 9am - 6pm
Thursday 9am - 6pm
Friday 9am - 6pm