Author: Matthew Miller

Australia’s Connectivity Transformation

The countdown is on as SUBCO gears up to unveil its innovative Sydney-Melbourne-Adelaide-Perth (SMAP) inter-capital undersea fibre link this May. Covering 5000 kilometres, this 400Tbps system is set to improve Australia’s transcontinental connectivity, marking a significant advancement in the nation’s tech landscape.

A New Chapter for Australia’s Infrastructure

SUBCO’s SMAP cable is poised to provide the most substantial east-west capacity boost Australia has witnessed in 25 years. This infrastructure enhancement is anticipated to establish Australia as a key AI-ready, secure connection hub in the Indo-Pacific region. Bevan Slattery, founder of SUBCO, envisions Australia taking on a vital role in the global connectivity arena.

Strategic Investments for Improved Capacity

To guarantee the success of SMAP, SUBCO has made a series of strategic investments. This includes acquiring 12Tbps of terrestrial capacity between Sydney and Melbourne, slated to be operational in March. Furthermore, SUBCO has emerged as the leading tenant on Indigo Central’s Perth-Sydney subsea cable system, securing one-quarter of a fibre pair to enhance its network.

Ensuring Redundancy and Durability

To bolster the resilience of the SMAP network, SUBCO has integrated 100Tbps of subsea capacity connecting Sydney, Melbourne, and Perth. This strategy guarantees a solid and redundant infrastructure, prepared to accommodate the demands of a data-driven future.

Conclusion

With the upcoming launch of its SMAP undersea fibre link, SUBCO is set to transform Australia’s position in global telecommunications. The significant investments in both terrestrial and subsea capacities highlight a commitment to creating a future-proof, high-capacity network adept at supporting AI and data-heavy applications.

Q: What does the SMAP project entail?

A: SMAP comprises a 400Tbps undersea fibre link connecting Sydney, Melbourne, Adelaide, and Perth, launching in May.

Q: What effects will SMAP have on Australia’s telecommunications industry?

A: SMAP will offer Australia’s most substantial east-west capacity increase in 25 years, strengthening the country’s role as a secure connection hub in the Indo-Pacific region.

Q: What strategic measures has SUBCO taken to support SMAP?

A: SUBCO has invested in 12Tbps of terrestrial capacity between Sydney and Melbourne and has established itself as a key tenant on the Indigo Central Perth-Sydney subsea cable.

Q: How is SUBCO ensuring the durability of the SMAP network?

A: SUBCO has incorporated 100Tbps of subsea capacity connecting Sydney, Melbourne, and Perth to improve resilience and redundancy.

Q: Who is Bevan Slattery, and what is his vision for Australia?

A: Bevan Slattery is the founder of SUBCO, envisioning Australia as a premier secure connectivity hub within the Indo-Pacific region.

Q: When was SMAP first introduced, and what was the initial timeline?

A: SMAP was initially announced in mid-2023, aiming for service readiness in Q1 2026.

Bluetooth Security Vulnerability Endangers Smartphones

Quick Overview

• Recent flaws in Bluetooth chips may jeopardize smartphones.
• Airoha SoC found in numerous headphones has been identified as vulnerable.
• Intruders could connect silently and listen in via microphones.
• The RACE protocol is susceptible to being exploited for memory dumping and key extraction.
• Devices from manufacturers like Sony and JBL are implicated.
• Airoha has issued a software update to rectify the problem.
• Users are urged to update their devices and eliminate outdated pairings.
• Individuals at high risk should contemplate using wired headphones.

Identifying the Vulnerability

Experts from Germany’s Enno Rey Netzwerke (ERNW) have identified serious flaws in a commonly used Bluetooth system-on-a-chip (SoC). This vulnerability permits potential intruders to indirectly compromise smartphones by leveraging Bluetooth Classic and Bluetooth Low Energy connections, assuming they are in close proximity.

Covert Connection and Eavesdropping

The detected vulnerabilities enable attackers to silently connect to Bluetooth headphones and activate their microphones without user approval. This presents a major risk as attackers may overhear conversations and gather confidential information.

Exploiting the RACE Protocol

An additional critical element of the vulnerability is the exposure of the Remote Access Control Engine (RACE) protocol utilized in Airoha chips. By having access to this protocol, attackers can dump the permanent flash memory of headphones and extract digital link keys, allowing for unauthorized Bluetooth connections.

Effects on Mobile Devices

Once the keys are extracted, attackers can manipulate mobile phones, deceiving them into thinking they are interacting with a legitimate Bluetooth device. This vulnerability also makes it possible for them to summon voice assistants like Siri and Google Assistant to send texts, initiate calls, and execute various tasks.

Extensive Range of Impacted Devices

The Airoha SoC is frequently found in devices from notable brands such as Sony and JBL, exposing a wide array of headphones to these vulnerabilities. In contrast, Apple’s AirPods, which use a proprietary Bluetooth SoC, remain unaffected.

Mitigation Strategies and Suggestions

Airoha has been alerted and has provided an updated software development kit (SDK) to alleviate these vulnerabilities. Users are highly encouraged to promptly update their devices and clear any old or redundant Bluetooth pairings to minimize the risk of infiltration.

Specific Advice for High-Risk Individuals

For those in delicate roles, such as journalists, diplomats, and politicians, ERNW researchers recommend the use of wired headphones as a safer alternative to prevent possible attacks.

Conclusion

This recently discovered Bluetooth vulnerability emphasizes the necessity for regular software updates and cautious usage of wireless devices. Given the extensive array of at-risk devices, proactive actions are essential for protecting personal and sensitive information.

Q: What is the main vulnerability that has been identified?

A: The vulnerability enables attackers to quietly connect to Bluetooth headphones and turn on their microphones, allowing for potential eavesdropping.

Q: Which devices are impacted by this vulnerability?

A: Devices incorporating the Airoha SoC, including headphones from brands such as Sony and JBL, are affected. Apple’s AirPods are not at risk.

Q: What steps can users take to safeguard themselves?

A: Users should update their devices to the latest software, remove old Bluetooth pairings, and consider using wired headphones if they are at heightened risk.

Q: How did the researchers respond to the vulnerability?

A: The researchers notified Airoha, which subsequently released an updated SDK to address the vulnerabilities.

Q: Can attackers directly access smartphones through this vulnerability?

A: Indirectly, yes. By taking advantage of the Bluetooth connection, attackers can interact with the smartphone as though it were a trusted device.

Q: What is the RACE protocol, and why is it important?

A: The RACE protocol facilitates firmware updates and diagnostics within Airoha chips. Its exposure permits attackers to access memory and extract keys for unauthorized entry.