Is there any danger in my cell phone’s Bluetooth being turned on while I’m connected with headphones? Looking here on the PG forum, I saw that the problem with Bluetooth is the pairing process, so if I do it at home (where I’m alone) there’s a low risk, right?
And in relation to my headphone. Does staying on and connected to my phone offer a high attack surface?
Note: I already renamed my Android hostname to “Android”, so there is no information directly about me exposed.
Edit: i forgot, but my threat model doesn’t include high privacy
I have never heard of any attacking surface you could’ve faced with Bluetooth, at least, on Android. Since your Bluetooth’s discoverable mode is only on when you open the Bluetooth’s pairing menu, just using your Bluetooth headphones won’t make your device discoverable by anyone.
BT can be used to track you, both physically and virtually. Modern OSes have mitigations against that, though.
BT can also be used for DoS attacks, e.g. right now you can crash/DoS fully patched iOS 17.1.1 smartphones with the Flipper Zero device.
If you have a very old phone there can also be unpatched bugs in your BT implementation that could allow for various exploits.
If you have a use case like your headphones where you actually need to use it all the time, you have no choice anyway. But for people that don’t use it, I would recommend turning it off.
Semi-related story time: While modern devices with up-to-date software are probably fine in general, I remember when I was younger before smartphones were a thing really I would install some alternative ROMs to my flip phone and there were several apps allowing you to exploit common Bluetooth vulnerabilities at the time. Including making other people’s phones ring, make outgoing calls etc. – of course back then people stored way less interesting data on their phones and Bluetooth was excruciatingly slow, so even with all these vulnerabilities it wasn’t really exciting.