Is Bluetooth Really a Security Risk? Why Kamala Harris Insists on Wired Headphones

Vice President Kamala Harris reportedly insists on using wired headphones, because she perceives Bluetooth connectivity as a security risk.

According to a recent article from Politico's "West Wing Playbook," the vice president is cautious about certain forms of technology. The report cites former aides, who allege that Harris favors texting over email and is reluctant to let others wait alone in her office before meetings.

However, the claim that has attracted the most attention is that the vice president is "Bluetooth-phobic." The article contends that Harris will use only wired headphones, because she believes Bluetooth devices are vulnerable to attacks from malicious hackers.

Politico points to several instances when Harris was filmed using wired headphones. Examples include the famous video of her calling Joe Biden to congratulate him on winning the presidency and her appearance on The View back in September 2021.

One of the article's contributors, Alex Thompson, has compiled a gallery of screenshots depicting Harris using wired headphones in various interviews and out in public.

Politico said it had reached out to the vice president's office to ask if there was a reason why Harris is "paranoid" about Bluetooth. At the time of publication, it had received no response.

Is Bluetooth Really a Security Risk?

The Politico article mostly frames Harris' purported aversion to Bluetooth as an eccentricity, without exploring in depth whether it's justified or not.

This has prompted criticism on social media, with users including tech reporters and cyber-security specialists pointing out that there are legitimate concerns about the vulnerabilities of Bluetooth.

Zeynep Tufekci, a sociologist and New York Times columnist, tweeted: "Bluetooth is a well-known security risk—including the possibility of escalating and executing code—well, malware—on the phone."

Likewise, Bryon Tau, who covers matters of surveillance and privacy for The Wall Street Journal, writes: "Bluetooth peripherals are a security risk. If they don't rotate their unique identifier, they can easily be sniffed and tracked. If there are flaws in the security, they can be compromised. Most people don't have to worry about these things, but high-level federal officials should."

Nu Wexler, who has worked at large tech companies as well as in Washington, posted that the political commentators he follows on Twitter were amused by the idea of Bluetooth phobia, while the tech accounts were saying there were "known security vulnerabilities in Bluetooth technology and of course a high-level target like the VP shouldn't use AirPods."

For most people, Bluetooth security need not be a massive concern, but it does make sense for somebody in Harris' position to be extra vigilant. A cyber-security information sheet published by the National Security Agency in July warns that malicious actors can indeed compromise wireless technologies such as Bluetooth and Near Field Communications (NFCs).

The document states: "The risk is not merely theoretical [as] these malicious techniques are publicly known and in use […] Malicious actors can scan for active Bluetooth signals, potentially giving them access to information about the targeted device. They can then leverage that information to compromise the device."

Bluejacking, Bluesnarfing and Bluebugging Explained

The NSA document highlights the dangers of "Bluejacking," "Bluesnarfing" and "Bluebugging".

These all relate to exploiting a wireless connection to somebody's device without their knowledge, although the end results are different in each case.

Bluejacking is when somebody uses wireless connectivity to send you unsolicited messages. Unless you click on any links or give away personal information, this can be relatively harmless and is often used just to annoy people.

Bluesnarfing is more serious, as it entails the actual theft of information (including images, calendars, messages, videos, documents and contact lists) over Bluetooth.

Bluebugging is more worrying still, allowing a hacker to access your device and take full control of it. Once they have done so, they are able to eavesdrop on your conversations, make phone calls, send messages and raid your files.

How To Be Safe With Bluetooth

If the above has scared you off using Bluetooth or wireless devices again, rest assured that it's probably fine for most people.

However, there are a few things you can do to increase your cyber-security when using Bluetooth. IT provider CPI Solutions recommends that you turn off "discoverable mode" whenever you are not using it, minimize unnecessary use of Bluetooth in public settings wherever possible, do not accept pairing requests from unknown contacts and activate two-factor authentication for any important apps or programs.

It is also generally smart to look out for any unusual activity on your phone. If you notice that it is sporadically connecting and disconnecting from the internet, turning off without warning, or that there is call history you do not recognize, this may indicate that somebody has been Bluebugging you.

To mitigate this, it is recommended that you turn off discoverable mode and only accept pairings from trusted users. Finally, make sure your Bluetooth devices are updated to their newest versions, so they are running with the latest security software.

The Bluetooth Special Interest Group, which develops the wireless technology, told Newsweek on Wednesday:"The Bluetooth Special Interest Group prioritizes security and the specifications include a collection of features that provide product developers the tools they need to secure communications between Bluetooth devices.

"The SIG also provides educational resources to the developer community to help them implement the appropriate level of security within their Bluetooth products, as well as a vulnerability response program that works with the security research community to address vulnerabilities identified within Bluetooth specifications in a responsible manner."

Update 12/08/21, 7:30 a.m. ET: This article was updated to add a statement from the Bluetooth Special Interest Group.