Open in app

Sign in

Write

Sign in

The Cybersecurity of Headsets

Prof Bill Buchanan OBE FRSE
2 min readMar 3, 2023

For video sessions, I don’t like wearing audio headsets, and which enclose both ears. So this is the device I bought:

It is a great headset, and you can even connect it to multiple computers at the same time. But, what about its cybersecurity? Well, it fails completely, and shows some of the weakest security I have seen for the connection of devices to your machine. For this, we need to look at the digital certificate that it adds to your machine:

These are root certificates on the machine, and can be used to approve software and hardware installs for the computer. If we view the digital certificate we get:

This contains a 4K RSA public key and which was issued on 7 March 2022. But the problem here is that this is a root certificate, and can be used to sign for any software and hardware that is added to my machine. Also … and worst of all … it is self signed! The trust level in a self-signed certificate is … ZERO!

--

--

Prof Bill Buchanan OBE FRSE
Prof Bill Buchanan OBE FRSE

Written by Prof Bill Buchanan OBE FRSE

33K Followers
39 Following

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.

Responses (2)

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams