this post was submitted on 03 Jun 2026
182 points (98.4% liked)

Technology

85134 readers
6122 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 3 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
182
Pwnd Blaster: Hacking your PC using your speaker without ever touching it (blog.nns.ee)
submitted 1 day ago by JensSpahnpasta@feddit.org to c/technology@lemmy.world
21 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] homesweethomeMrL@lemmy.world 20 points 1 day ago (2 children)

Came to comment the same.

Getting in touch with Creative was a frustrating process.

They do not have any security contacts. In fact, I wasn't even able to find regular contacts that wasn't just a support form on their website. I tried (two times) to get in contact with them via the web form before giving up and contacting SingCERT to act as an intermediary, hoping they would have better luck reaching Creative.

Initially, SingCERT didn't seem to be able to get in contact with Creative either. It took Creative nearly two months to respond to SingCERT. Unfortunately, their response was that "they do not consider this to be a vulnerability, as it does not present a cybersecurity risk". I don't know how they reached this conclusion, but it became clear that Creative had no interest in responding to or addressing this issue.

That and it has a microphone built in.

[–] KryptonNerd@slrpnk.net 5 points 10 hours ago

Well I won't be buying another creative product ever again

[–] aMockTie@piefed.world 6 points 15 hours ago

I don't understand how this can still happen with a well known brand in 2026. Personally the microphone is the least concerning aspect of this finding, since a Bluetooth connection would still be required. With more dedicated research, the BadUSB aspect is far more concerning in my book. Plug the speaker into a computer, even once and only to charge, and the computer is pwned? Preventing any future patching? I don't know how I could ever trust one of these devices going forward.