Despite widespread assumptions about Bluetooth security, fundamental vulnerabilities in keyboard pairing mechanisms and authentication protocols continue to expose users to significant risks. While sophisticated cryptographic attacks on Bluetooth have been well-researched, basic security flaws in implementation remain overlooked.

In this session, Marc Newlin, principal reverse engineer at SkySafe, will share insights on:

• Novel link key extraction techniques for Apple Magic Keyboards
• Zero-click keystroke injection vulnerabilities affecting macOS, iOS and Android
• Impact analysis of unauthorized peripheral access on system security
• Complexities of coordinating multi-vendor vulnerability disclosure