Amazon has
JBL Live Beam 3 True Wireless Noise-Cancelling Earbuds (Silver, JBLLIVEBEAM3SILAM) on sale for
$99.95.
Shipping is free.
Walmart also has
JBL Live Beam 3 True Wireless Noise-Cancelling Earbuds (Silver, JBLLIVEBEAM3SILAM) on sale for
$99.95.
Shipping is free.
Thanks to Deal Hunter
htp182 for finding this deal.
Product Details:
- Hi-Res Audio Wireless with JBL signature sound
- Convenient Smart Charging Case for app-free control
- True adaptive noise cancelling with custom control
- 48 hours total playback plus wireless charging
- 6 mics for perfect calls you can customize yourself
- Multi-point connection
- Google Finder and Audio Switch
- IP55 waterproof and dustproof
- Stay in control with the JBL Headphones app
- Personi-Fi 3.0
- UPC: 050036401227
Top Comments
Join The Conversation
Share information with the community. Please follow our Community Guidelines and be kind!
9 Comments
Sign up for a Slickdeals account to remove this ad.
Our community has rated this post as helpful. If you agree, why not thank El_Cheapo_Guzman
https://www.youtube.com/watch?v=H...yV0
I cheated and used AI to summarize the video so you don't have to watch all of it to know what's going on.
Based on the video from Low Level, the attack exploits a vulnerability in a widespread Bluetooth chipset SDK (specifically from a company called Airoha) used by major headphone manufacturers like Apple (Beats), Bose, Sony, JBL, and Jabra.
Here is how the attack works and how it spreads from device to device:
How the Attack Happens
- Unauthenticated Protocol Access: The root cause is a custom configuration protocol called the RACE protocol [06:22]. This protocol was originally intended to configure the chipset via USB (using a PC tool), but researchers found that it is also fully accessible over Bluetooth (via GATT or RFCOMM transport) without requiring any authentication [03:43, 04:02].
- Memory Exploitation: Because an attacker within Bluetooth range can access this protocol without authenticating, they can send commands to directly read and write to the headphone's RAM and flash memory [06:27].
- Remote Code Execution (RCE): By dumping the RAM, an attacker can map out how the memory is structured [06:31]. They can then write their own custom shellcode directly into the RAM and overwrite specific memory locations (like link registers) to hijack execution flow and run unauthorized code on the headphones [06:39].
- Phone Impersonation: Once code execution is achieved, the attacker can pull the cryptographic Bluetooth link keys stored in the headphone's memory [09:15]. These keys are what the headphone uses to authenticate with the user's smartphone. With these keys, the attacker can impersonate the headphones to spy on calls, listen via the microphone, or issue hands-free commands to the connected phone [01:13, 09:22].
How the Attack Spreads (Wormable Mechanics)The video notes that this attack is wormable, meaning it can propagate autonomously from one device to another over the air without requiring any user interaction [07:53].
Sign up for a Slickdeals account to remove this ad.
Noise canceling is great, calls are great, you can use your case or the app to find your misplaced bud(s), buds have a real world 8 hours between charges, the case charges them quickly when you do use it. Like air pods this automatic connected to our android phone upon opening the case. We both switched to flagship Android phones so could not say if this is the case for Apple phones.
I have owned it for over 6 months and never had an issue with one or both sides not working outside of it not being charged.
Join The Conversation
Share information with the community. Please follow our Community Guidelines and be kind!