Google designed the wireless protocol known as Fast Pair to optimize for ultra-convenient connections: It lets users connect their Bluetooth gadgets with Android and ChromeOS devices in a single tap. Now one group of researchers has discovered that the same protocol can also enable hackers to connect with that same seamless convenience to hundreds of millions of earbuds, headphones, and speakers. Worse yet, certain devices sold by Google and Sony that are compatible with Google’s device geolocation tracking feature, Find Hub, could also be exploited to allow stealthy, high-resolution stalking. In less than 15 seconds, we can hijack your device,” says KU Leuven researcher Sayon Duttagupta. However, given that very few consumers ever think about updating the software of internet-of-things devices like headphones, earbuds, or speakers, the KU Leuven researchers warn that the WhisperPair vulnerabilities may still persist in vulnerable accessories for months or years to come.