recycledspace.com my laboratory experiment served hot by Benoit Beauchamp

Major Bluetooth vulnerability

An unauthenticated, remote attacker within range may be able to utilize a man-in-the-middle network position to determine the cryptographic keys used by the device. The attacker can then intercept and decrypt and/or forge and inject device messages.

More information here, here, and news article here, here.

I wonder about all the hardware that is not possible to update.