Be careful about what you put to the test!
A few months ago Kyle Zak filed a case in which he claimed that his headphones were “spying” on him. At first, I thought that this was outrageous – there was no way that Bose could be spying on me (after all – I love my QuietComfort 35 headphones)!
I decided see if Zak was correct. I loaded up BurpSuite, pulled out my phone, downloaded Bose Connect, and started playing Pandora. Of course at first I saw the basic traffic that I would expect to see with any app – standard update checks, data being sent for debugging purposes, etc. I waited for the information to stop flowing, then opened Pandora. Shortly after starting Pandora, I could see information about my music being sent to an external data analytics company.
Was Bose really that stupid?
I was shocked by the time I had concluded my research. I never believed that a corporation as large as Bose could make such a serious mistake. At the end of the day, I chose to uninstall Bose Connect. They did come out with an update a few weeks later that allowed you to opt-out of the data sharing; however, I still choose to leave the app uninstalled.
To read my full findings, please visit https://bscc.support/files/bc_privacy/bose_connect_privacy_evaluation.pdf.