Can someone connect to my Bluetooth without me knowing?
I am considering getting bluetooth headphones for use with my PC and also ipad, my question is how vulnerable am I with bluetooth on?
The answer to - Can someone connect to my Bluetooth without me knowing is that you first need to consider what kinds of attacks you're at risk of being victimised by. Possible Attacks
When using Bluetooth headphones, I can think of the following attacks you might be concerned about:
Traffic snooping (someone reading the data which is going over the connection, or just noticing that a connection exists at all - perhaps revealing that you're listening to something at that time)
Traffic modification (someone altering the data which is going over the connection)
Service disruption (preventing your headphones from working, probably by flooding the airwaves with random or spammy data)
Infiltration (using your PC or iPad's bluetooth capabilities to gain unauthorised access to the PC or iPad)
Let's consider each attack in turn:
This question here on security.stackexchange indicates that Bluetooth is encrypted by default. Many devices exist for capturing Bluetooth traffic as it passes over the airwaves, but the encryption means understanding your traffic won't be as simple as just setting up a Bluetooth sniffer and reading the traffic directly. On the other hand, I don't think there is a guarantee of a minimum key strength on the encryption -- the encryption isn't guaranteed to be strong. You'll need to read the specifications of your devices to find out how trustworthy the encryption is. To listen to your Bluetooth traffic, an attacker would have to either break or bypass the encryption on the traffic which is likely only going to be feasible for an attacker of medium sophistication or better.
An attacker could merely note the presence of the Bluetooth connection. This attacker wouldn't know what is going over the connection, only that the connection exists. In context, this means the attacker would know your Bluetooth headphones are connected and are communicating with the connected PC or iPad. I suppose this might be useful to try to triangulate your position or determine if you're physically vulnerable (because you're distracted by your killer jams). As stated above, your Bluetooth connection will likely be encrypted. This means an attacker seeking to modify the traffic must somehow subvert the encryption.
This is possible, but is even more difficult than the first attack type. I can only think of general techniques for doing this, not specific techniques Bluetooth is definitely vulnerable to right now. The attacker might be running attack software on one of your Bluetooth devices so she can modify data as it arrives/departs, she might intercept your traffic then mirror it back out with modifications included, she might act as a relay between your two Bluetooth devices, etc. All of these depend on the attacker's ability to rapidly decrypt / re-encrypt the traffic. Casual attackers probably won't have this capability.
Jamming Bluetooth isn't as easy as jamming, say, WiFi. It's possible, but it's illegal and requires specialised equipment / software which a casual attacker is unlikely to possess. Yes, it is possible to use a Bluetooth connection to gain unauthorised access to a device but this is unlikely to happen to you.Such a connection could, in theory, do anything any other data connection could do. Most concerning among these are: exfiltrating sensitive data, running unauthorised code, or causing the device to malfunction. Look up Bluesnarfing and Bluejacking for some details and examples. However, and critically, there are many reasons to believe that this is not likely to happen to you. Modern Bluetooth devices generally require some kind of pairing sequence before they begin communicating with each other. This makes it difficult for someone with a Bluetooth device to connect to your device(s) without permission.
To bypass the pairing procedure, an attacker would have to find some kind of vulnerability in the stack of hardware and software which runs your Bluetooth connections. Really, an attacker would probably need to chain together multiple vulnerabilities to work her way from the Bluetooth connection itself into user space or kernel space on the target machine. This is very difficult!
A sophisticated attacker may be able to find and chain together such vulnerabilities, but most wannabe attackers either won't be able to find and exploit such vulnerabilities or will only be able to exploit well known vulnerabilities which a modern and well maintained device (like an iPad) will be secured against (always install Apple's latest security updates!)
Without such a vulnerability available, attackers can still contact your device and hope you give them access yourself. Defending against this is dead simple: Don't pair your devices with other unknown devices!
Assessing Your Personal Risk It is up to you to decide which attacks you're most concerned with, nobody can decide for you how much risk you're taking. Try to consider the likelihood of the attack along with the severity of harm should the attack succeed. For example, if you're a college student and the attacker is a prankster roommate playing music you don't like, then the likelihood may be medium or high but the severity is low. Overall, the risk is probably not a big deal. On the other hand, if you're a Chinese dissident living in Europe the likelihood of attack may be low or medium but the severity could be extreme (putting your contacts in China at risk of imprisonment or worse). Overall, the risk is strongly concerning.
Mitigating the Risks You have choices for risk mitigation. You can painstakingly review the Bluetooth implementations in the devices you want to use so you know how new devices connect, how strongly the connection is encrypted, etc. Compare that against your personal risk profile and decide how much risk you're willing to bear in exchange for using the technology. Then you can choose to use the devices or not.
Critically, note that Bluetooth is generally considered to be "short range". These attacks require that the attacker (or the attacker's equipment) be physically close to your Bluetooth connection. This must factor into your mitigation decisions. If you will only use the Bluetooth devices in the country, far from other people, your risk is significantly lowered. If you will use the devices walking along crowded streets every day, your risks are increased.
My Recommendation For Most Users
Realistically, typical users have very little to worry about from using Bluetooth headphones. Unless you know you're some kind of special target (again consider the Chinese Dissident example), you probably can use the headphones without fear. At most you might consider turning off your PC's and iPad's Bluetooth connections when they're not in active use. I've written this whole answer while listening to music with Bluetooth headphones. I use them nearly every day, in public and private (incl. well trafficked spaces like airports), and have never had a security problem because of them.