Fitness trackers, mobile apps shown to leak sensitive data

click to enlargeAn unnerving 35-page report published by Canadian nonprofit OpenEffect, assisted by the Citizen Lab at the Munk School of Global Affairs, University of Toronto, claims that leading fitness trackers and their corresponding mobile apps are veritable sieves of personal data, inviting security breaches. Where Hackermania Runs Wild starts with lack of Bluetooth LE privacy, allowing tracking via Bluetooth even when the tracker isn’t paired to a smartphone. Then many of the companion apps leaked login credentials, transmitted activity tracking information in a way that allowed interception or tampering, or allowed users (or others) to insert false activity tracking information. The trackers studied were the Basis Peak, Fitbit Charge HR, Garmin Vivosmart, Jawbone Up 2, Mio Fuse, Withings Pulse O2 and Xiaomi Mi Band. Notably the Apple Watch 2.0 was secure.  The full report is titled dramatically “Every Step you Fake: A Comparative Analysis of Fitness Tracker Privacy and Security”. Security article, study in PDF, TheStar.com. Hat tip once again to Toni Bunting, former Northern Ireland Contributing Editor. 

Categories: Latest News.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>