Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sniffing and Tracking Wearable Tech and Smartphones

Posted by samzenpus on from the all-the-better-to-follow-you-with dept.

An anonymous reader writes: Senior researcher Scott Lester at Context Information Security has shown how someone can easily monitor and record Bluetooth Low Energy signals transmitted by many mobile phones, fitness monitors, and iBeacons. The findings have raised concerns about the privacy and confidentiality wearable devices may provide. “Many people wearing fitness devices don’t realize that they are broadcasting constantly and that these broadcasts can often be attributed to a unique device,” said Scott says. “Using cheap hardware or a smartphone, it could be possible to identify and locate a particular device – that may belong to a celebrity, politician or senior business executive – within 100 meters in the open air. This information could be used for social engineering as part of a planned cyber attack or for physical crime by knowing peoples’ movements.” The researchers have even developed an Android app that scans, detects and logs wearable devices.

3 of 56 comments (clear)

  1. Kinda neat for sign-in sign-out systems by Brulath · · Score: 5, Interesting

    Broader privacy implications aside, it's actually kind of neat to be wearing a device which can identify when you're in a particular space and how long for. We have a volunteer tech group working on projects at our local museum and one of the guys implemented a fitbit scanner to identify when people were present and how long for (which is useful, as bureaucracy dictates we sign in/out for fire and visitor-tracking reasons). Every few minutes it broadcasts a request for fitbits, and all those within range respond. They return a mac which can be linked back to a fitbit account, if the user has authorised us to access it, which makes it a bit easier to identify the person who owns the fitbit. We could probably replace it with another sign in system, but passive is kind of neat when you want it.

    I assume resolving the identifying problem wouldn't be as easy as using a random mac?

  2. Re:Really? by TWX · · Score: 3, Interesting

    I'm guessing that most people think that they're secure in their privacy unless they're forced into a confrontation that proves they aren't. Look at all of the corporate officers that get busted with e-mail and text messages that document their white-collar crimes. Those people are supposed to be pretty smart and even they still don't understand how the technology or the law actually work.

    --
    Do not look into laser with remaining eye.
  3. HIPPA by sunderland56 · · Score: 3, Interesting

    Isn't leaking personally identifiable health information a violation of HIPPA?