Slashdot Mirror

← Back to Stories (view on slashdot.org)

MiSafes' Child-Tracking Smartwatches Are 'Easy To Hack' (bbc.com)

Posted by BeauHD on from the not-so-safe-after-all dept.

The location-tracking "MiSafe" smartwatch may not be as safe as the name proclaims. According to security researchers from Pen Test Partners, the watches are easy to hack as they do not encrypt the data they use or secure each child's account. The researchers found that they could track children's movements, surreptitiously listen in to their activities and make spoof calls to the watches that appeared to be from parents. The BBC reports: The MiSafes watch was first released in 2015. It uses a global positioning system (GPS) sensor and a 2G mobile data connection to let parents see where their child is, via a smartphone app. In addition, parents can create a "safe zone" and receive an alert if the child leaves the area. The adult can also listen in to what their offspring is doing at any time and trigger two-way calls.

Pen Test Partner's Ken Munro and Alan Monie learned of the product's existence when a friend bought one for his son earlier this year. Out of curiosity, they probed its security measures and found that easy-to-find PC software could be used to mimic the app's communications. This software could be used to change the assigned ID number, which was all it took to get access to others' accounts. This made it possible to see personal information used to register the product, including: a photo of the child; their name, gender and date of birth; their height and weight; the parents' phone numbers; and the phone number assigned to the watch's Sim card.

29 comments

  1. Hmmm by Anonymous Coward · · Score: 1

    Crack it in half and see if it still has a pulse

    1. Re: Hmmm by edris90 · · Score: 2, Insightful

      Jokes and parody are specifically protected from censorship . As well as the confines and tides of good taste

    2. Re: Hmmm by Anonymous Coward · · Score: 1

      Shut up.
      Back on topic, all these smartwatches suck. The wife bought a GizmoGo from Verizon and it sucked. The location tracking was horrible, inaccurate, and suffered from excessive dead spots. It also only updated while you had the App open, which made it useless if the watch was in a dead spot.. the "last seen" location would be the last place you had seen it in the App, not the last place it had cell tower service. And if the child held down the right buttons it would factory reset and you had to have physical access to set it back up.
      Then they updated the App and it just flat quit working entirely. After several hours of bad noise we managed to get a refund. I've looked at several other brands but they all appear to suffer similar problems.

    3. Re:Hmmm by Anonymous Coward · · Score: 0

      Wow, one of the editors and you've been modded down to negative one. Fantastic.

      Consider this: what the actual fuck has our society come to, that anyone thinks that it's okay to market what amounts to a convicts ankle monitor to put on kids? That's essentially what this is. What ever happened to 'parenting'? Where you actually pay attention to where your kid is, what they're doing, and who they're with? You know, that thing called 'supervision'? Instead of actually parenting you surveil your own kid with some goddamned smartphone app? I suppose it also allows you to hear what's going on, for maximum creepy-ass surveillance. Meanwhile I'm sure it gives the kid an overwhelming sense of being trusted by their parents, and 'helicopter parents' probably cream their jeans because they can be as micromanaging as their OCD demands. Oh and of course the implementation of said surveillance-and-tracking device is so shitty that the pedo network would hack into it and use it as a menu system for their filthy appetites.

      Things like this disgust me and make me think that perhaps our society should be doomed to failure, we clearly fucked up somewhere along the line.

    4. Re:Hmmm by Zontar+The+Mindless · · Score: 1

      That is NOT one of the editors.

      --
      Il n'y a pas de Planet B.
    5. Re:Hmmm by Anonymous Coward · · Score: 0

      Are you complaining about the joke of cracking the watch in half?
      Or are you complaining about the joke of cracking the KIDS in half? opps...I didn't think of this second alternative until your thin-skinned, intolerant, knee-jerk-reaction, trolling, childish reaction.
      If it was sarcastic humor also, then all is even better -- LOL

    6. Re:Hmmm by Anonymous Coward · · Score: 0

      "Where you actually pay attention to where your kid is, what they're doing, and who they're with?"

      You mean using armed guards instead?

    7. Re: Hmmm by Type44Q · · Score: 1

      May as well be. ;)

    8. Re: Hmmm by Anonymous Coward · · Score: 0

      They can be surprisingly good. They *can* also be encrypted. Encryption takes electrical power., and people are reluctant to build power consumption into the most basic functions of a lightweight application. But I was involved in the programming for a particular portable location device, and had some very long discussions with the author of most of the software (I Had to explain that it was not OK to simply scrape the copyright notices off a software library and copy the source files into your own application!)

      I'm going to hold there, but I know of at least that one portable app that works *really well*.

    9. Re: Hmmm by Anonymous Coward · · Score: 0

      You must not have children.

      It is impossible to do enough to protect your own children. Yes, I want my children to learn to be independent and strong, but I want to know where they are and what they're doing every freaking second. Even better if they don't know I'm doing it. I'll let them run. I'll let them fall. I'll let them make their own mistakes and learn from them. But if things turn bad, daddy steps in.

      That's parenting.

    10. Re: Hmmm by Anonymous Coward · · Score: 0

      These can be invaluable for parents of special needs kids. My son is Autistic and nonverbal. He has no concept of danger. He doesn't respond to his name when called. He often runs from family friends saying hello to him.

      He really likes to run. He'll take off at a run and can be hard to keep up with because he can run through small gaps that I have to run around/over.

      A tracker watch is a last-chance safety feature to help find my son if he gets overwhelmed, runs, and either gets stuck or hides. When the neighborhood tries to help and search for him, it l makes him more scared & more likely to hide.

      Constantly leashing child so he can't run off is no way to parent, and even worse for a child.

      There have been families in national news who have lost a child from exactly what Iâ(TM)m describing. The parents were are in a park, walking 10 feet behind the child to give him a little freedom and independence. Suddenly he bolts and they lose him around a corner.

      His corpse was found a few days later hidden in a nearby pond.

  2. Smartwatches = pedo gadgets by Anonymous Coward · · Score: 0

    Any “smart” device will become a pedo device

    1. Re:Smartwatches = pedo gadgets by Anonymous Coward · · Score: 0

      Not that you care but there's difference with a pedo and creepy stalker, or a child abuser.

    2. Re: Smartwatches = pedo gadgets by Anonymous Coward · · Score: 0

      Truth. One is a sexual orientation you're born with and cannot change. Therefore must he accepted. The others are behaviors that are, and should remain, illegal.

    3. Re: Smartwatches = pedo gadgets by Anonymous Coward · · Score: 0

      There is no difference, not any that matters. Put them all to death, it makes no sense letting lowlife perverts live. Pedos, stalkers, child molesters: kill them and the world will be a better place.

  3. Total hax! by Anonymous Coward · · Score: 0

    With haxx0red haxx from haxx0rz!

    Nope, beauhd not k-rad either.

  4. Start them young by AndyKron · · Score: 1

    Child tracking smartwatches. What a great idea! You have to start them young so they feel comfortable with the 24/7 surveillance they'll be under for the rest of their life.

    1. Re:Start them young by Anonymous Coward · · Score: 0

      My son has autism. He can't ask for help. He disappeared Halloween night, turned up a couple of miles away, walked into somebody's home uninvited and asked if he could spend the night. Police were involved. Again.

      Even unsecure, this watch looks really helpful!

    2. Re: Start them young by Anonymous Coward · · Score: 0

      Have you thought about putting your kid out of his misery?

    3. Re: Start them young by Anonymous Coward · · Score: 0

      If you continue in your present pattern of life choices, the only thing you have to look forward to is a life of misery and loneliness.

      It is your choice, but I pity you if you don't seek help.

  5. Geezuz by GrBear · · Score: 1

    Had me head scratching for a second as I thought I read "child trafficking smartwatches".

  6. IMPERSONATING ME AGAIN? apk by Anonymous Coward · · Score: 0

    Zach Paterson/ZIP + c6gunner 'Greatest Hits': "I'm a much better programmer than APK" - by Anonymous Coward ZIP on Monday October 08, 2018 @11:27PM (#57449082)

    BIG TALK - ZIP has no programs to show as proof.

    I do https://news.slashdot.org/comm...

    (From registered /.ers liking/using/praising my work + 100k users worldwide)

    ZIP tried to take credit for what I solved before him https://tech.slashdot.org/comm...

    He codes? He can't EVEN READ!

    I show 2 ways to do it YOURSELF https://tech.slashdot.org/comm... - he can't.

    Delphi/FreePascal/ObjectPascal HAS no null-term'd string bufferoverflows https://developers.slashdot.or... - C does, C++ can UNLESS you do what I said 1st.

    He likes CODE SIGNING (it's been STOLEN & ABUSED) https://www.helpnetsecurity.co...

    MY METHOD CAN'T BE (upmodded +2 INTERESTING in CODING FOR DEFCON) https://it.slashdot.org/commen...

    ZIP says he has no /. acct "I don't have an account so I don't have mod points" https://news.slashdot.org/comm...

    Yet ZIP says he downmods me (IMPOSSIBLE w/ no /. acct.): "I down-modded a few of your post" - by Anonymous Coward "ZIP" on Thursday October 11, 2018 @11:31AM (#57461058)

    APK

    P.S.=> KEEP IMPERSONATING ME like https://science.slashdot.org/c... (I'd never say that OR bitch to do-NOTHING "ne'er-do-wells" like ZIP OR c6gunner https://linux.slashdot.org/com... (he 1st mocked me & impersonated me TWISTING /.ers words & after I FAIRLY challenged him to show HE DID BETTER & that was his response (weak))!

    Above EXPOSES your BLOWHARD incompetence... apk

  7. Thanks for the info by Anonymous Coward · · Score: 0

    I'm a pedophile, though I don't like them below age 11 or 12. I'll get sure to keep them in a safe place, or the watch so you have nothing to worry about.

    1. Re:Thanks for the info by supercell · · Score: 1

      I'm a pedophile, though I don't like them below age 11 or 12. I'll get sure to keep them in a safe place, or the watch so you have nothing to worry about.

      Then your probably not a pedophile. Look up the actual definition.

    2. Re:Thanks for the info by Anonymous Coward · · Score: 0

      I'm a pedophile, though I don't like them below age 11 or 12. I'll get sure to keep them in a safe place, or the watch so you have nothing to worry about.

      Then your probably not a pedophile. Look up the actual definition.

      Why not just include your own personal definitions of pedophilia and ephebophilia because I'm absolutely fucking certain that you have strong opinions about them, and would love to tell us more.

  8. Old tech still beats it. by Anonymous Coward · · Score: 0

    My child tracking chain still hasn't been hacked. No GPS and I still know my child's location within ten feet.

  9. and by sad_ · · Score: 1

    and nobody was surprised by this, sadly it's the case with almost every device connected to the internet at this point.

    --
    On a long enough timeline, the survival rate for everyone drops to zero.