Researchers at the University of Edinburgh in Scotland have conducted a security analysis of two commonly used Fitbit wearable fitness trackers, which revealed a technique for intercepting messages transmitted between fitness trackers and cloud servers, where their data is sent for analysis.
The team says this method could enable bad actors to access personal information and generate bogus activity records; they note the data also could be used to defraud insurance companies.
The researchers demonstrated a way to bypass the end-to-end encryption designed to protect tracker data by disassembling the devices and modifying information stored in their memory.
The team has developed guidelines to help manufacturers eliminate similar flaws from future system designs, while Fitbit has developed software patches to improve its devices' privacy and security.
From University of Edinburgh
View Full Article
Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA
No entries found