Welcome to The CITE -- a blog on Course materials, Innovation, and Technology in Education, created by Mark Nelson and now part of the Publications Department of the National Association of College Stores. CITE is a pun with multiple meanings - referring to cite as in citation, something people reference; site as in location, website, or place people go to; and sight as in foresight or looking ahead to what is coming. Comments, discussion, feedback and ideas are welcome.

Friday, February 12, 2016

Are Fitness Bands a Security Risk?

A new report found that most of the popular fitness trackers do a bit more than just count the number of steps the user has taken. They let others in on your progress as well.

In the early draft of Every Step You Fake: A Comparative Analysis of Fitness Tracker Privacy and Security, the Canadian nonprofit Open Effect said that all the devices it studied transmitted a unique Bluetooth identifier that can be tracked by beacons that many retailers are using to recognize their customers. Only the Apple Watch had a technique to block the beacons, according to a report in PC World.

The bands can be tracked even if they’re not paired with a smartphone, according to the researchers. Companion apps for the wearables also leak login credentials, allowing users to submit fake tracking information.

“In the course of our technical investigations into transmission security, data integrity, and Bluetooth privacy, we discovered several issues that confirm concerns about the potential uses of fitness-tracking data beyond the typical case of a user monitoring their own personal wellness,” wrote the authors of the report. “The fitness data generated by several wearable devices can be falsified by motivated parties, calling into question the degree to which this data should be relied up for insurance or legal purposes.”

No comments: