http://www.theregister.co.uk/2014/08/04/your_fitness_tracker_is_a_snitch_says_symantec/
By Richard Chirgwin
The Register
4 Aug 2014
If you're the kind of person whose gadgets auto-tweet your exercise, sex
or sleep habits – all vanguard applications of the odiously-named
“quantified self” movement – you can be tracked, identified and hacked,
according to Symantec.
In this post, the security outfit explains that the age-old desire for
gadget convenience has, once again, taken security out behind the shed for
a quiet bullet.
With a handful of suitably-equipped Raspberry Pi devices, the company
says, it was able to demonstrate that devices are trackable, some of them
use apps that pass sensitive data in clear text, data leakage is common,
and some offerings had poor security at the server-side.
Both wearables and apps that use smartphone sensors were examined in the
test.
The tracker-tracker, which Symantec dubs “Blueberry Pi”, is nothing more
than an RPi with Bluetooth 4.0, a battery pack, a 4GB SD card, open source
software and a little custom scripting, put together for $USD75. These
were tested in public areas in Ireland and Switzerland, including at a
public footrace.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
