| |||||||||
| |||||||||
Current Filter: Security>>>>>Feature> How safe is your quantified self? Editorial Type: Industry Focus Date: 09-2014 Views: 2968 Key Topics: Security Monitoring Wearable technologies Encryption Password Protection Social Engineering Key Companies: Symantec Key Products: Raspberry Pi Bluetooth Low Energy Key Industries: Retail | |||
| Computing Security talks to Symantec's Orla Cox about the world of self-tracking, monitoring and wearable technology - and the issues around privacy these raise. Every single day, there are millions of people worldwide who are actively recording every single aspect of their lives, thoughts, experiences and achievements in an activity that is known as self-tracking - also referred to as 'quantified self' or 'life logging'. People who engage in self-tracking do so for various reasons. Given the amount of personal data being generated, transmitted and stored at various locations, privacy and security are important considerations for users of these devices and applications. However, there are risks to all of this. Symantec, for example, has found security risks in a large number of self-tracking devices and applications. One of the most significant findings was that all of the wearable activity-tracking devices examined, including those from leading brands, are vulnerable to location tracking, it claims. "Our researchers built a number of scanning devices using Raspberry Pi minicomputers and, by taking them out to athletic events and busy public spaces, found that tracking of individuals was possible," says Orla Cox, security operations manager, Symantec Security Response. "We also found vulnerabilities in how personal data is stored and managed, such as passwords being transmitted in clear text and poor session management." Many people who engage in self-tracking do it with gadgets such as electronic wristbands, smart watches, pendants, and even smart clothing. These gadgets typically contain a number of sensors, a processor, memory, and a communication interface. These gadgets enable the user to effortlessly collect, store, and transmit the data to another computer for processing and analysis. "Despite the growing use of specifically designed gadgets, smartphones are perhaps the most common way for people to perform self-tracking," she explains. "A modern smartphone is packed with a wide range of different sensors that can be used by many different self-tracking applications. Many people already carry smartphones with them, and the proliferation of free self-tracking apps makes it easier than ever for users to get into self-tracking."
MISPLACED TRUST? Symantec has examined what vendors are doing to protect users of their services by taking a closer look at some of the most popular quantified self devices and apps on the market. Here are some of its findings:
LOCATION TRACKING "However, this convenience comes with a price," Cox cautions. "The device may be giving away information that can allow it to be tracked from one location to another. To test how these devices could be tracked, we built some portable Bluetooth scanning devices using Raspberry Pi minicomputers and off-the-shelf components, which included a Bluetooth 4.0 adaptor, a battery pack and an SD card. All these components could be bought from a typical main street retailer. These were combined with open source software and some custom scripting. Each device cost no more than US$75 and could easily be put together by anybody with basic IT skills.
| ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |