Surprising No One, or Possibly Everyone, Fitness Trackers Aren’t Secure

The Citizen's Guide to the Future
Aug. 1 2014 1:33 PM

Surprising No One, or Possibly Everyone, Fitness Trackers Aren’t Secure

fitness
Are fitness trackers leaking data?

Graphic from Shutterstock/JMici.

We all know that cybersecurity is a problem. Twitter accounts, credit card data, and all manner of portable gadgets get hacked every day. So we’ve all kind of been waiting for the other shoe to drop with wearables, right? Or maybe we’ve made the same mistake we always make and blissfully assumed that our fitness trackers were secure. Well, they're not.

In the study “How Safe Is Your Quantified Self?,” security giant Symantec explores vulnerabilities in everything from dedicated wearable trackers to apps that coordinate with smartphone sensors to collect fitness data. And the results are concerning. The study explains, “Symantec has found security risks in a large number of self-tracking devices and applications. One of the most significant findings was that all of the wearable activity-tracking devices examined, including those from leading brands, are vulnerable to location tracking.” All of them.

Advertisement

Symantec describes how the more elements there are in quantified-self data collection, the more points of access there are for hackers. For example, if data is stored on a wearable device, is synced to a PC or smartphone, is stored on that additional device, and is also stored in the cloud, there are many opportunities for theft or infiltration into the system.

The company found that all the wearables it tested could be hacked to do location tracking on an individual, and it was especially easy on models using Bluetooth LE. Additionally, 20 percent of apps Symantec looked at sync login credentials without any encryption. And the apps and devices leak tons of raw data that may seem harmless, but can give hackers information about personal details like your daily schedule or sex life:

We ... found that even devices that are not obviously traceable can still be tracked wirelessly due to implementations that do not use available privacy features ... We would conclude that there are positive signs that some vendors are doing the right things, but far too many are not. Just how safe is your quantified self? We think that it could be an awful lot safer than it currently is.

It’s an especially bleak report when you think about how the rise of fitness trackers has largely overlapped with revelations about the reach and depth of government surveillance worldwide. People just want to trust their devices no matter how much evidence there is that they probably shouldn’t.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Lily Hay Newman is lead blogger for Future Tense.

TODAY IN SLATE

Politics

The Democrats’ War at Home

How can the president’s party defend itself from the president’s foreign policy blunders?

An Iranian Woman Was Sentenced to Death for Killing Her Alleged Rapist. Can Activists Save Her?

Piper Kerman on Why She Dressed Like a Hitchcock Heroine for Her Prison Sentencing

Windows 8 Was So Bad That Microsoft Will Skip Straight to Windows 10

We Need to Talk: A Terrible Name for a Good Women’s Sports Show

Politics

Cringing. Ducking. Mumbling.

How GOP candidates react whenever someone brings up reproductive rights or gay marriage.

Music

How Even an Old Hipster Can Age Gracefully

On their new albums, Leonard Cohen, Robert Plant, and Loudon Wainwright III show three ways.

The U.S. Has a New Problem in Syria: The Moderate Rebels Feel Like We’ve Betrayed Them

The Ludicrous Claims Women Are Pitched at “Egg Freezing Parties”

Behold
Oct. 1 2014 11:48 AM An Up-Close Look at the U.S.–Mexico Border
  News & Politics
The World
Oct. 1 2014 12:20 PM Don’t Expect Hong Kong’s Protests to Spread to the Mainland
  Business
Moneybox
Oct. 1 2014 2:16 PM Wall Street Tackles Chat Services, Shies Away From Diversity Issues 
  Life
The Eye
Oct. 1 2014 1:04 PM An Architectural Crusade Against the Tyranny of Straight Lines
  Double X
The XX Factor
Oct. 1 2014 2:08 PM We Need to Talk: Terrible Name, Good Show
  Slate Plus
Political Gabfest
Oct. 1 2014 1:53 PM Slate Superfest East How to get your tickets before anyone else.
  Arts
Brow Beat
Oct. 1 2014 2:24 PM The New Interstellar Trailer Is the Most Exciting Yet
  Technology
Future Tense
Oct. 1 2014 2:26 PM The Apple Graveyard Leave a flower for a dead Apple product.
  Health & Science
Bad Astronomy
Oct. 1 2014 12:01 PM Rocky Snow
  Sports
Sports Nut
Sept. 30 2014 5:54 PM Goodbye, Tough Guy It’s time for Michigan to fire its toughness-obsessed coach, Brady Hoke.