Surprising No One, or Possibly Everyone, Fitness Trackers Aren’t Secure

The Citizen's Guide to the Future
Aug. 1 2014 1:33 PM

Surprising No One, or Possibly Everyone, Fitness Trackers Aren’t Secure

fitness
Are fitness trackers leaking data?

Graphic from Shutterstock/JMici.

We all know that cybersecurity is a problem. Twitter accounts, credit card data, and all manner of portable gadgets get hacked every day. So we’ve all kind of been waiting for the other shoe to drop with wearables, right? Or maybe we’ve made the same mistake we always make and blissfully assumed that our fitness trackers were secure. Well, they're not.

In the study “How Safe Is Your Quantified Self?,” security giant Symantec explores vulnerabilities in everything from dedicated wearable trackers to apps that coordinate with smartphone sensors to collect fitness data. And the results are concerning. The study explains, “Symantec has found security risks in a large number of self-tracking devices and applications. One of the most significant findings was that all of the wearable activity-tracking devices examined, including those from leading brands, are vulnerable to location tracking.” All of them.

Advertisement

Symantec describes how the more elements there are in quantified-self data collection, the more points of access there are for hackers. For example, if data is stored on a wearable device, is synced to a PC or smartphone, is stored on that additional device, and is also stored in the cloud, there are many opportunities for theft or infiltration into the system.

The company found that all the wearables it tested could be hacked to do location tracking on an individual, and it was especially easy on models using Bluetooth LE. Additionally, 20 percent of apps Symantec looked at sync login credentials without any encryption. And the apps and devices leak tons of raw data that may seem harmless, but can give hackers information about personal details like your daily schedule or sex life:

We ... found that even devices that are not obviously traceable can still be tracked wirelessly due to implementations that do not use available privacy features ... We would conclude that there are positive signs that some vendors are doing the right things, but far too many are not. Just how safe is your quantified self? We think that it could be an awful lot safer than it currently is.

It’s an especially bleak report when you think about how the rise of fitness trackers has largely overlapped with revelations about the reach and depth of government surveillance worldwide. People just want to trust their devices no matter how much evidence there is that they probably shouldn’t.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Lily Hay Newman is lead blogger for Future Tense.

TODAY IN SLATE

Politics

The Democrats’ War at Home

How can the president’s party defend itself from the president’s foreign policy blunders?

Congress’ Public Shaming of the Secret Service Was Political Grandstanding at Its Best

Michigan’s Tradition of Football “Toughness” Needs to Go—Starting With Coach Hoke

A Plentiful, Renewable Resource That America Keeps Overlooking

Animal manure.

Windows 8 Was So Bad That Microsoft Will Skip Straight to Windows 10

Politics

Cringing. Ducking. Mumbling.

How GOP candidates react whenever someone brings up reproductive rights or gay marriage.

Building a Better Workplace

You Deserve a Pre-cation

The smartest job perk you’ve never heard of.

Hasbro Is Cracking Down on Scrabble Players Who Turn Its Official Word List Into Popular Apps

The Ludicrous Claims You’ll Hear at This Company’s “Egg Freezing Parties”

  News & Politics
Politics
Sept. 30 2014 9:33 PM Political Theater With a Purpose Darrell Issa’s public shaming of the head of the Secret Service was congressional grandstanding at its best.
  Business
Moneybox
Oct. 1 2014 8:34 AM Going Private To undertake a massively ambitious energy project, you don’t need the government anymore.
  Life
The Vault
Oct. 1 2014 10:49 AM James Meredith, Determined to Enroll at Ole Miss, Declares His Purpose in a 1961 Letter
  Double X
The XX Factor
Sept. 30 2014 12:34 PM Parents, Get Your Teenage Daughters the IUD
  Slate Plus
Behind the Scenes
Oct. 1 2014 10:54 AM “I Need a Pair of Pants That Won’t Bore Me to Death” Troy Patterson talks about looking sharp, flat-top fades, and being Slate’s Gentleman Scholar.
  Arts
Brow Beat
Oct. 1 2014 10:44 AM Everyone’s Favorite Bob’s Burgers Character Gets a Remix You Can Dance to
  Technology
Future Tense
Oct. 1 2014 10:27 AM 3,000 French Scientists Are Marching to Demand More Research Funding
  Health & Science
Bad Astronomy
Oct. 1 2014 7:30 AM Say Hello to Our Quasi-Moon, 2014 OL339
  Sports
Sports Nut
Sept. 30 2014 5:54 PM Goodbye, Tough Guy It’s time for Michigan to fire its toughness-obsessed coach, Brady Hoke.