Home » Activism, Europe, Manipulation, Survival, Technology » Romanian Experts Reveal Android Watches Vulnerability


Romanian Experts Reveal Android Watches Vulnerability

 
 
 
 
 
submit to reddit

For this proof-of-concept, a Nexus 4 Android phone equipped with Android L Developer Preview and Samsung Gear Live (pictured) were used – and hackers could read messages sent to the watch.

They are touted as the next bit thing in technology smartwatches that can keep you up to date right from your wrist.

However, Romanian experts from famous Bitdefender Antivirus have warned they could also be the next big target for hackers.

A video reveals just how easy it is to read messages sent to a smartwatch running Google’s Android software.

‘Smartwatches, bands and devices all have a lack of security.

‘We trust these devices with everything from messages and Facebook updates to biometric information,’ said Liviu Arsene of Bitdefender, which uncovered the issue.

‘Everything from SMS messages to Facebook or Google Hangouts chats are constantly being forwarded to your smartwatch.’

He found that Google’s Android Wear software relies on a six digit pin code to link to watches.

‘This six digit pin code can be easily bruteforced,’ he said.

‘It was not all that that difficult to do.’

‘Because the Android Wear obfuscation relies on a pin code of only six digits during the initial pairing, an attacker wouldn’t take long to brute-force number and start reading your conversations in plain-text,’ he wrote.

‘Of course, this means an attacker would have to be fairly near the victim and log all intercepted Bluetooth data packets, but the large-scale adoption of such an exploit could be fueled by the increasing number of smartwatches or smartbands.

‘Weaponizing it could only be a matter of time.’

For the proof-of-concept, a Nexus 4 Android device equipped with Android L Developer Preview and Samsung Gear Live were used.

‘The implications of these recent findings are only moderately surprising – we know from past experience that adoption of new technologies does not always go hand-in-hand with better security practices.’

Android Wear watch was unveiled by Google at its developer conference in San Francisco earlier this year.

The firm showed off the latest watches running Android wear, a version of Android designed for wearable computers.

‘It’s finally possible to make a powerful computer small enough to wear on your body,’ said Google’s David Singleton.

It showed off the LG G watch, which shows the users the most relevant alert at the time – for instance, a flight they are about to get or an upcoming meeting.

Google also revealed apps for its watches, including a food ordering app from Eat that allows users to order favourite food directly from their wrist, and a recipe app called allthecooks that walks users through recipes on the watch face.

Using special software the team was able to ‘brute force’ a six digit passcode used to link the phone to the watch – and then read messages sent to it.

LG said the G Watch would initially be made available to 12 countries including the US, UK, France, Germany and Japan, adding that it would announce its price and shipping date shortly.

‘As one of the first Android Wear devices to market, we see this as the beginning of a long-term commitment to making wearables running Android Wear a household name,’ said Dr. Jong-seok Park, president and CEO of LG.

‘We’re confident that once consumers see how useful and compelling LG G Watch can be, it will be integrated into their daily lives, just as smartphone have done.’

Source

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  



RELATED ARTICLES

Did you like this information? Then please consider making a donation or subscribing to our Newsletter.
Copyright © 2009 The European Union Times – Breaking News, Latest News. All rights reserved.