Thursday, October 8, 2015

Stop Your Wearable Hardware Becoming A Security Threat

How To Stop Your Wearable Hardware Becoming A Security Threat

You might not realize it, but wearable technology first arrived on our shelves as long ago as the mid-1970s when Casio started to produce their historic “calculator watches“. Thankfully, the technology has moved on significantly, with the latest smartwatches and smart eyewear now packing as much computing power as some low-spec laptops.
The current generation of smartphone-esque smartwatches first started to go on sale in 2013, and by the end of 2014, 6.8 million devices had been sold. Whether you think those figures represent success or failure is somewhat immaterial; there are now at least 6.8 million new attack points for thieves and criminals.

Here we take a look at how to stop your new wearables becoming a security threat…

Keep Your Device Updated

In the same way that you should always install updates for your Windows or Mac machine when they become available, you should also ensure that your wearable is running the latest version of the operating system (OS).
Of course, there is an argument that says you should wait for a couple of weeks after a new laptop or smartphone OS is released so that any initial bugs can be ironed out. However, that doesn’t apply to wearables (yet) – because of the rapidly evolving nature of the technology it’s better to stay as up-to-date as possible.

You also need to ensure that all your apps are up-to-date. While developers have now had almost a decade to familiarize themselves with the nature of creating apps for smartphones, several of them are making their first forays into the smartwatch world. This lack of expertise inherently means accidents will happen and security vulnerabilities will slip through the net.
The biggest developers will naturally move to close these flaws as soon as they are discovered. Therefore, from an end-user perspective, you need to check that all app updates are installing automatically.

Don’t Sync Your Wearable with Your Smartphone

One of the major attractions of smartwatches is their ability to sync with your smartphone. The idea is to make the devices offer their users a seamless experience, regardless of which gadget they are interacting with.
In practice, it’s a security nightmare.

The problems arise from the way the two devices “talk” to each other. At the moment they mostly rely on a six-digit PIN code. Six digit codes have roughly one million keys, meaning the credentials can be easily brute-forced by attackers. If they are successful, all the devices’ communications will be displayed in plain text.
In 2014, Researchers from the Romania-based security firm Bitdefender carried out a proof-of-concept attack. They used a Samsung Gear Live smartwatch that was paired with a Google Nexus 4 – it was hacked in minutes.
Therefore, until the devices become more robust, you are safer if you use the products as standalone gadgets rather than as one giant ecosystem.

Disable Wireless Health Products

Wearable technology has applications and benefits beyond the consumer facing products like smartwatches and fitness bands.
It has also played a major role in the healthcare industry. There are now a wide variety of products that are “worn” inside the body and that relay real-time information about your condition to a doctor. In fact, devices such as insulin pumps, glucose monitors, and pacemakers all now have wireless capabilities.

These wireless capabilities bring dangers to the user by opening the devices up to potential hacking.
For example, in 2012, security vendor IOActive announced to the Breakpoint Security Conference in Melbourne that there were flaws in the programming of the wireless transmitters in pacemakers. These flaws meant the devices could be used to deliver an 830-volt electric shock to the wearer. The news prompted former US vice president Dick Cheney to disable the wireless capability of his own heart pump.
Do you need wireless capability in health devices? If it’s not absolutely essential, disable it.

Physical Security

It would be remiss to write an article about wearable device security without mentioning the more traditional “physical” threat. Although the devices may open up a whole new arena for hackers and cyber-criminals, the nature of wearable technology you need to keep your wits about you when you’re on the street as well.

Gadgets such as Google Glass can be easily stolen from your face while you’re wearing them, while watch-snatchers are almost as old as watches themselves.
The upshot is that all the usual recommendations about safety in public apply – don’t display your gadgets prominently or draw attention to them, be wary of strangers who approach you for no reason, and be extra careful in tourist areas, at public events, and in other densely-packed locations.

Can You Ever Be 100 Percent Safe?

Does the wearable market automatically create weaknesses that can be exploited? Undoubtedly so – especially if you’re a privacy nut.
For instance; federal officials have recently reprimanded the makers of fitness bands like Fitbit, Jawbone UP, and Nike+ after it emerged they sold user data for use in clinical research studies. There are also concerns about their geo-location monitoring – if a hacker gets access to it they can quickly build up a detailed picture of your daily routine.

Additionally, smart clothing typically uses easily-interceptable Bluetooth technology to transmit the biometric and physiological data it collects, while several smart eyewear gadgets have always-on cameras; they can record private information such as PIN numbers and passwords, as well as social information such as what you’re doing and who you’re with.
The problem is that by not using these features, you are removing a considerable portion of device’s “smart” capabilities. There’s no clear answer to the problem – for now you’ll need to compromise and find your own balance between usefulness and intrusion.

How Do You Stay Safe?

Are you on-board with the wearable tech revolution? What devices do you use? How do you keep yourself safe?
Perhaps you’re on the other side of the fence. Are the privacy and security concerns too great for you at the moment? What would need to change to make you change your mind?
Leave your thoughts and ideas in the comments section below and see if other MakeUseOf readers agree with your opinions!
Image Credits:Google Glass by Dan Leveille via Wikipedia
Source: www.makeuseof.com

No comments:

Stream for free

I was written to because I cited Roku on  this page  at Balunywa Bytes.  Here at KillTheCableBill.com, we're helping people beat inflati...