Kids smartwatches found to have security flaws, allowing eavesdropping, location tracking
Inviato da cathycolby il Lun, 17/09/2018 - 18:52corpo:
Hackers could hijack the devices and use them to surreptitiously send messages to children. Norwegian Consumer Council
Researchers have found major security flaws in childrens' smartwatches that could let hackers hijack them.
In some cases, they could be used to track kids' locations, eavesdrop on them, <a href=https://saarc-smrc.org/it/nidora-recensioni-prezzi-come-funziona-recensioni-esperienza-composizione-posologia-effetti-collaterali-dove-acquistare-a-buon/>Nidora Descrizione</a> or send them messages.
<b>At least one retailer has since pulled some of the devices off its shelves.</b>
Security flaws in a number of smartwatches aimed at children means hackers and strangers could hijack them and use them to track and eavesdrop on kids.
The various issues were discovered by security firm Mnemonic, working with the Norweigan Consumer Council, <a href='https://saarc-smrc.org/ro/omegashark-comentarii-pret-cum-functioneaza-recenzii-experienta-compozitie-dozare-efecte-secundare-in-cazul-in-care-pentru-a-cumpara/'>saarc smrc</a> after it analysed the Gator, Tinitell, Viksfjord/SeTracker, and Xplora smartwatches.
The devices are marketed as a way for parents to keep tabs on and <a href=https://saarc-smrc.org/th/bio-lab-%e0%b8%81%e0%b8%b2%e0%b8%a3%e0%b8%9e%e0%b8%b4%e0%b8%88%e0%b8%b2%e0%b8%a3%e0%b8%93%e0%b8%b2%e0%b8%a3%e0%b8%b2%e0%b8%84%e0%b8%b2%e0%b8%a1%e0%b8%b1%e0%b8%99%e0%b8%97%e0%b8%b3%e0%b8%87%e0%b8%b2/>Bio Lab แสดงความคิดเห็น</a> communicate with their children via apps — but some have very serious security flaws, and fall short of various standards. "Three of the four watches that were tested were found to contain significant security flaws," Mnemonic wrote in its report. "The flaws are not technically difficult to exploit, and in two cases, allow a third party to surreptitiously take control over the watch."
<b>The devices fell short of multiple standards. Norwegian Consumer Council</b>
The Gator 2, Viksfjord/SeTracker, and <a href="http://www.savethestudent.org/?s=Xplora%20devices">Xplora devices</a> were all found to have "multiple serious and practical attacks." In the Gator 2, for example, this includes hijacking the device, <A HREF="https://saarc-smrc.org/cs/ultimate-cleanse-pro-recenze-cena-jak-to-funguje-recenze-zkusenosti-slozeni-davkovani-nezadouci-ucinky-kde-koupit/">Ultimate Cleanse Pro úřední</A> allowing the attacker to track its current location (and hence, the location of its child wearer), location history, the ability to send voice messages to the watch, and editing contact phone numbers it stores.
The Viksfjord/SeTracker, meanwhile, can be turned into a "remotely controllable listening device," or give an <a href="https://knoji.com/search/?query=attacker">attacker</a> the ability to communicate directly with the child.
And the researchers were able to access sensitive data from other Xplora customers, including locations, names, and phone numbers — suggesting it is not being stored properly.
Meanwhile, none of the four devices give users the option to delete their accounts or <a href='https://saarc-smrc.org/hr/bio-lab-nasi-cijena-kako-radi-nasi-iskustvo-sastav-doziranje-nuspojave-gdje-kupiti/'>Bio Lab web stranica proizvođača</a> have location data delete automatically after a set period of time. Only the Tinitell promises to implement reasonable security standards, Mnemonic said.
John Lewis, the British high street retailer, has since stopped selling a Gator kids' smartwatch, telling The Telegraph: "As a precautionary measure we have withdrawn from sale all Gator smartwatch products while we await further advice and reassurance from the supplier."
Here's the full report: