Hacking alert over Android WATCHES: Experts reveal gadgets can be infiltrated to read messages sent to your wrist


comments

They are touted as the next bit thing in technology - smartwatches that can keep you up to date right from your wrist.

However, experts have warned they could also be the next big target for hackers.

A video reveals just how easy it is to read messages sent to a smartwatch running Google's Android software. 

Scroll down for video 

For this proof-of-concept, a Nexus 4 Android phone equipped with Android L Developer Preview and Samsung Gear Live (pictured) were used - and hackers could read messages sent to the watch.

For this proof-of-concept, a Nexus 4 Android phone equipped with Android L Developer Preview and Samsung Gear Live (pictured) were used - and hackers could read messages sent to the watch.

HOW THEY DID IT 

For this proof-of-concept, a Nexus 4 Android device equipped with Android L Developer Preview and Samsung Gear Live were used. 

Using special software the team was able to 'brute force' a six digit passcode used to link the phone to the watch - and then read messages sent to it. 

 'Smartwatches, bands and devices all have a lack of security.

'We trust these devices with everything from messages and Facebook updates to biometric information,' said Liviu Arsene of Bitdefender, which uncovered the issue.

'Everything from SMS messages to Facebook or Google Hangouts chats are constantly being forwarded to your smartwatch.'

He found that Google's Android Wear software relies on a six digit pin code to link to watches.

'This six digit pin code can be easily bruteforced,' he said.

'It was not all that that difficult to do.'

'Because the Android Wear obfuscation relies on a pin code of only six digits during the initial pairing, an attacker wouldn't take long to brute-force number and start reading your conversations in plain-text,' he wrote

'Of course, this means an attacker would have to be fairly near the victim and log all intercepted Bluetooth data packets, but the large-scale adoption of such an exploit could be fueled by the increasing number of smartwatches or smartbands. 

'Weaponizing it could only be a matter of time.' 

For the proof-of-concept, a Nexus 4 Android device equipped with Android L Developer Preview and Samsung Gear Live were used. 

'The implications of these recent findings are only moderately surprising – we know from past experience that adoption of new technologies does not always go hand-in-hand with better security practices.' 

Android Wear watch was unveiled by Google at its developer conference in San Francisco earlier this year.

The firm showed off the latest watches running Android wear, a version of Android designed for wearable computers.

'It's finally possible to make a powerful computer small enough to wear on your body,' said Google's David Singleton.

It showed off the LG G watch, which shows the users the most relevant alert at the time - for instance, a flight they are about to get or an upcoming meeting.

Google also revealed apps for its watches, including a food ordering app from Eat that allows users to order favourite food directly from their wrist, and a recipe app called allthecooks that walks users through recipes on the watch face.

Using special software the team was able to 'brute force' a six digit passcode used to link the phone to the watch - and then read messages sent to it.

Using special software the team was able to 'brute force' a six digit passcode used to link the phone to the watch - and then read messages sent to it.

LG said the G Watch would initially be made available to 12 countries including the US, UK, France, Germany and Japan, adding that it would announce its price and shipping date shortly.

'As one of the first Android Wear devices to market, we see this as the beginning of a long-term commitment to making wearables running Android Wear a household name,' said Dr. Jong-seok Park, president and CEO of LG.

'We're confident that once consumers see how useful and compelling LG G Watch can be, it will be integrated into their daily lives, just as smartphone have done.'

Read more: http://ift.tt/1yWBBNW Follow us: @MailOnline on Twitter | DailyMail on Facebook

 



IFTTT

Put the internet to work for you.

Turn off or edit this Recipe

0 comments:

Post a Comment