MiSafes' Child-Tracking Smartwatches Are 'Easy To Hack' (bbc.com) 29
The location-tracking "MiSafe" smartwatch may not be as safe as the name proclaims. According to security researchers from Pen Test Partners, the watches are easy to hack as they do not encrypt the data they use or secure each child's account. The researchers found that they could track children's movements, surreptitiously listen in to their activities and make spoof calls to the watches that appeared to be from parents. The BBC reports: The MiSafes watch was first released in 2015. It uses a global positioning system (GPS) sensor and a 2G mobile data connection to let parents see where their child is, via a smartphone app. In addition, parents can create a "safe zone" and receive an alert if the child leaves the area. The adult can also listen in to what their offspring is doing at any time and trigger two-way calls.
Pen Test Partner's Ken Munro and Alan Monie learned of the product's existence when a friend bought one for his son earlier this year. Out of curiosity, they probed its security measures and found that easy-to-find PC software could be used to mimic the app's communications. This software could be used to change the assigned ID number, which was all it took to get access to others' accounts. This made it possible to see personal information used to register the product, including: a photo of the child; their name, gender and date of birth; their height and weight; the parents' phone numbers; and the phone number assigned to the watch's Sim card.
Pen Test Partner's Ken Munro and Alan Monie learned of the product's existence when a friend bought one for his son earlier this year. Out of curiosity, they probed its security measures and found that easy-to-find PC software could be used to mimic the app's communications. This software could be used to change the assigned ID number, which was all it took to get access to others' accounts. This made it possible to see personal information used to register the product, including: a photo of the child; their name, gender and date of birth; their height and weight; the parents' phone numbers; and the phone number assigned to the watch's Sim card.
Hmmm (Score:1)
Crack it in half and see if it still has a pulse
Re: (Score:2, Insightful)
Re: Hmmm (Score:1)
Shut up.
Back on topic, all these smartwatches suck. The wife bought a GizmoGo from Verizon and it sucked. The location tracking was horrible, inaccurate, and suffered from excessive dead spots. It also only updated while you had the App open, which made it useless if the watch was in a dead spot.. the "last seen" location would be the last place you had seen it in the App, not the last place it had cell tower service. And if the child held down the right buttons it would factory reset and you had to have ph
Re: (Score:2)
That is NOT one of the editors.
Re: Hmmm (Score:2)
Start them young (Score:2)
Re: (Score:2)
Re: (Score:1)
I'm a pedophile, though I don't like them below age 11 or 12. I'll get sure to keep them in a safe place, or the watch so you have nothing to worry about.
Then your probably not a pedophile. Look up the actual definition.
and (Score:2)
and nobody was surprised by this, sadly it's the case with almost every device connected to the internet at this point.