According to results, the data that smartwatches collected was typically sent to numerous places. Daniel Miessler, head of security research at HP Fortify mentioned that the data was going through analytics networks, ad networks, numerous back ends and that consumer are probably not aware of this. Furthermore, the study show that many of these connections are not encrypted.
Research also indicates a lack of a shut-off mechanism, half of the watches that have been tested, did not have a pass code. In addition to the security problems that smartwatches create unbeknownst to their users, they also offer users more opportunities for inappropriate or even malicious behavior. Smartwatches are significantly less noticeable than smartphones, its easy to forget that people are wearing them.
Daniel Miessler warned enterprises to be careful about major roll-outs of smartwatches and to pay close attention to security vulnerabilities. He also suggested that if smartwatches are deployed in a corporate setting, that they be restricted to their own networks and not allowed to mingle with enterprise data and services.
In this security assessment, the company used ten smartwatches and their iOS and Android companion applications.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now