Smashing Security #063: Carole’s back!

Fitness trackers breaching your privacy, how anyone can create convincing celebrity porn, and how ransomware authors are getting ripped off by scammers.
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast b… Continue reading Smashing Security #063: Carole’s back!

Meltdown, Fitness Tracker, and a Secret Military Base – Hack Naked News #159

This week, Paul reports on vulnerable industrial controls directly connected to Internet, Heat Map released by Fitness Tracker reveals location of secret military bases, and a Linux monitoring tool detects Meltdown attacks! Jason Wood joins us for the … Continue reading Meltdown, Fitness Tracker, and a Secret Military Base – Hack Naked News #159

Strava user heatmap reveals patterns of life in western military bases

In November 2017, online fitness tracker Strava published a heatmap of the activity many of its users around the world engage in (and track) daily. But what might have seemed as a harmless sharing of anonymized, aggregated data turned out to reveal pot… Continue reading Strava user heatmap reveals patterns of life in western military bases

Heat Map Released by Fitness Tracker Reveals Location of Secret Military Bases

Every one of us now has at least one internet-connected smart device, which makes this question even more prominent —how much does your smart device know about you?

Over the weekend, the popular fitness tracking app Strava proudly published a “2017 he… Continue reading Heat Map Released by Fitness Tracker Reveals Location of Secret Military Bases

Opt-Out Fitness Data Sharing Leads to Massive Military Locations Leak

People who exercise with fitness trackers have a digital record of their workouts. They do it for a wide range of reasons, from gathering serious medical data to simply satisfying curiosity. When fitness data includes GPS coordinates, it raises personal privacy concerns. But even with individual data removed, such data was still informative enough to spill the beans on secretive facilities around the world.

Strava is a fitness tracking service that gathers data from several different brands of fitness tracker — think Fitbit. It gives athletes a social media experience built around their fitness data: track progress against personal goals …read more

Continue reading Opt-Out Fitness Data Sharing Leads to Massive Military Locations Leak

How your smartwatch or fitness tracker could reveal your ATM PIN

Hackers could record minute fine-grained movements from the sensors embedded in wearable fitness tracking devices and then determine your PIN code or password, researchers discover.
Read more in my article on the Tripwire State of Security blog.
Continue reading How your smartwatch or fitness tracker could reveal your ATM PIN

Custom Firmware Unlocks Fitness Tracker

[Mikhail] sent us a teaser video for a hack he’d done (embedded below). He takes a Bluetooth LE fitness tracker dongle and reflashes it spit out the raw accelerometer data and trigger events. He then wrote a phone app that receives the data and uses the device as an alarm, an on/off switch, a data-logging device, and more.

We thought it was cool enough that we asked [Mikhail] for more detail, and he delivered in spades! Inside the device is a Nordic NRF51822, their ARM Cortex + Bluetooth chip, an accelerometer, and a bunch of LEDs. [Mikhail] mapped out the …read more

Continue reading Custom Firmware Unlocks Fitness Tracker