Is your Fitbit health band really safe?

By TNT Bureau

Mar 10, 2016: Axelle Apvrille, the Fortinet security researcher at conference in Luxembourg said, hackers supposedly can turn the health bands of Fitbit into PC-infecting malware carriers.

READ ALSO: Kantar health introduces mobile survey app to leverage mHealth technology

The shocking statement

Apvrille revealed ads to how it is actually possible to get into the Bluetooth connection of any Fitbit health bands and within only 10 seconds, contaminate it with a malevolent packet that afterward might be used to contaminate your computer.

The global security strategist for Fortinet Derek Manky noted that owing to the range of Bluetooth which is around 30 feet, a hacker would require to be in close range of the Fitbit device to be able to send the harmful packet to it.

He further said that Fitbit would then get the data packet, amass it and after a while when a user attaches the tracker to his/her computer, that stored data would be sent to the computer.

He also acknowledged that this was merely an evidence of concept. In order to make this a real-world botheration, somebody or the other would have to make an exploit against the computer itself which is indeed a difficult task.

Security issues

Another obstruction to turning the theoretical attack into an actual one is the size of the packet concerned. Manky said that they are dealing with an utmost of 17 bytes here making it all the more tough to succeed a real-world attack.

Nonetheless, the company said that security issues were false and that Fitbit  health devices could not be used to contaminate users with malware, confirmed other reports.

Fitbit cautiously designs safety measures for new devices, observe the landscape for new threats and quickly responds to all type of problems.

The chief analyst for low power wireless at IHS Technology Lee Ratliff said that to some degree the investigator is making a ‘mountain out of a mole hill’.

 READ ALSO: Digital health technologies speed up healthcare delivery and patient care

Negligible impact in sales

Any attack shot likely would be unsuccessful because majority of the people don’t use their health bands with their computers, pointed out Ratliff.

Ratliff further said that he uses his fitness device to connect to his smartphone and he is more than sure that majority of the people do the same. So, if the exploit has no effect on a smartphone that definitely reduces its overall impact.

Furthermore there has been no provable damage from the hack. It’s a hypothetical thing at the moment, he added.

However Fortinet said that all these don’t mean that creators of health bands should ignore the safety issues completely.

Coming forward with precision

There are numerous manufacturers that produce electronic items and very few actually have security experts, Ratliff pointed out. In majority of the cases, it is common engineering staffs who try to put together a safety solution for thr products.

Safety doesn’t show on the radar of majority of the device manufacturers until late in the growth cycle. Many a times, security is left as a postscript in numerous IoT devices. The focus is to maximize battery life while reducing the overall cost.

Post a comment