Security researchers warn that data passing between smartphones and wearable smart devices are susceptible to potential hackers. Information which includes personal text messages, calender events, biometric data, notes and other personal information are constantly synced between the devices.
Image may be NSFW.
Clik here to view.
Smartwatches connect with Android smartphones through a six-digit PIN to secure a private channel of data flow through Bluetooth. A hacker can attempt to find the correct PIN out of the one million possible keys through sophisticated software, intercepting the secure Bluetooth connection.
Bitdefender, a Romanian-based security firm, had researchers test out the concept. A Google Nexus 4 -running a preview of Android L- was paired with a Samsung Gear Live smart watch. The PIN number securing the Bluetooth connection was easily brute forced with the help of readily available hacking tools, after which all data flowing through the two devices was monitored.
Security engineers have not been surprised by these results as they’ve always known that a million possible passkeys is not enough to stop a determined hacker from finding the right number. However, this research has
brought important information to light at the right time.
Wearables and smart watches are on the brink of a market explosion. Manufacturers should realise this drawback and cover this loophole, creating a more secure connection before smart devices become widespread.
Some of the clear solutions to this problem might come at the cost of user convenience. Users would resent manually typing a password every time before pairing on the tiny screen of the smart device. NFC can be integrated to transmit a PIN code during pairing but, that comes at a monetary cost raising the devices’ retail price.
Another possible solution is to make the Bluetooth connection stronger by adding a second layer of encryption integrated within the phone and smartwatch.
