PDA

View Full Version : iPod Sport a stalkers dream



nss1888
18-12-2006, 02:59 PM
Due to the complete lack of security in the iPod Soprt and it's addon for sporty types you could find yourself under survailance...

read in here (http://news.bbc.co.uk/1/hi/technology/6179197.stm)


Joggers using the iPod Sport kit to keep fit are putting their personal privacy at risk, warn scientists.
The academics showed how easy it was to track those using the combination of music player and running shoe sensor.

In the worst scenario suggested by the scientists, stalkers could use the tracking data to "engineer" encounters with victims.

The researchers said gadget makers should do more to protect privacy and stop hardware being abused in this way.

Hi-tech steps

The Nike iPod Sport kit uses radio to link a sensor in a runner's shoe to another gadget that clips on to an iPod Nano.

The clip-on gadget analyses the data gathered by the sensor and gives runners information about how far they have travelled and the calories they have burned as they exercise.

A team of computer science researchers from the University of Washington has scrutinised the runner's aid and found that it "fails to offer even the most basic level of user privacy".

The investigation, led by graduate student Scott Saponas, found it easy to eavesdrop on the unique identifier (UID) the sensor uses to ensure it talks to the right receiver.

"When someone is engaged in a workout with a sensor using a receiver attached to an iPod, a second receiver can detect the sensor transmitting its UID," the researchers report.

...will these new gadgets erode our privacy even further?

Prof Tadayoshi Kohno
Once activated the sensor broadcasts continuously and nothing is done to encrypt the signal to hide it from eavesdroppers the scientists found.

The unique identifier could be tracked up to 20 metres away outdoors and at speeds up to 30 mph.

University of Washington Professor Tadayoshi Kohno, who was part of the research team, said the project was undertaken to get a better understanding of trends in the technologies being sold to consumers.

"Are new devices still being introduced that do not address the full range of privacy issues, even if it is technically possible to address many of those issues?" he asked.

To show how the data transmitted by the sensor could be abused, the team created their own receiver from cheap and easily obtainable parts that logged when a target sensor was nearby. This used wi-fi to pass on the information to a central database that plotted the location on Google Maps.

By concealing a few of the small custom-made receivers in select locations, the researchers showed how it would be possible to track someone's movements.


Researchers fear the running sensor could be abused
Another hardware prototype used by the team turned a Windows XP laptop into a logging station when the gadget was plugged into a free USB port.

The team speculated that stalkers, thieves and others could use their own receivers to monitor a target. Surveys suggest that most people who use the iPod Sport kit turn the sensor on, slip it in their running shoe and never turn it off.

Prof Kohno said: "Our study shows is that new devices are still coming out that do not address the full range of privacy issues."

The researchers said they did not want to suggest that Apple or Nike intended that their devices would be used maliciously.

"But," said Prof Kohno, "this situation begs the broader question: as manufacturers continue to introduce other new, sophisticated technological personal gadgets, will these new gadgets erode our privacy even further?

"More importantly," he said, "what can we do about that?"

To make the technology more secure the researchers suggest binding each sensor to a specific receiver so the datastream cannot be tapped. This data traffic could also be encrypted to reduce the chance that it could be used for malicious purposes.

y2krog2000
18-12-2006, 03:13 PM
Having your bluetooth on all the time is bad as well, I remember seeing on tv that they banned all wireless devices from the houses of parliament because the paparazzi were bluesnarfing ministers phone calls and reading their e-mails and its thought thats were they were getting some of their stories from, but I think that they got the ban lifted because to many ministers were complaining.

Hackmo
18-12-2006, 10:22 PM
This is just silly, I'm all for bringing knowledge to the masses about how insecure technology is but MY GOD. They are blowing this way out of proportion.


A team of computer science researchers from the University of Washington has scrutinised the runner's aid and found that it "fails to offer even the most basic level of user privacy".

I read an article on this today and apparently the actuall data being sent is encrypted.


The investigation, led by graduate student Scott Saponas, found it easy to eavesdrop on the unique identifier (UID) the sensor uses to ensure it talks to the right receiver.

In a park with lots of people using these devices how do you identify which UID belongs to each person?


The unique identifier could be tracked up to 20 metres away outdoors and at speeds up to 30 mph.

...if the person needs to be as close as only twenty meters away then they are pretty much going to know that you are there and where you are going anyway.



To show how the data transmitted by the sensor could be abused, the team created their own receiver from cheap and easily obtainable parts that logged when a target sensor was nearby. This used wi-fi to pass on the information to a central database that plotted the location on Google Maps.

By concealing a few of the small custom-made receivers in select locations, the researchers showed how it would be possible to track someone's movements.

What's new about this? I'm pretty sure that the ability to "automatically"(doesn't even say) plot someones location on google maps is not going to open the gates for a whole lot of "would-be stalkers". If you are being stalked then you are being stalked regardless of what ipod accessory you have.



Researchers fear the running sensor could be abused
Another hardware prototype used by the team turned a Windows XP laptop into a logging station when the gadget was plugged into a free USB port.

Somehow I think I would be able to notice someone running twenty meters behind me with a laptop(pluss wifi devices).

The ipod sport is not a privacy threat, unless, of course you consider someone knowing how much calories you have burned or the distance you have ran a privacy thread. Even then though they would need to be able to decrypt the data being sent and would need to run along side you with a laptop to collect a sufficient amount of packets.

y2krog2000
19-12-2006, 08:34 AM
You dont have to be out jogging for this to happen you could be at work they just tried it out in a park.