Skip to main content

Vulnerability in Children

Vulnerability in Children's Smart Watch Could Reveal Location

Some smart watches geared towards children have series security flaws.

  • By Sydny Shepard
  • Oct 20, 2017

Researchers have found that a smart watch marketed towards children has several gaping security holes that could allow a hacker to eavesdrop and see the exact location of the wearer.

The many glaring security flaws were discovered by security firm, Mnemonic, which analyzed the Gator, Tinitell, Viksfjord/SeTracker and Xplora smartwatches. The devices are marketed as a way for parents to keep tabs on and communicate with their children via apps, but some have very serious vulnerabilies that could allow a stranger to take advantage of a smart device on a child's wrist.

"Three of the four watches that were tested were found to contain significant security flaws," Mnemonic wrote in its report. "The flaws are not technically difficult to exploit, and in two cases, allow a third party to surreptitiously take control over the watch."

The Gator 2, Viksfjord/SeTracker and Xplora devices were all found to have multiple serious and practical attacks. In the Gator 2, for example, a hacker could completely hijack the device, allowing the attacker to track its current location (and hence, the location of its child wearer) and location history. It also gives the hacker the ability to send voice messages to the watch and edit the contact phone numbers it stores.

The Viksfjord/SeTracker, according to the report, can be used as a "remotely controllable listening device," or allow the hacker to communicate with the child.

And the researchers were also able to access sensitive data from other Xplora customers, including locations, names, and phone numbers — suggesting it is not being stored properly.

Meanwhile, none of the four devices give users the option to delete their accounts or have location data delete automatically after a set period of time. Only the Tinitell promises to implement reasonable security standards, Mnemonic said.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

Most   Popular

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.