The Bluetooth Connection
Smartwatches stay in contact with your phone via Bluetooth. And while you may leave your phone behind, the smartwatch on your wrist is often always with you. In September of 2017, researchers discovered a series of problems in almost every Bluetooth device. These security flaws make every Bluetooth device subject to hacking. These hacks can take the form of viruses that are passed from your smartwatch to your phone. Other problems include ransomware taking control of your device, and infection of your router. An infected router can spread malicious code to every device connected to your Wi-Fi. Another significant problem with the connection could allow your notifications to be intercepted. The email from your bank, the message from social media, the text from your significant other are all sent through Bluetooth. Any notification passed to your smartwatch could be intercepted by a hacked Bluetooth connection. These attacks have been undetectable in the past. For that reason, most devices have no protection against such an invasion of your privacy. Since smartwatches heavily rely on Bluetooth they are extremely vulnerable to these invasions.
Is Your Smartwatch Listening to You?
A recent report by the Norwegian Consumer Council analyzed smartwatches for security concerns. The smartwatches studied were designed to be given to children. They were made with the intention of increasing children’s security. Parents could use an app to track the children’s location and contact their children through the smartwatch. What the study found suggests that these devices might actually compromise your security rather than enhance it. The smartwatches tested could be hacked to gain control of every aspect of the device. Hackers could take control of the smartwatch’s microphone and secretly listen to the children as they played. The hackers were able to tell when the wearer was inside or outside, whether playing with friends or alone, and even when they were asleep. You can only imagine the possible consequences. None of the smartwatches in the study were of a brand that you are likely to be familiar with. You might think that sticking with devices from well-known companies is safer. While these well-known smartwatches might incorporate better security controls, you can still be at risk in other ways. While Apple and Google screen apps that go to their respective app stores, third-party apps still represent a weak link in security.
How the Apps You Use Could Compromise Your Privacy
Third-party apps may request access to your smartwatch’s microphone, camera, location services and more. When installing an app, many people accept whatever permissions are requested. Without scrutinizing app permissions, an app could get access to unnecessary services. This gives an app maker the ability to use things like your smartwatch’s microphone to listen in on you. Additionally, a poorly designed app may be more vulnerable to hacking. Often a hacker merely needs one crack in your security to gain access to your device. Once in the system, they can often expand their ability to gain control of other services on your device. If an app maker leaves a vulnerability in place, a hacker might seize the opportunity to gain information from your device.
Location Information Reveals More About You
One of the common uses of smartwatches is to track your steps and fitness activities. A smartwatch provides up-to-the-minute location information about you. This is valuable to advertisers who want to know about the stores you visit, the restaurants you prefer, and any other information they can get their hands on. As you might imagine this can also be valuable to hackers. A hacker with access to your location information through your smartwatch knows when you are at work or at home. When you leave for work, a hacker armed with this information could steal more than just information. They now know they have a window of several hours to break into your home. When you arrive at work, your car, with any valuables left inside, will be unattended for hours. There are many more examples of cases where online risks translate into real-life attacks. Another way advertisers gain valuable information is by placing Bluetooth stations throughout a store. Knowing your path through a store can help businesses know where to put key products. Stop for several moments to consider one display and that data conveys your interest to an advertiser. Pause by a storefront, and they get an alert. Simply passing by on your route to work each day may be noted. The information can be used to help create better advertising to catch your eye. Location data is the king of marketing data.
How Can You Protect Yourself?
Purchasing your smartwatch from a reputable company can help improve your security. A larger, more well-known company has more to lose from having a security breach. The same is true for apps you buy and install. Apps made by trusted companies are more likely to be thoroughly tested for security holes. But these measures aren’t fool-proof. Even recognized companies stumble from time to time. Scrutinizing app permissions can help protect you in the case of a privacy vulnerability, whether intended by the company or not. If an app is hacked, but you never gave the app permission to access your smartwatch’s microphone, there may be little they can do to work around that restriction. Reviewing permissions for previously installed apps takes just a few minutes and can help safeguard your privacy.
Anonymize Your Data with a VPN
Even with access to your smartwatch, this information may often be of little use to businesses or hackers without being able to link it to other information about you. If your data can’t be linked to you, it may be just so much random noise. The key for those building a profile on you is to gather all the information available on you in one location. If the information from your smartwatch can’t be linked with your profile, it is far less useful to them. Using a VPN helps keep your activities and interests private as you go online. Rather than connecting directly with websites and services online, your information is first encrypted and then sent to a VPN server. The website receives a request from the VPN server and returns the data to that server rather than directly to you. Because you never interact directly with the site, your privacy is secured. Only the information you volunteer is now available, rather than information about your location and identity. A quality VPN is easy to set up and connect. They are often very fast so that you experience almost no loss of speed while you keep your privacy. In addition, a VPN can help you avoid restrictions on websites you access while behind a firewall, at work for instance. You can also connect to a server in another country to avoid restrictions from video streaming services based on your location. For more information about how a VPN can help you maintain your privacy, check out our posts on anonymous browsing and anonymous downloading.