• Home
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
  • Events
  • Resources
  • Data Strategy Spotlight
  • Newsletters
  • Sign in
  • Events
    • Follow V3 Events

      Sign up to receive email alerts about our events

      Sign up
  • Resources
    • V3resources 120x194
      Network Security Forensics For GDPR Compliance

      An effective network security forensics strategy can assist an organization in providing key compliance-related details as part of any post-incident GDPR investigation.

      Download
      V3resources 120x194
      10 ways to increase productivity with managed Office 365

      For businesses large and small, relying on a cloud-based collaboration and productivity suite such as Microsoft Office 365 is becoming the norm. Enhancing productivity in your organisation is vital to get ahead in 2017 - and using Office 365 can help, if it's used right...

      Download
      Find resources
      Search by title or subject area
      View all resources
  • Data Strategy Spotlight
  • Sign in
  •  
    •  

      You are currently accessing V3 .co.uk via your Enterprise account.

      Personalise your on site experience

      Download and use the apps

      Access your subscription from outside of the office

      Get relevant news and insight straight to your inbox

      • Sign in
     
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
  • Follow us
    • RSS
    • Twitter
    • Newsletters
    • Facebook
    • YouTube
  • Register
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
 
  •  

    You are currently accessing V3 .co.uk via your Enterprise account.

    Personalise your on site experience

    Download and use the apps

    Access your subscription from outside of the office

    Get relevant news and insight straight to your inbox

    • Sign in
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
V3.co.uk
  • Gadgets

Samsung and LG smartwatches leave sensitive data open to hackers

Researchers reveal that neither firm encrypts user data on wearable devices

LG G Watch white and black
Samsung and LG smartwatches leave sensitive data open to hackers
  • Carly Page
  • Carly Page
  • @CarlyPage_
  • 14 June 2015
  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
0 Comments

Hackers can easily swipe personal data from LG and Samsung smartwatches, researchers have revealed, with neither brand encrypting sensitive data.

According to researchers at the University of New Haven, hackers can easily extract personal data, including contacts, messages and health information, from both the Samsung Gear 2 and LG G Watch.

Ibrahim Baggili of the University of New Haven's Cyber Forensics Research and Education Group, said: "It was not very difficult to get the data, but expertise and research was required."

The researchers, who are currently looking into whether the Apple Watch suffers a similar issue, said they were able to easily swipe data from both the Tizen and Android Wear-powered watches by poking around the wearables' internal storage and the smartphone to which they were linked.

Apple Watch will come in three different designs

On the Samsung Gear 2 they managed to pull emails, messages, contacts and complete health data, while the LG G Watch easily gave up users' calendar appointments, contacts listings and pedometer statistics.

The researchers said it was able to do so because neither Samsung or LG properly encrypt user data on their respective smartwatch devices.

"Just because encryption is enabled does not mean it is implemented in a way that does not allow us to defeat the encryption," Bagili said. 

In a statement given to CNET, a Samsung spokesperson said the company "takes consumer privacy and security very seriously and our products are designed with privacy in mind. If at any time we identify a potential vulnerability, we act promptly to investigate and resolve the issue."

LG added: "At LG, we take security very seriously and will make every effort to protect the privacy of our customers. As such, we make it a priority to investigate any and all breach of privacy issues related to LG products for immediate resolution."

The university will present its full findings in a paper for a digital forensics conference in August.

This isn't the first time the' privacy credentials of wearable devices been thrown into doubt. Last month, security researchers at Context revealed that the privacy fitness tracker users is at risk due to leaky Bluetooth Low Enegry (BLE) technology.

Scott Lester, a senior researcher at Context, said: "Many people wearing fitness devices don't realise that they are broadcasting constantly and that these broadcasts can often be attributed to a unique device."

"Using cheap hardware or a smartphone, it could be possible to identify and locate a particular device - that may belong to a celebrity, politician or senior business executive - within 100 metres in the open air."

  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
  • Topics
  • Gadgets
  • Security
  • Samsung
  • LG
  • Wearables

V3 Latest

TSMC starts high volume production of 7nm chips
TSMC starts high volume production of 7nm chips

Claims to have "the most competitive logic density" in the industry

  • Components
  • 25 April 2018
Dell unveils Precision 5530 2-in-1 mobile workstation with Radeon Pro WX Vega M GL graphics
Dell unveils Precision 5530 2-in-1 mobile workstation with Radeon Pro WX Vega M GL graphics

Dell's high-end mobile workstations upgraded with Intel Coffee Lake CPUs

  • Hardware
  • 25 April 2018
Europol coordinates close down of 'world's biggest' DDoS-for-hire service
Europol coordinates close down of 'world's biggest' DDoS-for-hire service

Webstresser admins were also arrested in the UK, Croatia, Canada and Serbia

  • Security
  • 25 April 2018
Almost 90 per cent of UK websites suffer from 'serious' security flaws
Almost 90 per cent of UK websites suffer from 'serious' security flaws

Security firm claims that 117,638 sites out of 135,035 analysed contain serious security flaws

  • Security
  • 25 April 2018
Back to Top

Most read

Oracle: Java SE 8 business users must buy a licence from January next year
Oracle: Java SE 8 business users must buy a licence from January next year
AI could improve global stability from around 2040, claims US thinktank RAND Corporation
AI could improve global stability from around 2040, claims US thinktank RAND Corporation
How NoSQL database technology and IoT sensors are being put to work saving endangered elephants and tigers
How NoSQL database technology and IoT sensors are being put to work saving endangered elephants and tigers
MPs demand answers from TSB over online banking 'meltdown' following platform migration
MPs demand answers from TSB over online banking 'meltdown' following platform migration
British security start-up launches lip-sync authentication technology
British security start-up launches lip-sync authentication technology
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • About
  • Terms & conditions
  • Privacy policy
  • RSS
  • Twitter
  • Newsletters
  • Facebook
  • YouTube

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017