Fitbit trackers can be hacked in '10 seconds' (updated) | Techno stream

Fitbit trackers can be hacked in ’10 seconds’ (updated)

22 Oct 2015 | Author: | No comments yet »

Barclays to Shrink Staff in a New Way: 75,000 Fitness Trackers.

The gadgets pair up with staff’s smartphones to monitor physical activity like the number of steps taken each day, and try to persuade workers to increase the amount they exercise.

The firm plans to roll out a new wellness program Nov. 2 that includes subsidizing Fitbit Inc. activity trackers for more than 75,000 U.S. and U.K. employees in its investment bank, personal and corporate bank, card operations and other support functions, according to a statement Tuesday. It’s joining companies including Target Corp., Time Warner Inc. and BP Plc in partnering with the maker of wearable devices for tracking health data. “Activity challenges across our business units and between teams will be an important part of our strategy to encourage more activity and fun in the workplace,” Dominic Johnson, London-based Barclays’s director of employee relations and head of well-being, said in the statement provided by Fitbit.

Although the the Fitbits, which typically cost between £50 and £80, can be used individually, the bank also wants to encourage staff to challenge each other to fitness contests. Fitbit’s wellness unit is the company’s business-to-business unit, where participating companies provide employees with Fitbit activity trackers, challenge employees to get active, and encourage healthier lifestyles. The move is part of a wider lifestyle crackdown – in August Barclays’ new executive chairman John McFarlane banned staff from wearing flip flops in its Canary Wharf head office. The Register reports that this is “the first time malware has been viably delivered to fitness trackers.” Fortinet researcher Axelle Apvrille helped come up with the exploit and explains it it horrifying terms: An attacker sends an infected packet to a fitness tracker nearby at Bluetooth distance then the rest of the attack occurs by itself, without any special need for the attacker being near. [When] the victim wishes to synchronize his or her fitness data with FitBit servers to update their profile… the fitness tracker responds to the query, but in addition to the standard message, the response is tainted with the infected code.

Some staff at Barclaycard had adopted a tech firm approach to office fashion alongside its more free-thinking style of innovating in the business, but that dress code is no longer welcome in the sky scraper where the top executives and investment bankers work. While corporate services generate less than 10 percent of Fitbit’s revenue, it’s “one of the fastest-growing parts of the business,” Chief Executive Officer James Park said in a September interview. Although the company doesn’t release the total number of companies participating in its wellness program, it states that it’s worked with thousands of companies since 2009 and currently has “more than” 50 of the Fortune 500. According to the tech firm, “Fitbit Wellness provides a flexible, exciting way to promote healthy behaviours, get employees more active, and potentially reduce healthcare costs.” Other companies including US retailer Target and risk manager Aon have also signed up to give free or discounted wristbands to their staff in similar health drives. Apvrille continues: From there, it can deliver a specific malicious payload on the laptop, that is, start a backdoor, or have the machine crash [and] can propagate the infection to other trackers [Fitbits].

The really frustrating thing about this exploit is the fact that Fitbit’s known about the vulnerability since March when the Fortinet researchers contacted them, but the company still hasn’t fixed it. Participation and engagement are two challenges an employer faces when rolling out a corporate wellness program, according to Fitbit Wellness vice-president and general manager Amy McDonough.

Another challenge is distributing trackers which, McDonough says, Fitbit is poised to eliminate by using its own distribution channels, instead of shipping trackers in bulk.

Here you can write a commentary on the recording "Fitbit trackers can be hacked in ’10 seconds’ (updated)".

* Required fields
All the reviews are moderated.
Our partners
Follow us
Contact us
Our contacts

ICQ: 423360519

About this site