Your Smartwatch Can Be Hacked To Monitor And Steal Your Passwords | HuffPost

“By their very nature of being wearable, these devices provide a new pervasive attack surface threatening users' privacy, among others.”

Charles Pulliam-Moore— Fusion

|

Jason Reed / Reuters

Smartwatches’ abilities to pay for our food and monitor our physical activities are only possible thanks to the myriad sensors packed into their tiny metal bodies.

These sophisticated sensors are often trotted out as evidence that they’re the next big thing in mobile technology, but one unintended side effect of their sensitive internals could be the gradual chipping away of your digital privacy.

In his master’s thesis for the IT University of Copenhagen, Tony Beltramelli explains and demonstrates how a person generates information whenever they move their hand while wearing a smartwatch. That information can be analyzed and interpreted as a hand’s motion through physical space and, in some instances, as a hand pressing the keys on a pin pad.

The Apple Watch Edition is on display for the release of the Apple Watch at the Eaton Centre Apple Store in Toronto.

Ryan Emberley/Invision/AP

“Wristband and armband devices such as smartwatches and fitness trackers already took an important place in the consumer electronics market and are becoming ubiquitous,” Beltramelli explains. “By their very nature of being wearable, these devices, however, provide a new pervasive attack surface threatening users' privacy, among others.”

In a video accompanying his thesis, Beltramelli demonstrates how a compromised smartwatch can make sense of which buttons he’s pressing just by sensing the way his hand moves.

The basic principal behind the exploit is similar to the way in which intelligent keystroke-tracking programs have been shown to be able to recognize individual people based on behavioral biometrics profiles created from their typing habits.

A hand’s movement through space, while slightly different from person to person, could, in theory, be mined for personal credentials and used to make smarter attempts at compromising someone’s logins. This problem’s made worse by the fact that the size of most keyboards and pin pads are standardized to make people feel more comfortable while using them.

As Gizmodo points out, Beltramelli’s research shouldn’t be immediate cause for alarm. The exploit could only be performed because the researcher has full, deep access to a compromised smartwatch’s internals. Anyone using an Apple or Android watch fresh out of the box should be just fine.

Be warned, though, this is why Google and Apple really insist that you keep sketchy apps from third-party app stores far, far away from your fancy new toys.

Also on WorldPost:

7 Household Items That Pose Privacy Problems

Printers(01 of07)

If you have a color laser printer, then the documents you print may have imperceptible yellow tracking dots that reveal the printer's serial number and the date and time of printing.The dots are used as part of an effort to track counterfeiters, but the Electronic Frontier Foundation reports that there's nothing stopping the government from tracking any document you print, whether or not its related to currency. (credit:<a href="http://www.flickr.com/" role="link" class=" js-entry-link cet-external-link" data-vars-item-name="Flickr" data-vars-item-type="text" data-vars-unit-name="5689e6d5e4b014efe0daceeb" data-vars-unit-type="buzz_body" data-vars-target-content-id="http://www.flickr.com/" data-vars-target-content-type="url" data-vars-type="web_external_link" data-vars-subunit-name="before_you_go_slideshow" data-vars-subunit-type="component" data-vars-position-in-subunit="23" data-vars-position-in-unit="27">Flickr</a>:<a href="http://www.flickr.com/photos/71859481@N00/7344695644" role="link" class=" js-entry-link cet-external-link" data-vars-item-name="vernieman" data-vars-item-type="text" data-vars-unit-name="5689e6d5e4b014efe0daceeb" data-vars-unit-type="buzz_body" data-vars-target-content-id="http://www.flickr.com/photos/71859481@N00/7344695644" data-vars-target-content-type="url" data-vars-type="web_external_link" data-vars-subunit-name="before_you_go_slideshow" data-vars-subunit-type="component" data-vars-position-in-subunit="24" data-vars-position-in-unit="28">vernieman</a>)

Coupons(02 of07)

According to the book Brandwashed by Martin Lindstrom, coupon providers often encode your personal information in the bar codes of digital coupons you print. The information can include your computer's IP address, when you found the coupon, where you redeemed it, and the search terms you used to find it. (credit:<a href="http://www.flickr.com/" role="link" class=" js-entry-link cet-external-link" data-vars-item-name="Flickr" data-vars-item-type="text" data-vars-unit-name="5689e6d5e4b014efe0daceeb" data-vars-unit-type="buzz_body" data-vars-target-content-id="http://www.flickr.com/" data-vars-target-content-type="url" data-vars-type="web_external_link" data-vars-subunit-name="before_you_go_slideshow" data-vars-subunit-type="component" data-vars-position-in-subunit="18" data-vars-position-in-unit="22">Flickr</a>:<a href="http://www.flickr.com/photos/25275534@N00/8666678070" role="link" class=" js-entry-link cet-external-link" data-vars-item-name="ePublicist" data-vars-item-type="text" data-vars-unit-name="5689e6d5e4b014efe0daceeb" data-vars-unit-type="buzz_body" data-vars-target-content-id="http://www.flickr.com/photos/25275534@N00/8666678070" data-vars-target-content-type="url" data-vars-type="web_external_link" data-vars-subunit-name="before_you_go_slideshow" data-vars-subunit-type="component" data-vars-position-in-subunit="19" data-vars-position-in-unit="23">ePublicist</a>)

eBooks(03 of07)

According to a chart compiled by the Electronic Frontier Foundation, ebook companies often retain your book searches, book purchases and even information on how you're reading the book. (credit:<a href="http://www.flickr.com/" role="link" class=" js-entry-link cet-external-link" data-vars-item-name="Flickr" data-vars-item-type="text" data-vars-unit-name="5689e6d5e4b014efe0daceeb" data-vars-unit-type="buzz_body" data-vars-target-content-id="http://www.flickr.com/" data-vars-target-content-type="url" data-vars-type="web_external_link" data-vars-subunit-name="before_you_go_slideshow" data-vars-subunit-type="component" data-vars-position-in-subunit="15" data-vars-position-in-unit="19">Flickr</a>:<a href="http://www.flickr.com/photos/16972633@N02/9028287370" role="link" class=" js-entry-link cet-external-link" data-vars-item-name="f_lavins" data-vars-item-type="text" data-vars-unit-name="5689e6d5e4b014efe0daceeb" data-vars-unit-type="buzz_body" data-vars-target-content-id="http://www.flickr.com/photos/16972633@N02/9028287370" data-vars-target-content-type="url" data-vars-type="web_external_link" data-vars-subunit-name="before_you_go_slideshow" data-vars-subunit-type="component" data-vars-position-in-subunit="16" data-vars-position-in-unit="20">f_lavins</a>)

Credit Cards(04 of07)

In an interview with Charles Duhigg about his article in The New York Times called "What Does Your Credit-Card Company Know About You?" the reporter said that many credit card companies now have "massive laboratories where they can track what you buy with your card and sort of deduce a lot of things about you, based on those patterns." (credit:<a href="http://www.flickr.com/" role="link" class=" js-entry-link cet-external-link" data-vars-item-name="Flickr" data-vars-item-type="text" data-vars-unit-name="5689e6d5e4b014efe0daceeb" data-vars-unit-type="buzz_body" data-vars-target-content-id="http://www.flickr.com/" data-vars-target-content-type="url" data-vars-type="web_external_link" data-vars-subunit-name="before_you_go_slideshow" data-vars-subunit-type="component" data-vars-position-in-subunit="12" data-vars-position-in-unit="16">Flickr</a>:<a href="http://www.flickr.com/photos/9731367@N02/7113235069" role="link" class=" js-entry-link cet-external-link" data-vars-item-name="Philip Taylor PT" data-vars-item-type="text" data-vars-unit-name="5689e6d5e4b014efe0daceeb" data-vars-unit-type="buzz_body" data-vars-target-content-id="http://www.flickr.com/photos/9731367@N02/7113235069" data-vars-target-content-type="url" data-vars-type="web_external_link" data-vars-subunit-name="before_you_go_slideshow" data-vars-subunit-type="component" data-vars-position-in-subunit="13" data-vars-position-in-unit="17">Philip Taylor PT</a>)

Loyalty Cards(05 of07)

Next time you shop at Target, you might want to leave that discount card at home. Many retailers' discount and loyalty cards cards collect purchasing data on customers who use them. The data isn't just used to inundate you with coupons, it may also be used against you by insurance companies. (credit:<a href="http://www.flickr.com/" role="link" class=" js-entry-link cet-external-link" data-vars-item-name="Flickr" data-vars-item-type="text" data-vars-unit-name="5689e6d5e4b014efe0daceeb" data-vars-unit-type="buzz_body" data-vars-target-content-id="http://www.flickr.com/" data-vars-target-content-type="url" data-vars-type="web_external_link" data-vars-subunit-name="before_you_go_slideshow" data-vars-subunit-type="component" data-vars-position-in-subunit="8" data-vars-position-in-unit="12">Flickr</a>:<a href="http://www.flickr.com/photos/11540081@N05/2983197457" role="link" class=" js-entry-link cet-external-link" data-vars-item-name="Nick J Webb" data-vars-item-type="text" data-vars-unit-name="5689e6d5e4b014efe0daceeb" data-vars-unit-type="buzz_body" data-vars-target-content-id="http://www.flickr.com/photos/11540081@N05/2983197457" data-vars-target-content-type="url" data-vars-type="web_external_link" data-vars-subunit-name="before_you_go_slideshow" data-vars-subunit-type="component" data-vars-position-in-subunit="9" data-vars-position-in-unit="13">Nick J Webb</a>)

Electricity Meters(06 of07)

The Electronic Frontier Foundation warns that many new "smart" electricity meters let utility companies track your power usage "moment by moment." That means your utility company could potentially learn what time you wake up, when you go on vacation, or even more minute details -- like when you run the dishwasher or take a hot bath. (credit:AP Photo/Toby Talbot)

Televisions(07 of07)

Companies like Verizon and Microsoft have sought to patent processes for monitoring TV watchers. There has also been speculation that Microsoft's soon-to-be-released Xbox One will spy on you via the Kinect, a motion-sensing camera.But that doesn't mean your TV watching habits haven't already been monitored. The Wall Street Journal in 2011 reported that cable companies target ads using TV watchers' personal data. (credit:Andreas Rentz/Getty Images)

Our 2024 Coverage Needs You

As Americans head to the polls in 2024, the very future of our country is at stake. At HuffPost, we believe that a free press is critical to creating well-informed voters. That's why our journalism is free for everyone, even though other newsrooms retreat behind expensive paywalls.

Our journalists will continue to cover the twists and turns during this historic presidential election. With your help, we'll bring you hard-hitting investigations, well-researched analysis and timely takes you can't find elsewhere. Reporting in this current political climate is a responsibility we do not take lightly, and we thank you for your support.

Contribute as little as $2 to keep our news free for all.

Can't afford to donate? Support HuffPost by creating a free account and log in while you read.

Support HuffPost

Suggest a correction

|

From Our Partner

HuffPost Shopping's
Best Finds

This High-Capacity Digital Picture Frame Is At A Low Price Right Now

These 13 Old-School Beauty Products Are Still The Best Around

If You Hate Sweaty Feet, You'll Love These Breathable Walking Shoes

The $17 French Retinol That Reviewers Call 'A Miracle Cream'

The 1 Shoe Podiatrists Say You Should Try If You’re On Your Feet A Lot