Security concerns, a stumbling block to the explosion of wearables?

[[134520]]

When Google Glass was first launched, the safety of wearable devices has become a hot topic. As smart glasses gradually deviate from the core of wearable devices, the safety issues of smart wristbands have surfaced again. Recently, the Chinese military issued a ban on the use of smart wearable devices. After price, battery life, and functions, will safety be the next obstacle to the popularization of smart wearable devices?
Three security concerns about wearable devices

Google Glass has stopped selling to ordinary users, and wristband products are undoubtedly the absolute protagonist of smart wearables. From smart bracelets to smart watches, from simple step counting to the addition of modules such as NFC, behind the rich functions, there are more and more security concerns about wearable devices.

1. Data security

For now, smart bracelets and smart watches are still the mainstream wearable devices. Although the data collected by many devices is still limited to exercise tracking and sleep monitoring, for users who pay attention to protecting their personal privacy, the data security of wearable devices cannot be underestimated.

According to the design logic of general smart bracelet products, in addition to synchronizing data on the mobile phone APP, most products will synchronize data to the cloud with the help of the mobile phone network. The fact that cannot be ignored is that most smart wearable products are made by entrepreneurial teams, and there are inevitably some loopholes in the security of cloud data. The report shows that some wearable manufacturers had unauthorized loopholes last year, allowing attackers to enumerate the cloud information of other bracelet holders through the interface. In order to increase the playability of their products, some equipment manufacturers use GPS or mobile phone APP to record the user's movement trajectory. Once the cloud data is leaked, even if you deliberately limit the positioning service of the mobile phone system, you still can't escape the fate of being "tracked".

Under the influence of big data, more and more personal privacy has become transparent. When physiological data such as exercise, sleep, heart rate, blood pressure, etc. are also stolen, it even threatens the personal health and safety of users. The consequences may be unimaginable.

2. Equipment safety

In 2014, at a marathon abroad, researchers carried Bluetooth sniffing equipment and recorded information from 563 different devices. Most of the information was not encrypted, which allowed researchers to easily obtain health information transmitted by the device and locate the specific device and wearer through the MAC address and broadcast device name. Obviously, the device security of wearable products is not a matter of fuss.

The most direct loss after a device is monitored is data leakage, but the device security of wearable products is by no means limited to the device itself. Almost all wearable devices are connected to mobile devices via Bluetooth or WiFi, which makes it possible to control mobile phones by controlling wearable devices with lower encryption. Take smart bracelets as an example. Due to their own reminder function, they often obtain the permission to read user contacts, text messages and other data, while smart watches, wearable cameras and other products have more data permissions. If there is a loophole in the security of smart wearable devices, it will be a secret channel for you to leak mobile phone data.

3. Software Security

The release of MOTO360 and Apple Watch has put smart watches at the center of wearable devices. Compared with wristbands, watches have independent systems and can expand more functions through software. However, on the other hand, there are more security risks.

Compared with the gradual improvement of smartphone systems, the operating system of smart watches is still in its infancy, both in terms of service and security. When personal PCs began to become popular, computer viruses were rampant, and now smartphones are also plagued by malware, and the software security of smart watches is worrying. Compared with the security of computers and mobile phones, once a smart watch is infected by malware, data security and device security are out of the question. In particular, the addition of NFC functions has given wearable products greater prospects in mobile payment, access control systems and other services. In other words, in the future, wearable products will not only involve data security, but will also be closely related to the personal safety and property safety of users.

So can software security in smartwatches be avoided?

Apple and Google have long been aware of the importance of wearable device security. Both Android Wear and Apple Watch have tried to avoid possible software security issues in their architectures. Third-party applications do not exist in an independent form, but as an appendage of mobile phone applications. However, Bluetooth and WiFi are still a breakthrough for attacks, and smart watches are likely to be independent of mobile phones in the future. It will take time to test software security issues.
Will security become a stumbling block to the popularization of wearable devices?

There are already all kinds of smart wearable products on the market, but they are still a step away from explosion. For wearable devices, on the one hand, the service is becoming more and more humane and gradually getting rid of the attribute of useless, but on the other hand, there are daunting security issues. So, is the future of wearables stopped by security issues?

For ordinary consumers, they have given up their so-called personal privacy while enjoying Internet services. Smartphones and other mobile devices are constantly selling out our personal privacy, especially after the birth of cloud services. Every photo, every text message, every note, every call record, etc. in the mobile phone are uploaded to the cloud, and many people do not know whether this information has been leaked. Although some people will talk about the harm of privacy leakage, when the harm does not turn into actual harm, few people deliberately refuse to contact new technology. We have gradually become accustomed to the convenience brought by technology, and smart wearable devices are just another extension of these services, which is also an important reason why smart wristband devices are accepted by the public today. But when services such as mobile payment are attached to wearable devices, people's requirements for security are no longer the same.

In the face of the group, except for the military's explicit ban on smart wearables, the government and enterprises have not rejected smart hardware due to security issues. Because of its important role in sports and health, some companies even encourage employees to use wearable products, which has become a trend in Chinese IT companies. However, this does not mean that the government and enterprises will neglect to prevent the security issues of smart wearables. After all, there is a precedent for smartphones. There is also a vivid example, that is, Google Glass is banned in most places. The reason why wearable devices are on the white list of enterprises and governments is that there is no need to restrict smart hardware at present.

When wearable devices involve more services, security will become a bottleneck for development. From chip manufacturers to system software to specific service providers, and even the formulation and completion of relevant standards, all will become constraints on wearable security. Fortunately, Intel has begun to exert its strength in the chip field. Android, which was born from open source, chose to be closed on Android Wear. Security is one of the reasons given by Google.

Open source and openness have enabled the rapid development of wearables. Security may not be a stumbling block to the next development of wearable devices, but it will be a criterion for whether wearable products will be eliminated or not.