Hackers can track you via Fitbit, other smartbands: Here's how
If you own a Fitbit, chances are your device has a critical Bluetooth vulnerability, one that could allow hackers to track you. A group of Boston University researchers recently revealed the issue, noting that hackers can actually pinpoint your location using high-profile Bluetooth gadgets. This could proliferate cases of stalking and abuse, posing a major threat to your security. Here's more.
How Bluetooth devices can give away your location
When two Bluetooth devices connect, one serves as the central part of the connection while other takes the peripheral role. The peripheral device sends out all the data associated with the connection, including a randomized address (similar to IP address), to the central device. However, as it turns out, this information can be decoded with what the researchers call a 'sniffer' algorithm.
Bluetooth connection data enables tracking
Though the randomized address generated by the peripheral device is reconfigured regularly, the sniffer algorithm can detect it to identify Bluetooth connections, the researchers said. This doesn't divulge personal information but can allow third-parties to locate active Bluetooth devices and the people using those devices. Now, that's a major concern because a majority of people pair smartbands, headphones with their phones via Bluetooth.
iOS, Windows devices vulnerable, Android not
Theoretically, the issue can be leveraged to track the location of any Bluetooth-enabled device, be it a phone, smartband or headphone. The researchers involved in the work say iOS and Windows 10 devices can be tracked but Android remains shielded from the glitch. Also, Fitbit devices don't update their unique address from to time, which makes it even easier to track them.
Don't throw your smartband just yet
While the issue can have major privacy implications, don't throw away your Bluetooth-enabled gadgets just yet. The researchers say the bug can be avoided by simply turning off and turning on Bluetooth again. This will reconfigure the information, thereby protecting your iOS and Windows 10 devices from being tracked by third-party attackers trying to exploit this vulnerability.
