About Us | Contact Us
View Cart

Fitbit Vulnerability Raises Activity Tracker Concerns

By Vigilize | Monday, October 2, 2017 - Leave a Comment

Data from the devices could be tied to insurance and healthcare costs in the future…


An article review.


ServIcons_ITAudit_01While we try not to cover “exploit of the week” style articles here (other sites do a far more comprehensive job on that subject!), we thought a recent article on an exploit concerning Fitbit devices stood out because of the deeper questions it brought up about all the data we (and our devices) generate, and how it may be tied together.

The exploit itself, discovered by University of Edinburgh researchers, was rather mundane. Requiring a person have direct physical access to the devices in question greatly limits the scope of an attack, and the data gathered was personal but not particularly damaging.

What is interesting is the questions the article poses about where all this activity monitor data goes, and how it may be compiled and cross-referenced in the future. Because this type of data is rarely considered confidential, many people are indifferent to policies that dictate how that information may be stored and used–after all, who has the time to worry if their daily step count falls into the wrong hands?

In a future where activity tracking and a person’s relative activity levels are tied to insurance and healthcare costs, however, the implications of such data–and its collection–start to become more clear. If that weren’t enough, there are a physical ailments that can be identified or associated with how often and the manner in which we move, and then there’s just being able to identify when a person is awake and what they’re doing.

Combined with data harvested from sensors in our smartphones and watches, along with ancillary data from Internet-of-Things devices like light bulbs and an interested party could begin reconstructing someone’s daily activities, among other things.

We often overlook such data and the policies surrounding its collection because it can be seen as inconsequential: it doesn’t tell a third party anything specific. As this article highlights, though, every little bit can help build a narrative, and we often lose sight of just how many little bits we can leave floating online.


Original article by news-medical.net.


same_strip_012513


 

Latest News
      Alternatives From 2020 Conferences The 2020 Update Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Each year as we go to various conferences throughout the Midwest ranging in scope; from small banker conferences that Dan himself moderates, to hacker conferences like Defcon.  We […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around your office.  
    The IBA Presents an infotex Workshop: Tech-Shop (A Virtual Workshop for Banks IT Geeks) Live Workshop Time for a workshop for the technical side of the community-bank. Time for a workshop full of command lines and configurations, acronyms we are forbidden to use around management, and even dark-web jokes. Time for a workshop where we […]
    An Analogy… …About Taking Better Notes Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . An interesting set of metaphors arose out of our efforts to improve our time management practices at infotex.  In the spirit of sound strategic planning, we as a team decided […]
    A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]