2017
DOI: 10.1007/978-3-319-66332-6_3
|View full text |Cite
|
Sign up to set email alerts
|

Breaking Fitness Records Without Moving: Reverse Engineering and Spoofing Fitbit

Abstract: Abstract. Tens of millions of wearable fitness trackers are shipped yearly to consumers who routinely collect information about their exercising patterns. Smartphones push this health-related data to vendors' cloud platforms, enabling users to analyze summary statistics on-line and adjust their habits. Third-parties including health insurance providers now offer discounts and financial rewards in exchange for such private information and evidence of healthy lifestyles. Given the associated monetary value, the … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
20
0

Year Published

2018
2018
2024
2024

Publication Types

Select...
4
1
1

Relationship

1
5

Authors

Journals

citations
Cited by 29 publications
(20 citation statements)
references
References 4 publications
0
20
0
Order By: Relevance
“…Yet, models before 2015 employ optional encryption only-when buying old trackers online, the chances are high of coming across one that still needs to be migrated to the "always encrypt" mode of operation. Furthermore, recent firmware revisions have an internal "disable encryption" switch [13]. Previously, when the ability to disable encryption was discovered, this caused the servers to reply in plaintext.…”
Section: The Fitbit Communication Paradigmmentioning
confidence: 99%
See 4 more Smart Citations
“…Yet, models before 2015 employ optional encryption only-when buying old trackers online, the chances are high of coming across one that still needs to be migrated to the "always encrypt" mode of operation. Furthermore, recent firmware revisions have an internal "disable encryption" switch [13]. Previously, when the ability to disable encryption was discovered, this caused the servers to reply in plaintext.…”
Section: The Fitbit Communication Paradigmmentioning
confidence: 99%
“…Reverse-engineering the tracker's firmware is required to fully understand command interpretation and dump generation. Firmware can be extracted from trackers themselves or from a sniffed firmware update [13,27]. In this article, we go beyond firmware extraction, and we reverse-engineer and modify the firmware internals.…”
Section: Dissecting and Modifying The Tracker's Firmwarementioning
confidence: 99%
See 3 more Smart Citations