Developer Roy Solberg recently uncovered that the kid-friendly Gator 2 smartwatch can easily be hacked from a web browser. The watch, marketed as “children’s first cellphone,” and provides GPS-enabled location information so caregivers can know where their kids are at all times.
By testing his own watch, Solberg found that an attacker could modify the location-tracking feature and download messages sent between parents and children. The attacker only needed the unique serial number given to every internet-connected device, an IMEI number. After confirming the hack himself, Solberg changed just one number of his watch’s IMEI and was able to download a private message from a similar Gator watch in Sweden.
Solberg wrote in a recent blog post where he was describing the vulnerability: “When you buy a product like this you expect to make them more safe, but what happens is that you put your child at risk. Any predator can track your kid, and even start to see patterns in when a child usually goes to e.g. school or after-school activities.”
After conducting their own research, consumer experts in Britain and Europe are calling for a ban on all smart watches geared towards children until the security flaws have been fixed.
Alarming security loopholes mean the watches, which include GPS tracking and a mobile phone SIM card, can be accessed remotely.
As a result, strangers can track where a child is and see information on all of their past movements.
On some devices, it is possible to listen in to what a child is doing by sending a hidden text to the watch.
Hackers can intercept and change the geographical location of the watch in what is known as ‘location spoofing’.
This means that a child can appear to be in one spot when they are actually somewhere else.
Some have an SOS button that a child pushes to make a call to their parent in an emergency. However, this can be remotely disabled and even programmed to call someone else.
Consumer experts have also found that the storage of data collected on the watches can be insecure. As a result, it is possible to gain information on the movements of other watch users via user apps and linked websites.
The managing director of home products and services at Which?, Alex Neill, said: ‘Though these products are marketed at making children safer, parents will be shocked if they actually put them at risk because of shoddy security.’
‘While there is no denying the huge benefits smart gadgets can bring to our daily lives, safety and security should be the absolute priority. If that can’t be guaranteed, then the products should not be sold.’
(Photo Credit: Wareable; Consumentenbond)
(Reported by: Liam Tyler; Edited by: Amy Wesley)