Feeds

Nike + iPod poses threat to personal security

Could aid stalking and burglary

Security for virtualized datacentres

One of this year's must-have gadgets for music-crazy runners is a security nightmare that could help someone track your movements with relative ease, according to researchers at the University of Washington.

The Nike + iPod device transmits data from a gizmo in a runner's shoe to an iPod, where software crunches the numbers to come up with information such as how far someone has run, and how fast, in real time. But the researchers have found that it could well be broadcasting that data to others too.

"A bad person could use this information to compromise your personal privacy and safety. We describe specific example scenarios, like stalking, in our paper," said a statement from researchers Scott Saponas, Jonathan Lester, Carl Hartung and Tadayoshi Kohno of the Department of Computer Science and Engineering at the University of Washington.

The gadget in the runner's shoe contains a radio frequency identification (RFID) chip which sends the data to a receiver connected to the iPod. The information itself is encrypted, but enough information is broadcast to a range of up to 60 feet to pose a security risk.

"When you walk or run the Nike + iPod sensor in your shoe will transmit messages using a wireless radio," said the researchers. "These messages contain a unique identifier that can be detected from 60 feet away. This information is potentially private because it can reveal where you are, even when you'd prefer for a bad person to not know your location."

They found that small computer equipment could be used to read the unique identifier. Some of this was small enough to hide in the user's environment. Placed on that person's front door or in bushes beside the entrance the machine could be used to read and record every time the shoe gadget passed it by.

That could allow a person using the tracking equipment to log when the user was home and when he was out of the house. This could be vital information for burglars.

If a person built a network of these sensors they could map the movements of a person or any number of people through a whole area, and could plot that movement on online mapping services such as Google Maps.

The researchers said that building a surveillance network would be "neither hard nor expensive". "Our prototype shows that a bad person could build a full-featured, WiFi-enabled Nike + iPod surveillance device for under $250," they said.

Copyright © 2006, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
How the FLAC do I tell MP3s from lossless audio?
Can you hear the difference? Can anyone?
iPAD-FONDLING fanboi sparks SECURITY ALERT at Sydney airport
Breaches screening rules cos Apple SCREEN ROOLZ, ok?
Crouching tiger, FAST ASLEEP dragon: Smugglers can't shift iPhone 6s
China's grey market reports 'sluggish' sales of Apple mobe
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
The British Museum plonks digital bricks on world of Minecraft
Institution confirms it's cool with joining the blocky universe
Turn OFF your phone or WE'LL ALL DI... live? Europe OKs mobes, tabs non-stop on flights
Airlines given green light to allow gate-to-gate jibber-jabber
Be your own Big Brother: Keeping an eye on Mum and Dad
All watched over by machines of loving grace
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.