Projects:2018s1-168 Penetration Testing of the SpaceTalk Tracking Watch
Project Team
Brent Williams
Sasha de Vries
Supervisors
Dr Matthew Sorell
Prof Tobias Eggendorfer
Introduction
Wearable devices have become a popular commodity across the globe, with many different brands, shapes, models and sizes available. Wearable technologies have advanced to produce children’s wearable devices which allow parents to monitor and contact their child, examples of these include Moochies, Watchem, Movetime and Gator. In this project, the SpaceTalk safety watch from All My Tribe will be analysed. The SpaceTalk watch has minimal features reducing the complexity of the user interface and allowing a child to be able to call and message preselected contacts. The watch also can act as a GPS tracking device which allows safe locations to be set like a child’s home or school. Other features on the watch include a timer, pedometer, torch function and an SOS button. In this project, we aim to identify and investigate the security flaws of the SpaceTalk Tracking Watch. After identification, the focus will be on the malicious capabilities of the located flaws and how they may be used to extract and analyse data on the watch to learn schedules and locations of the individual wearing or to falsify data. Ultimately, the aim is to determine if the security protocols on the wearable are sufficient to provide parents with confidence that a child user is safe and that the information contained on the SpaceTalk is accurate and cannot be accessed by unauthorised third parties.
Abstract
Penetration Testing of the SpaceTalk Tracking Watch
Investigation of security in wearable devices and flaws
Introduction
Wearable devices have become a popular commodity across the globe, with many different brands, shapes, models and sizes available. Wearable technologies have advanced to produce children’s wearable devices which allows parents to monitor and contact their child. The safety watch being researched is the SpaceTalk watch from All My Tribe. The SpaceTalk watch has minimal features reducing the complexity of the user interface and allowing a child to be able to call and message preselected contacts. The watch also has the capability to act as a GPS tracking device which allows safe locations to be set like a child’s home or school. Other features on the watch includes a timer, pedometer, torch function and a SOS button.
Research Question
The primary research question being addressed is: What are the security flaws of the SpaceTalk Tracking Watch? From these flaws, the research aims to focus further on the malicious capabilities of the located flaws. Expanding on the question, how can these flaws be abused to exploit pre-existing data? The secondary question is the extraction and analysis of data to learn schedules and locations or the manipulation of data to falsify recorded events. The aim is to determine if the security protocols on the wearable is sufficient to provide the parents with confidence that their child is safe and the child’s information is accurate and cannot be accessed by unauthorised third parties.
Relevance
The child safety watch allows parents to be confident that their child is ‘safe’ and they know where they are with immediate contact. The concept of these watches sound great when used for designed or ideal purposes but the question is are they safe enough to store a prolonged history your child’s location. These wearable devices contain sensitive data, relating to the child’s location making the security and confidentiality of the data paramount. Ensuring security of data is the key to the prevention of malicious manipulations such as for abductions, illegal surveillance or data falsification. Locating security flaws on the device could allow that the data intended for the parent could be accessed or altered by a third party attempting to cause harm to the child. In the worst case scenario, a third party could upload software to the wearable to surveil the child.
Research Methodology
The main area of research is into the intrusion of a ‘black box’ device. The SpaceTalk watch is treated like a ‘black box’ with only publicly released data of the device and experimentation being available to determine intrusive pathways into the watch. There are multiple methods being researched and focussed on to attempt to infiltrate the SpaceTalk watch. The main infiltration methods being researched include network attacks, side channel attacks, man in the middle attacks, authentication attacks and USB connection exploits. As the watch receives SMS commands from the app for communication, one method being investigated is how messaging different text or code can affect the behaviour of the watch. Different messages with different text layouts will be trialled to observe the response on the watch. Using the messages, the disguising of original messages or transmission of fake messages to the device could allow the watch to be lead astray believing the commands sent are authentic, this could lead to the watch misinforming the child or altering predesignated ‘safe zones’ and pose a potential safety hazard. Another potential misuse of these commands could be setting the watch to call a predesignated cell phone to be used an unlawful audio recording device. The SpaceTalk watch operates with a connection to an application called All My Tribe. The connection to the application allows further attacks to be attempted. The application connection will be attempted to be sabotaged by rewriting the app to allow data leakage like the GPS location of the child. The network connectivity of the SpaceTalk watch will also be researched. Determining if the device has a unique signature when connecting to a network could also provide a security weakness. If by the detection of the signal from the watch allows the number to be identified as a SpaceTalk watch, a third party could identify the device as a child’s watch. Identifying the device as a child’s watch could result in external parties easily identifying children’s number and allowing network tracking or surveillance on the devices.
Real World Implications
Weaknesses in the security protocols of these devices could result in severe consequences if discovered by an individual whom have malicious intent. For example, if the GPS location of the child could be continuously monitored by a felon who wishes to harm the child, that children would be more at risk than without the watch. As the watch provides harmful information, it is detrimental towards the child's safety and should not be worn. Parents trust the provider, All My Tribe, with the data of their child and that the device is secure. The public identification of flaws will develop wavering trust in the products as well as other devices on the market. At the end of the day these devices were designed to ensure the child’s safety is of high priority while having some independence. Maintaining security and the parent’s faith in the device is of great importance.
Conclusion
As technology is continually advancing and breaking into aging devices becomes easier with the increased computing available, it is paramount that security comes first. One method that the SpaceTalk watch remains secure is by keeping a simple interface with limited functionality. Even with limited functionality there are several possible attack vectors for the watch which can be exploited and abused. If these attack vectors are successfully exploited, the watch has failed its primary purpose of keeping the children safe and will lose market trust.