Like the TrackR bravo, the cache displays the iTrack Easy's password, albeit in an encrypted manner. Furthermore, it doesn't hide user GPS data, meaning that while it doesn't exactly broadcast where you're going, a smart cybercriminal could sniff it out pretty easily.Īt least the iTrack Easy protects its password - sort of. ![]() Like the TrackR Bravo, it reveals its tracking ID and MAC address to any passing Bluetooth tracking app. While the vulnerabilities in the iTrack Easy were not as severe, it might still not be a device you'd want to walk around with. ![]() Used in conjunction with two further vulnerabilities - unauthenticated access and pairing - a clever user with access to only a simple smartphone could track a user's GPS movements through his or her Bluetooth-tagged gadgets. The TrackR Bravo also lets unauthorized users discover a tracking ID and MAC address with any nearby device and a Bluetooth-tracking application. Since users often reuse passwords (especially on small devices that don't require frequent sign-ins), the risk is clear. While the device requires a password to function, it also displays that password in clear, unencrypted text in its cache. ![]() The TrackR Bravo appeared to be the most compromised device of the three. Researchers Deral Heiland and Adam Compton put the TrackR Bravo, the iTrack Easy and the Zizai Tech Nut (yes, there's really a Bluetooth tracker called the "Nut"), and discovered fairly significant security vulnerabilities in each one. This information comes from Boston-based security firm Rapid7, which recently posted research about the trackers on its Community blog.
0 Comments
Leave a Reply. |