A security researcher has found an ingenious way to alert a watch company of security flaws found in its products. German researcher Christopher Bleckmann-Dreher demonstrated the feat of printing “PWNED” on GPS maps of hundreds of watches at the Troopers 2019 conference.
The GPS watches are by Vidimensio, an Austrian firm that primarily manufactures GPS trackers and video equipment. The watches were mainly used by children as well as the elderly.
The big picture
Issues resolved partially
Dreher told ZDNet that only eavesdropping flaw was resolved but not other issues. “In 03/2018 the vendor removed the eavesdrop/monitor command from his backend. Nowadays monitor mode can be activated by sending an SMS directly to the watch, [but the watch's SIM] mobile number must be known,” he said.
To raise awareness and to rouse the company to take action on the security issues, Dreher printed ‘PWNED’ in more than 300 watches. Furthermore, the researcher also disclosed details of the 20 faulty models of the watches housing these flaws.