Smartwatches targeted at children are found dime a dozen online. While most of them entice parents for the level of ease they present to keep a tab on their wards, these watches have time and again come under the scanner for critical flaws that permit strangers to talk to kids or scrap their location. The latest smartwatch to be found with weak security is the X4 smartwatch marketed by Xplora – a Norwegian seller of children’s watches. The $200 watch is developed in collaboration with Chinese firm Qihoo 360 and can be accessed via a single encrypted text message to take pictures from its camera, track real-time location, and even record calls.
X4 smartwatch is basically designed to allow parents to have a way to keep an eye on their child through GPS based location tracking. The watch is more like a smartphone and can be used to send SOS signals with location to parents. Unfortunately, now that watch has been found to contain an undiscovered backdoor that allows anyone to access the smartwatch and control it.
According to researchers Harrison Sand and Erlend Leikness from Norway-based security company Mnemonic, the backdoor can be activated by sending an encrypted test to the X4 smartwatch and it can then be accessed remotely to click pictures, making phone calls or even tracking real-time geographic location of the kid. There is just one heartening thing here, gaining backdrop access to the watch is not an easy task.
To get backdrop access to the X4 smartwatch would require the hacker to know the phone number (used on the watch) and the encryption key linked to the watch. Moreover, the images clicked using the watch are uploaded to the Xplora servers, which the hacker will have to also access in order to retrieve the images.
As stated previously, the kids’ smartwatches are intriguing and everything but some of them compromise security. The flaw in the X4 smartwatch just states the obvious and suggests parents make better choices when it comes to picking tracking gadgets for their kids.