Android Wear hack alert signalled by security expert

Could your smartwatch be under threat? Yes...maybe...probably not
Android Wear hack alert

How safe is your smartwatch? That’s what Bitdefender set out to find out and the results were, unsurprisingly given it’s a technology still in its infancy, a little shaky.

In a video produced to show how “easy” it is to exploit an LG G Watch connected to a Nexus smartphone, the Bitdefender security expert explains that a 6-digit encrypted Bluetooth communication protocol is used to pair the two devices.

Everything you need to know:Android Wear update

He states, “This 6-digit pin can easily be brute forced using available tools,” and demonstrates that a Google Hangout message is broadcast in plain text within the encrypted data.

He explains that the obfuscation algorithms are “not at all that difficult to decrypt”.

However, this pairing "weakness" is a security issue for Bluetooth LE as a whole, and is not one specific to wearables. In order to decode the communications a hacker would presumably have to be near enough to the devices to pick up the Bluetooth communication and would also need a link-key for the pairing. An unlikely scenario.

Wareable's picks: The top smartwatches to buy now

Security companies are always keen to expose potential exploits of new technologies – after all, they stand to make a tidy profit selling software to keep people protected – so their warnings should always be taken with a pinch of salt.

However, if potentially sensitive information is being transmitted in plain text, there’s obviously a genuine worry – although we'd be very surprised if Google left such a gaping back door open in its latest ecosystem.

What do you think?

Connect with Facebook, Twitter, or just enter your email to sign in and comment.

 Most Recent News