[email protected] +603-2181 3666
Apple Watch: nothing prevents thieves from resetting the password and using a stolen one (even for shopping)
June 10, 2015
0

It is one of the longest awaited gadgets in recent times and is set to become one of the technological gadgets of the year, but it has already given rise to the first scare: Apple Watch is vulnerable.
Apple’s smart watch, which has been on the market for just over a month, has given a hint to the public of its security flaws: security gaps which can end up being expensive for this wearable first buyers.
Apple Watch lacks an Activation Lock feature
On the one hand, Apple’s watch may become an object of desire for thieves, something the iPhone tried to prevent with certain security measures. The smart watch lacks of an ‘Activation Lock’ feature, which was created to dissuade criminals from illegally obtaining one of the company’s devices.
This feature first appeared with iOS7, and makes that the only way of disabling the ‘Find my iPhone’ option –which allows the user knowing where his device exactly is- is with the user’s Apple ID and password. In other words, unless the thief has your username and password, he won’t be able to disable the option that will allow you to find your stolen iPhone.
However, the smart watch doesn’t have the ‘Activation Lock’ feature. In addition, resetting the device and erasing all data- password included- is simple, even without having the PIN code which protects the watch, as you can see in the following video:

[youtube http://www.youtube.com/watch?v=cOcd7xx0vMs]
Shopping at your expense
A second vulnerability of the Apple Watch may work out to be even more expensive for the pioneers who have already bought it.
Thanks to its sensors the device detects when it is placed on a user’s wrist. While it is being worn it doesn’t require a password to unlock it, to enable its owner to access the screen and to make payments with Apple Pay.
If we take the watch off our wrist, Apple Watch will ask you to re-enter the password, so that, if it gets stolen, your data is safe, especially your financial one.
However, the watch’s sensors have a delay of about a second to re-enable the PIN code and, in addition, they don’t detect whether the watch is on the wrist or on any other body part, so some crafty thieves can take the watch off of a wearer’s wrist and then quickly cover the sensors with his fingers to keep the watch from locking.

[youtube http://www.youtube.com/watch?v=2blTo-Ej6mo]
Here the thief was not only able to access the information stored in your Apple Watch, but also to make purchases with your Apple Pay account.
So, the cracks in the security of the so long awaited Apple Watch are starting to undermine the fame of the device that Apple fans wanted to have on their wrists. The fact that with some tattoos the sensors of the Apple’s Watch don’t work is just a mere anecdote, now the security of its users is at stake.

The post Apple Watch: nothing prevents thieves from resetting the password and using a stolen one (even for shopping) appeared first on MediaCenter Panda Security.
Source: Panda