Home → News → Google Fixes Smartwatch Security Problem → Full Text

Google Fixes Smartwatch Security Problem

By Purdue University News

July 10, 2020

[article image]

Google has corrected a security vulnerability in its Wear OS smartwatches that could have allowed attackers to crash specific applications, render the app or the watch unresponsive, or cause continuous reboots.

Purdue University’s Saurabh Bagchi and colleagues uncovered the flaw using the Vulcan tool, which feeds a program or app different permutations of data until one exposes a weakness.

Through this fuzzing technique, the researchers learned that a hacker could hijack an app or the smartwatch by manipulating the language, or Intents, that apps use to communicate.

Sending such Intents at high volumes when the operating system is less stable could overload the app or watch, even without root-level privileges.

The Purdue team demonstrated a proof-of-concept mitigation method, and released its codebase on GitHub after Google issued a patch for the Wear OS vulnerability on June 24.

From Purdue University News
View Full Article


Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


No entries found