Exposing the bracelet of Xiaomi Fitbit and other leaked user information

Netease Technology News February 3, "Daily Mail" reported that the non-profit organization Open Effect and the University of Toronto's latest research found that the popular fitness tracking equipment in the market often reveals personal information, the Bluetooth information they send is easy to be Hacker tracking, even if you turn off Bluetooth, can't solve the problem. Devices that are currently found to have these problems include Basis, Fitbit, Garmin, Jawbone, Mio, Withings and Xiaomi, while Apple's Apple Watch is the only device that meets the standards.

Health tracking devices are widely used to collect user activity data and record the user's calorie consumption as a personal trainer. However, these devices also collect personal information of the user during use, such as name, age, gender, etc., and such information may be leaked during the process of using the WiFi to transmit data. In the collaborative study of Open Effect, the researchers tested a number of more prominent devices.


Studies have shown that in addition to the Apple Watch, the rest of the health tracking devices have a fixed identity that allows third-party organizations to track devices anywhere, anytime. The study also found that these identifiers may continue to leak information even when the Bluetooth connected to the device is turned off. Andrew Hilts, one of the authors of the study, said that the Bluetooth privacy standard has been developed in the industry, which specifies how device vendors should protect user privacy. "We are doing our best to encourage health tracking equipment manufacturers to adopt this standard."

In addition, research reports indicate that data generated by these health tracking devices may be tampered with. Since the data generated by these devices is mostly used for insurance and legal purposes, the possibility of being tampered with means that the data becomes less reliable.

Researchers said that some companies, such as Fitbit, Intel Basis and Mio, responded to contact requests and expressed a willingness to engage in dialogue on privacy and security issues. Fitbit is even willing to implement Bluetooth privacy protection standards, and Apple Watch is currently the only device that follows this standard.