SlideShare a Scribd company logo

Who Watches The Smart Watches

Download as PPTX, PDF
B
BriMorLabs

This document provides an overview of Brian Moran's presentation on analyzing data from smart watches and fitness trackers. It discusses the Pebble Time, Under Armour Band, data storage locations, parsing scripts, and protecting privacy. Key points include that smart watches store useful notifications and health data, most interesting data is on linked mobile devices, and timestamps may have minor variations due to device settings. The document also provides specifications for the Pebble Time, Under Armour Band, and scripts for parsing their data stores.

Technology
1 of 115
Brian Moran Digital Strategy Consultant - BriMor Labs Millersville, Maryland OCTOBER 26 2016
A Brief List of Topics • Why use these confounded devices? • Pebble Time • UA Band • Ways to protect your data • Future research goals • Q & A BriMor Labs - 2016
The Introductory Introduction • Hello, my name is Brian Moran – Hi Brian! • 13 years Air Force Active Duty – 10 years mobile exploitation/DFIR experience • Worked here…. BriMor Labs - 2016
The Introductory Introduction BriMor Labs - 2016
Hardware Used • Samsung Galaxy Note II (SCH-i605) – rooted – Running Android 4.4.2 • Pebble Time – Running 3.10 • UA Band – Running 1.17.1.14 • Microsoft Band 2 – Running 2.0.4215.0 26R BriMor Labs - 2016
Sad day on October 3, 2016 BriMor Labs - 2016
Sad day on October 3, 2016 • Microsoft announced it was ending sales of the Band 2 – SDK also removed – “No current plans for Band 3” • Rather than cover a portion of my talk on (now) legacy hardware, purchased a UA Band to research same information – Only had a few weeks of data & research, there is definitely more to come! BriMor Labs - 2016
But some good news for you • The offline version of this presentation will also include the Band 2 slides – In case you encounter a Band 2 or were curious about it • This presentation, however, will NOT cover the Band 2 at all BriMor Labs - 2016
Software Used • ES File Explorer app – Android – Version 4.0.4.5 • Pebble Time app – Android – Version 3.10.0-976-0c219e8 • UA Record app – Android – Version 3.9.0.1 • SQLite Spy – Version 1.9.6 • Hex Workshop – Version 6.8.0.5419 • Perl/Python BriMor Labs - 2016
iOS data shout out • Special thanks to likely 2017 Forensic 4Cast Awards “Digital Forensic Book of the Year” nominee Heather Mahalik for providing me Pebble related iOS data* – Let’s make this happen! *Only cost me a couple pairs of LuLaRoe leggings & some Middleswarth chips BriMor Labs - 2016
BriMor Labs - 2016
What Was NOT Used • Cellebrite (This is the Open Source Digital Forensics Conference) • During the course of this research, no lying dormant cyber pathogens were harmed BriMor Labs - 2016
Why not Apple/Samsung/LG/etc.? • Wanted to choose smartwatches that can be used regardless of brand of phone or phone operating system • Pebble – Android, iOS, “unofficial official” Windows Phone • UA Band – Android, iOS BriMor Labs - 2016
Why use smart watches? • Helpful notifications (especially when driving) BriMor Labs - 2016
Why use smart watches? BriMor Labs - 2016
Why use smart watches? BriMor Labs - 2016
Why use smart watches? • Fitness/workout tracking BriMor Labs - 2016
Why use smart watches? • Fitness/workout tracking BriMor Labs - 2016 Inactive and out of shape
Why use smart watches? BriMor Labs - 2016 What’s the matter? The CIA got you pushing too many pencils?
Why use smart watches? BriMor Labs - 2016Tracking a weekend bike ride
Why use smart watches? BriMor Labs - 2016Tracking a round of golf
Why use smart watches? BriMor Labs - 2016Tracking your run
Why use smart watches? BriMor Labs - 2016 Remotely change music from this …
BriMor Labs - 2016… to this
Why use smart watches? BriMor Labs - 2016Tracking your sleep
Pebble Time Specs • Processor: ST Micro STM32F439ZG 180 MHz ARM Cortex-M4-based-MCU (100 MHz, single core) • Storage: Spansion S29VS128R 128MB, 65 nm MirrorBit Flash • Display: 1.25” color e-paper screen (144 x 168 pixels, 182 ppi) • Battery: 150 mAh, (average battery life of 7 days) • Bluetooth: TBD • Source: https://www.ifixit.com/Teardown/Pebble+Time+Teardown/42382 BriMor Labs - 2016
• Path: /data/data/com.getpebble.android.basalt – Make sure it is NOT “emulated” BriMor Labs - 2016 Pebble Time storage (Android mobile device)
BriMor Labs - 2016
• “datadatacom.getpebble.android.basaltdatabase spebble” is primary file of interest – SQLite database (as are most files on mobile devices these days) – Easy to view in any SQLite viewer or parse via scripting languages BriMor Labs - 2016 Pebble Time storage (Android mobile device)
BriMor Labs - 2016
• Table “android_apps” contains a listing of every application and application version installed on the device • Information is obviously needed for notifications sent to Pebble • Useful location if looking for an application/version BriMor Labs - 2016 Pebble Time storage (Android mobile device)
BriMor Labs - 2016
• Table “notifications” contains a listing of every notification that happened on the mobile device • Data is stored by Pebble app regardless of it being sent • Can contain INCREDIBLY useful information – NOTE: Database does get cleaned when user chooses to clear all notifications BriMor Labs - 2016 Pebble Time storage (Android mobile device)
BriMor Labs - 2016
• Table “timeline_items” contains a listing notifications actually sent to device • This data is stored as json inside of a SQLite database BriMor Labs - 2016 Pebble Time storage (Android mobile device)
BriMor Labs - 2016
• Table “weather_locations” contains a list of “locations” that the device receives weather updates • Can be useful to determine if an individual was in a certain place at a certain time BriMor Labs - 2016 Pebble Time storage (Android mobile device)
BriMor Labs - 2016
• SMS message notifications are stored under “notifications” table. – The “package_name” is bank, the “SOURCE” is “SMS” Remember, this can potentially contain messages that were deleted from the phone, cannot be recovered through any other tool/mechanism but ARE stored within this database! BriMor Labs - 2016 Pebble Time storage (Android mobile device)
BriMor Labs - 2016 Pebble Time storage (Android mobile device)
• Obligatory Pebble data on iOS devices slides • Main database of interest is named “PBMyPebbleAppDataCoreDataManager.sqlite” • “f97bcd6b4a35ff9054977f0f62d141cb6580737b” – iOS Backup file name (iOS 9 & earlier) BriMor Labs - 2016 Pebble Time storage (iOS devices)
BriMor Labs - 2016
Under Armour Band Specs • Processor: ARM Cortex M4 MCU CPU • Storage: 8MB onboard storage • 1.3” PMOLED touchscreen • Battery: 112 mAh battery (average battery life 5 days) • Bluetooth: Bluetooth 4.0 • Source: http://www.techradar.com/reviews/wearables/ua-band- 1312190/review BriMor Labs - 2016
UA Band storage (Android mobile device) • Path: /data/data/com.ua.record – Make sure it is NOT “emulated” BriMor Labs - 2016
BriMor Labs - 2016
• Primary folder of interest is “databases” • Folder contains several SQLite databases with kind of easy to decipher names – Kind of BriMor Labs - 2016 UA Band storage (Android mobile device)
UA Band storage (Android mobile device) BriMor Labs - 2016
• SQLite databases of particular interest (to date): – commonCache.db – mmdk_user – usadk_workout • As more research is done, it is likely more information will be found! BriMor Labs - 2016 UA Band storage (Android mobile device)
BriMor Labs - 2016 • commonCache.db contains the following tables of primary interest – Data Point • Can record notes about meals, entirely dependent on user – MfpDailyEnergy • Can contain detailed calorie information bout meals UA Band storage (Android mobile device)
BriMor Labs - 2016
BriMor Labs - 2016 • mmdk_user – Database contains information on the primary user associated with the UA Record account on mobile device – Also includes information on any “friends” of the user • Thanks Jessica!! UA Band storage (Android mobile device)
BriMor Labs - 2016
BriMor Labs - 2016 • usadk_workout – Contain information on workouts performed by user associated with the UA Record account on device – Also contains information on workouts performed by “friends” – DOES NOT include comments left on workout posts • That I have found thus far UA Band storage (Android mobile device)
BriMor Labs - 2016
UA Record - website • Limited information is available via the website • Most of the functionality is in the app on the mobile device BriMor Labs - 2016
UA Record - website BriMor Labs - 2016 Entry viewed on UA Record app NOTE: Average pace is 12:29
UA Record (Android app) • Much more functionality – Many more options to do many more things • One important note: “My Feed” does not appear to store any data on the device. So every time you want to see the feed, EVERYTHING gets downloaded again BriMor Labs - 2016
UA Record (Android app) BriMor Labs - 2016 Entry viewed on UA Record app NOTE: Average pace is 12:30
• Almost all app data is stored in metric increments – Joules – Meters – Meters/second – And more • This means things like pace/distance/weight/etc. can vary depending on how “ROUND” is computed on various platforms. BriMor Labs - 2016 UA Record (Android app)
Important Take Away(s) • Smart watches are essentially content notification devices – Require another device (mobile device) to “fully” work • Most of the interesting data will be stored on the mobile device itself • Connected apps/websites can have even MORE data! BriMor Labs - 2016
Important Take Away(s) • Timestamps are dependent on exact time on device/platform being analyzed & unit conversion(s) • Trust the raw data, but be prepared for slight time skew • No current method to “secure” most smart watches – It pains me to say this, but it is one thing that Apple got right BriMor Labs - 2016
Important Take Away(s) • If you are going to do something bad, don’t wear a smartwatch/fitness tracker • Additionally, if you are going to lie about something bad happening to you, don’t wear a smartwatch/fitness tracker BriMor Labs - 2016
Protecting your data • Only turn on notifications you want to record – NOTE: iOS will not allow the user to modify some notification settings • Open Pebble app on mobile device – Navigate to “Notifications” – Select “View All Apps” – Change slider from blue (on) to gray (off) accordingly BriMor Labs - 2016
BriMor Labs - 2016
Protecting your data • Clear notifications on a regular basis • On Pebble device, – Navigate to “Notifications” – Select “Clear All” • NOTE: You must have at least one notification on the Pebble device to clear the SQLite table on the mobile device BriMor Labs - 2016
Protecting your data BriMor Labs - 2016
Protecting your data • Use strong password(s) for your accounts • Don’t reuse passwords - Especially for 2nd/3rd party apps BriMor Labs - 2016 Examples of BAD passwords
Data parsing scripts • https://github.com/brimorlabs – allyourpebblearebelongtous.pl • Released June 2016 – allyouruarecordarebelongtous.pl • Released October 2016 • Why Perl? – Easier (for me) – Want companies (Cellebrite) to at least do a little work to make money off of open source research  BriMor Labs - 2016
allyourpebblearebelongtous.pl • Give the script a pebble database & output folder and let it run • Tries to figure out if it is iOS or android & parses data accordingly BriMor Labs - 2016 NOW FEATURING IOS PARSING CAPABILITIES!!
allyourpebblearebelongtous.pl BriMor Labs - 2016 Screenshot of script running
allyourpebblearebelongtous.pl • Produces easy to read HTML output for: – Android • Applications • Canned responses • Notifications • Phone numbers – iOS • Notifications BriMor Labs - 2016
Android - Output of parsed notifications BriMor Labs - 2016
iOS - Output of parsed notifications BriMor Labs - 2016
allyouruarecordarebelongtous.pl • Simply give the script: – UA Record database or directory – output folder BriMor Labs - 2016 SOON TO FEATURE IOS PARSING CAPABILITIES!!
BriMor Labs - 2016Screenshot of script running allyouruarecordarebelongtous.pl
• Produces easy to read HTML output for: – Android • Data points • Calorie data • User information • Workout entries – iOS • Coming soon!! BriMor Labs - 2016 allyouruarecordarebelongtous.pl
Android - Output of parsed Data Points BriMor Labs - 2016
Android - Output of parsed Calorie data BriMor Labs - 2016
Android - Output of parsed User Info BriMor Labs - 2016
Android - Output of parsed Workouts BriMor Labs - 2016
Android - Output of parsed Workouts BriMor Labs - 2016
Future development (DEPENDENT ON FREE TIME) • Collect more data and do more experimentation – Capturing traffic to/from smart watches is <STILL> my next goal • Expand to other smart watches & fitness trackers(maybe?) – Fitbit & Garmin are intriguing BriMor Labs - 2016
Questions? Contact Us! Email: brian@brimorlabs.com Phone: 443.834.8280 Website: www.brimorlabs.com Blog: www.brimorlabsblog.com Twitter: @BriMorLabs (work) @brianjmoran (personal) BriMor Labs - 2016
<FIN> BriMor Labs - 2016
MICROSOFT BAND 2 INFORMATION BriMor Labs - 2016
Microsoft Health BriMor Labs - 2016 Golf data viewed on Microsoft Health website
BriMor Labs - 2016 Golf data viewed on Microsoft Health app Microsoft Health Android app
Microsoft Health • Same methodology can be applied for all “tracking” aspects – Running – Workouts – Sleep – Calories – Etc. BriMor Labs - 2016
Microsoft Band 2 storage (Android mobile device) BriMor Labs - 2016 Look at database for file associated with “Sleeping” b0d94bd7-4b17-46f9-9733-090aebcbf0ae
BriMor Labs - 2016 Browse to “com.microsoft.kapp/files/responseCache/b0d94bd7- 4b17-46f9-9733-090aebcbf0ae” Microsoft Band 2 storage (Android mobile device)
BriMor Labs - 2016 Raw sleep data from app mobile device
Microsoft Health - website BriMor Labs - 2016 Sleep data viewed on Microsoft Health website NOTE: Asleep at 12:04AM
Microsoft Health app BriMor Labs - 2016 Sleep data viewed on Microsoft Health app NOTE: Asleep at 12:05 AM
Microsoft Band 2 Specs • Processor: ARM Cortex M4 MCU CPU • Storage: 64MB onboard storage • AMOLED Gorilla Glass 3 screen, 12.8mm x 32mm (0.5” x 1.25”), 320 x 128 pixels, 255ppi • Battery: Lithium Polymer battery (average battery life 48 hours) • Bluetooth: Bluetooth 4.0 • GPS • Source: http://www.pcadvisor.co.uk/review/activity-trackers/microsoft-band-vs- band-2-comparison-3626883/#productSpecificationFull BriMor Labs - 2016
Microsoft Band 2 storage (Android mobile device) • Path: /data/data/com.microsoft.kapp – Make sure it is NOT “emulated” BriMor Labs - 2016
BriMor Labs - 2016
• Primary folder of interest is “responseCache” – Found under “com.microsoft.kapp/files” • Folder contains files in json format with GUID type names – Names correlate to entries in SQLite database “cache.sqlite” found under the path “com.microsoft.kapp/databases” – IMPORTANT NOTE: Not all names have an entry, depending on Band usage BriMor Labs - 2016 Microsoft Band 2 storage (Android mobile device)
• Data in SQLite database notes a file related to “Golf” is stored as “/data/data/com.microsoft.kapp/files/responseCac he/9524a205-d3d6-4d7c-ad31-cbfba2e25840” BriMor Labs - 2016 Microsoft Band 2 storage (Android mobile device)
BriMor Labs - 2016 Microsoft Band 2 storage (Android mobile device)
BriMor Labs - 2016
• Highlights – Distance is stored in “cm” – Par was 71 – Total score was 85 – Scored par or better on 10 holes (Had a good front nine (+2), but ran into trouble on the back. Not too bad all in all considering I had a torn labrum in my hip) BriMor Labs - 2016 Microsoft Band 2 storage (Android mobile device)
Microsoft Health - website BriMor Labs - 2016
Microsoft Health - website BriMor Labs - 2016
Microsoft Health - website • Remember the text data from golfing earlier? • The data viewed in the application or on the web is much easier to understand BriMor Labs - 2016
Microsoft Health BriMor Labs - 2016 Golf data viewed on Microsoft Health website
BriMor Labs - 2016 Golf data viewed on Microsoft Health app Microsoft Health app
Microsoft Health • Same methodology can be applied for all “tracking” aspects – Running – Workouts – Sleep – Calories – Etc. BriMor Labs - 2016
BriMor Labs - 2016 Look at database for file associated with “Sleeping” b0d94bd7-4b17-46f9-9733-090aebcbf0ae Microsoft Band 2 storage (Android mobile device)
Microsoft Band 2 storage (Android mobile device) BriMor Labs - 2016 Browse to “com.microsoft.kapp/files/responseCache/b0d94bd7- 4b17-46f9-9733-090aebcbf0ae”
BriMor Labs - 2016 Raw sleep data on mobile device
Microsoft Health - website BriMor Labs - 2016 Sleep data viewed on Microsoft Health website NOTE: Asleep at 12:04AM
Microsoft Health app BriMor Labs - 2016 Sleep data viewed on Microsoft Health app NOTE: Asleep at 12:05 AM
Future development (DEPENDENT ON FREE TIME) • Check out a post by b0nb0n on jailbreaking the Microsoft fitness band – http://www.b0n0n.com/2016/04/20/ms-jailbreak/ • NOTE: This was done with the original Microsoft Band, my limited testing has been unsuccessful thus far on the Band 2 BriMor Labs - 2016

Recommended

Live Response Collection Overview
Live Response Collection OverviewLive Response Collection Overview
Live Response Collection Overview
BriMorLabs
 
BriMor Labs Live Response Collection
BriMor Labs Live Response CollectionBriMor Labs Live Response Collection
BriMor Labs Live Response Collection
BriMorLabs
 
BriMor Labs Live Response Collection - OSDFCON
BriMor Labs Live Response Collection - OSDFCONBriMor Labs Live Response Collection - OSDFCON
BriMor Labs Live Response Collection - OSDFCON
BriMorLabs
 
Who Watches the Smart Watches
Who Watches the Smart WatchesWho Watches the Smart Watches
Who Watches the Smart Watches
BriMorLabs
 
Wearables: The Comprehensive List of Smartwatch Operating Systems
Wearables: The Comprehensive List of Smartwatch Operating SystemsWearables: The Comprehensive List of Smartwatch Operating Systems
Wearables: The Comprehensive List of Smartwatch Operating Systems
Gil Bouhnick
 
Silicon Valley Code Camp 2014 - Advanced MongoDB
Silicon Valley Code Camp 2014 - Advanced MongoDBSilicon Valley Code Camp 2014 - Advanced MongoDB
Silicon Valley Code Camp 2014 - Advanced MongoDB
Daniel Coupal
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2drewz lin
 
Velocity building a performance lab for mobile apps in a day - final
Velocity building a performance lab for mobile apps in a day - finalVelocity building a performance lab for mobile apps in a day - final
Velocity building a performance lab for mobile apps in a day - final
Ashray Mathur
 

Recommended

Live Response Collection Overview
Live Response Collection OverviewLive Response Collection Overview
Live Response Collection Overview
BriMorLabs
 
BriMor Labs Live Response Collection
BriMor Labs Live Response CollectionBriMor Labs Live Response Collection
BriMor Labs Live Response Collection
BriMorLabs
 
BriMor Labs Live Response Collection - OSDFCON
BriMor Labs Live Response Collection - OSDFCONBriMor Labs Live Response Collection - OSDFCON
BriMor Labs Live Response Collection - OSDFCON
BriMorLabs
 
Who Watches the Smart Watches
Who Watches the Smart WatchesWho Watches the Smart Watches
Who Watches the Smart Watches
BriMorLabs
 
Wearables: The Comprehensive List of Smartwatch Operating Systems
Wearables: The Comprehensive List of Smartwatch Operating SystemsWearables: The Comprehensive List of Smartwatch Operating Systems
Wearables: The Comprehensive List of Smartwatch Operating Systems
Gil Bouhnick
 
Silicon Valley Code Camp 2014 - Advanced MongoDB
Silicon Valley Code Camp 2014 - Advanced MongoDBSilicon Valley Code Camp 2014 - Advanced MongoDB
Silicon Valley Code Camp 2014 - Advanced MongoDB
Daniel Coupal
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2drewz lin
 
Velocity building a performance lab for mobile apps in a day - final
Velocity building a performance lab for mobile apps in a day - finalVelocity building a performance lab for mobile apps in a day - final
Velocity building a performance lab for mobile apps in a day - final
Ashray Mathur
 
Wearables
WearablesWearables
WearablesCiprian Redinciuc
 
Wrangle 2016: Seeing Behaviors as Humans Do: Uncovering Hidden Patterns in Ti...
Wrangle 2016: Seeing Behaviors as Humans Do: Uncovering Hidden Patterns in Ti...Wrangle 2016: Seeing Behaviors as Humans Do: Uncovering Hidden Patterns in Ti...
Wrangle 2016: Seeing Behaviors as Humans Do: Uncovering Hidden Patterns in Ti...
WrangleConf
 
Mobile Penetration Testing: Episode 1 - The Forensic Menace
Mobile Penetration Testing: Episode 1 - The Forensic MenaceMobile Penetration Testing: Episode 1 - The Forensic Menace
Mobile Penetration Testing: Episode 1 - The Forensic Menace
NowSecure
 
SAMRTwatch
SAMRTwatchSAMRTwatch
SAMRTwatch
Ravi asodariya
 
MMRA / QRCA Mobile Qualitative - Using Mobile to Understand Customers
MMRA / QRCA Mobile Qualitative - Using Mobile to Understand CustomersMMRA / QRCA Mobile Qualitative - Using Mobile to Understand Customers
MMRA / QRCA Mobile Qualitative - Using Mobile to Understand CustomersThreads Qualitative Research
 
台科大機械系 c 程式語言第二次演講
台科大機械系 c 程式語言第二次演講台科大機械系 c 程式語言第二次演講
台科大機械系 c 程式語言第二次演講
Peter Chang
 
I can be apple and so can you
I can be apple and so can youI can be apple and so can you
I can be apple and so can you
Shakacon
 
Forensics WS Consolidated
Forensics WS ConsolidatedForensics WS Consolidated
Forensics WS ConsolidatedKarter Rohrer
 
Beyond Tomorrow
Beyond TomorrowBeyond Tomorrow
Beyond Tomorrow
Dotitude
 
Cross Device Optimisation - Google Analytics Shortcuts
Cross Device Optimisation - Google Analytics ShortcutsCross Device Optimisation - Google Analytics Shortcuts
Cross Device Optimisation - Google Analytics Shortcuts
Craig Sullivan
 
MCB_HL_v10.pdf
MCB_HL_v10.pdfMCB_HL_v10.pdf
MCB_HL_v10.pdf
RamonCuevas14
 
Mobile App Security: A Review
Mobile App Security: A ReviewMobile App Security: A Review
Mobile App Security: A Review
Umang Singh
 
Bad for Enterprise: Attacking BYOD enterprise mobility security solutions
Bad for Enterprise: Attacking BYOD enterprise mobility security solutionsBad for Enterprise: Attacking BYOD enterprise mobility security solutions
Bad for Enterprise: Attacking BYOD enterprise mobility security solutions
Priyanka Aash
 
[Wroclaw #1] Android Security Workshop
[Wroclaw #1] Android Security Workshop[Wroclaw #1] Android Security Workshop
[Wroclaw #1] Android Security Workshop
OWASP
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout Session
Splunk
 
Dr Di Liu - BOLD Mirror Setup
Dr Di Liu - BOLD Mirror SetupDr Di Liu - BOLD Mirror Setup
Dr Di Liu - BOLD Mirror Setup
Consortium for the Barcode of Life (CBOL)
 
Silicon Valley Code Camp 2016 - MongoDB in production
Silicon Valley Code Camp 2016 - MongoDB in productionSilicon Valley Code Camp 2016 - MongoDB in production
Silicon Valley Code Camp 2016 - MongoDB in production
Daniel Coupal
 
There's an App for That: Digital Forensic Realities for Mobile App Evidence, ...
There's an App for That: Digital Forensic Realities for Mobile App Evidence, ...There's an App for That: Digital Forensic Realities for Mobile App Evidence, ...
There's an App for That: Digital Forensic Realities for Mobile App Evidence, ...
Cellebrite
 
Consumer_Device_Privacy
Consumer_Device_PrivacyConsumer_Device_Privacy
Consumer_Device_PrivacyMatthew Hoy
 
DroidCon UK 2017 recap presentation
DroidCon UK 2017 recap presentationDroidCon UK 2017 recap presentation
DroidCon UK 2017 recap presentation
Matthew Groves
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 

More Related Content

Similar to Who Watches The Smart Watches

Wrangle 2016: Seeing Behaviors as Humans Do: Uncovering Hidden Patterns in Ti...
Wrangle 2016: Seeing Behaviors as Humans Do: Uncovering Hidden Patterns in Ti...Wrangle 2016: Seeing Behaviors as Humans Do: Uncovering Hidden Patterns in Ti...
Wrangle 2016: Seeing Behaviors as Humans Do: Uncovering Hidden Patterns in Ti...
WrangleConf
 
Mobile Penetration Testing: Episode 1 - The Forensic Menace
Mobile Penetration Testing: Episode 1 - The Forensic MenaceMobile Penetration Testing: Episode 1 - The Forensic Menace
Mobile Penetration Testing: Episode 1 - The Forensic Menace
NowSecure
 
SAMRTwatch
SAMRTwatchSAMRTwatch
SAMRTwatch
Ravi asodariya
 
MMRA / QRCA Mobile Qualitative - Using Mobile to Understand Customers
MMRA / QRCA Mobile Qualitative - Using Mobile to Understand CustomersMMRA / QRCA Mobile Qualitative - Using Mobile to Understand Customers
MMRA / QRCA Mobile Qualitative - Using Mobile to Understand CustomersThreads Qualitative Research
 
台科大機械系 c 程式語言第二次演講
台科大機械系 c 程式語言第二次演講台科大機械系 c 程式語言第二次演講
台科大機械系 c 程式語言第二次演講
Peter Chang
 
I can be apple and so can you
I can be apple and so can youI can be apple and so can you
I can be apple and so can you
Shakacon
 
Forensics WS Consolidated
Forensics WS ConsolidatedForensics WS Consolidated
Forensics WS ConsolidatedKarter Rohrer
 
Beyond Tomorrow
Beyond TomorrowBeyond Tomorrow
Beyond Tomorrow
Dotitude
 
Cross Device Optimisation - Google Analytics Shortcuts
Cross Device Optimisation - Google Analytics ShortcutsCross Device Optimisation - Google Analytics Shortcuts
Cross Device Optimisation - Google Analytics Shortcuts
Craig Sullivan
 
MCB_HL_v10.pdf
MCB_HL_v10.pdfMCB_HL_v10.pdf
MCB_HL_v10.pdf
RamonCuevas14
 
Mobile App Security: A Review
Mobile App Security: A ReviewMobile App Security: A Review
Mobile App Security: A Review
Umang Singh
 
Bad for Enterprise: Attacking BYOD enterprise mobility security solutions
Bad for Enterprise: Attacking BYOD enterprise mobility security solutionsBad for Enterprise: Attacking BYOD enterprise mobility security solutions
Bad for Enterprise: Attacking BYOD enterprise mobility security solutions
Priyanka Aash
 
[Wroclaw #1] Android Security Workshop
[Wroclaw #1] Android Security Workshop[Wroclaw #1] Android Security Workshop
[Wroclaw #1] Android Security Workshop
OWASP
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout Session
Splunk
 
Dr Di Liu - BOLD Mirror Setup
Dr Di Liu - BOLD Mirror SetupDr Di Liu - BOLD Mirror Setup
Dr Di Liu - BOLD Mirror Setup
Consortium for the Barcode of Life (CBOL)
 
Silicon Valley Code Camp 2016 - MongoDB in production
Silicon Valley Code Camp 2016 - MongoDB in productionSilicon Valley Code Camp 2016 - MongoDB in production
Silicon Valley Code Camp 2016 - MongoDB in production
Daniel Coupal
 
There's an App for That: Digital Forensic Realities for Mobile App Evidence, ...
There's an App for That: Digital Forensic Realities for Mobile App Evidence, ...There's an App for That: Digital Forensic Realities for Mobile App Evidence, ...
There's an App for That: Digital Forensic Realities for Mobile App Evidence, ...
Cellebrite
 
Consumer_Device_Privacy
Consumer_Device_PrivacyConsumer_Device_Privacy
Consumer_Device_PrivacyMatthew Hoy
 
DroidCon UK 2017 recap presentation
DroidCon UK 2017 recap presentationDroidCon UK 2017 recap presentation
DroidCon UK 2017 recap presentation
Matthew Groves
 

Similar to Who Watches The Smart Watches (20)

Wearables
WearablesWearables
Wearables
 
Wrangle 2016: Seeing Behaviors as Humans Do: Uncovering Hidden Patterns in Ti...
Wrangle 2016: Seeing Behaviors as Humans Do: Uncovering Hidden Patterns in Ti...Wrangle 2016: Seeing Behaviors as Humans Do: Uncovering Hidden Patterns in Ti...
Wrangle 2016: Seeing Behaviors as Humans Do: Uncovering Hidden Patterns in Ti...
 
Mobile Penetration Testing: Episode 1 - The Forensic Menace
Mobile Penetration Testing: Episode 1 - The Forensic MenaceMobile Penetration Testing: Episode 1 - The Forensic Menace
Mobile Penetration Testing: Episode 1 - The Forensic Menace
 
SAMRTwatch
SAMRTwatchSAMRTwatch
SAMRTwatch
 
MMRA / QRCA Mobile Qualitative - Using Mobile to Understand Customers
MMRA / QRCA Mobile Qualitative - Using Mobile to Understand CustomersMMRA / QRCA Mobile Qualitative - Using Mobile to Understand Customers
MMRA / QRCA Mobile Qualitative - Using Mobile to Understand Customers
 
台科大機械系 c 程式語言第二次演講
台科大機械系 c 程式語言第二次演講台科大機械系 c 程式語言第二次演講
台科大機械系 c 程式語言第二次演講
 
I can be apple and so can you
I can be apple and so can youI can be apple and so can you
I can be apple and so can you
 
Forensics WS Consolidated
Forensics WS ConsolidatedForensics WS Consolidated
Forensics WS Consolidated
 
Beyond Tomorrow
Beyond TomorrowBeyond Tomorrow
Beyond Tomorrow
 
Cross Device Optimisation - Google Analytics Shortcuts
Cross Device Optimisation - Google Analytics ShortcutsCross Device Optimisation - Google Analytics Shortcuts
Cross Device Optimisation - Google Analytics Shortcuts
 
MCB_HL_v10.pdf
MCB_HL_v10.pdfMCB_HL_v10.pdf
MCB_HL_v10.pdf
 
Mobile App Security: A Review
Mobile App Security: A ReviewMobile App Security: A Review
Mobile App Security: A Review
 
Bad for Enterprise: Attacking BYOD enterprise mobility security solutions
Bad for Enterprise: Attacking BYOD enterprise mobility security solutionsBad for Enterprise: Attacking BYOD enterprise mobility security solutions
Bad for Enterprise: Attacking BYOD enterprise mobility security solutions
 
[Wroclaw #1] Android Security Workshop
[Wroclaw #1] Android Security Workshop[Wroclaw #1] Android Security Workshop
[Wroclaw #1] Android Security Workshop
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout Session
 
Dr Di Liu - BOLD Mirror Setup
Dr Di Liu - BOLD Mirror SetupDr Di Liu - BOLD Mirror Setup
Dr Di Liu - BOLD Mirror Setup
 
Silicon Valley Code Camp 2016 - MongoDB in production
Silicon Valley Code Camp 2016 - MongoDB in productionSilicon Valley Code Camp 2016 - MongoDB in production
Silicon Valley Code Camp 2016 - MongoDB in production
 
There's an App for That: Digital Forensic Realities for Mobile App Evidence, ...
There's an App for That: Digital Forensic Realities for Mobile App Evidence, ...There's an App for That: Digital Forensic Realities for Mobile App Evidence, ...
There's an App for That: Digital Forensic Realities for Mobile App Evidence, ...
 
Consumer_Device_Privacy
Consumer_Device_PrivacyConsumer_Device_Privacy
Consumer_Device_Privacy
 
DroidCon UK 2017 recap presentation
DroidCon UK 2017 recap presentationDroidCon UK 2017 recap presentation
DroidCon UK 2017 recap presentation
 

Recently uploaded

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 

Recently uploaded (20)

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 

Who Watches The Smart Watches

  • 1. Brian Moran Digital Strategy Consultant - BriMor Labs Millersville, Maryland OCTOBER 26 2016
  • 2. A Brief List of Topics • Why use these confounded devices? • Pebble Time • UA Band • Ways to protect your data • Future research goals • Q & A BriMor Labs - 2016
  • 3. The Introductory Introduction • Hello, my name is Brian Moran – Hi Brian! • 13 years Air Force Active Duty – 10 years mobile exploitation/DFIR experience • Worked here…. BriMor Labs - 2016
  • 5. Hardware Used • Samsung Galaxy Note II (SCH-i605) – rooted – Running Android 4.4.2 • Pebble Time – Running 3.10 • UA Band – Running 1.17.1.14 • Microsoft Band 2 – Running 2.0.4215.0 26R BriMor Labs - 2016
  • 6. Sad day on October 3, 2016 BriMor Labs - 2016
  • 7. Sad day on October 3, 2016 • Microsoft announced it was ending sales of the Band 2 – SDK also removed – “No current plans for Band 3” • Rather than cover a portion of my talk on (now) legacy hardware, purchased a UA Band to research same information – Only had a few weeks of data & research, there is definitely more to come! BriMor Labs - 2016
  • 8. But some good news for you • The offline version of this presentation will also include the Band 2 slides – In case you encounter a Band 2 or were curious about it • This presentation, however, will NOT cover the Band 2 at all BriMor Labs - 2016
  • 9. Software Used • ES File Explorer app – Android – Version 4.0.4.5 • Pebble Time app – Android – Version 3.10.0-976-0c219e8 • UA Record app – Android – Version 3.9.0.1 • SQLite Spy – Version 1.9.6 • Hex Workshop – Version 6.8.0.5419 • Perl/Python BriMor Labs - 2016
  • 10. iOS data shout out • Special thanks to likely 2017 Forensic 4Cast Awards “Digital Forensic Book of the Year” nominee Heather Mahalik for providing me Pebble related iOS data* – Let’s make this happen! *Only cost me a couple pairs of LuLaRoe leggings & some Middleswarth chips BriMor Labs - 2016
  • 12. What Was NOT Used • Cellebrite (This is the Open Source Digital Forensics Conference) • During the course of this research, no lying dormant cyber pathogens were harmed BriMor Labs - 2016
  • 13. Why not Apple/Samsung/LG/etc.? • Wanted to choose smartwatches that can be used regardless of brand of phone or phone operating system • Pebble – Android, iOS, “unofficial official” Windows Phone • UA Band – Android, iOS BriMor Labs - 2016
  • 14. Why use smart watches? • Helpful notifications (especially when driving) BriMor Labs - 2016
  • 15. Why use smart watches? BriMor Labs - 2016
  • 16. Why use smart watches? BriMor Labs - 2016
  • 17. Why use smart watches? • Fitness/workout tracking BriMor Labs - 2016
  • 18. Why use smart watches? • Fitness/workout tracking BriMor Labs - 2016 Inactive and out of shape
  • 19. Why use smart watches? BriMor Labs - 2016 What’s the matter? The CIA got you pushing too many pencils?
  • 20. Why use smart watches? BriMor Labs - 2016Tracking a weekend bike ride
  • 21. Why use smart watches? BriMor Labs - 2016Tracking a round of golf
  • 22. Why use smart watches? BriMor Labs - 2016Tracking your run
  • 23. Why use smart watches? BriMor Labs - 2016 Remotely change music from this …
  • 24. BriMor Labs - 2016… to this
  • 25. Why use smart watches? BriMor Labs - 2016Tracking your sleep
  • 26. Pebble Time Specs • Processor: ST Micro STM32F439ZG 180 MHz ARM Cortex-M4-based-MCU (100 MHz, single core) • Storage: Spansion S29VS128R 128MB, 65 nm MirrorBit Flash • Display: 1.25” color e-paper screen (144 x 168 pixels, 182 ppi) • Battery: 150 mAh, (average battery life of 7 days) • Bluetooth: TBD • Source: https://www.ifixit.com/Teardown/Pebble+Time+Teardown/42382 BriMor Labs - 2016
  • 27. • Path: /data/data/com.getpebble.android.basalt – Make sure it is NOT “emulated” BriMor Labs - 2016 Pebble Time storage (Android mobile device)
  • 29. • “datadatacom.getpebble.android.basaltdatabase spebble” is primary file of interest – SQLite database (as are most files on mobile devices these days) – Easy to view in any SQLite viewer or parse via scripting languages BriMor Labs - 2016 Pebble Time storage (Android mobile device)
  • 31. • Table “android_apps” contains a listing of every application and application version installed on the device • Information is obviously needed for notifications sent to Pebble • Useful location if looking for an application/version BriMor Labs - 2016 Pebble Time storage (Android mobile device)
  • 33. • Table “notifications” contains a listing of every notification that happened on the mobile device • Data is stored by Pebble app regardless of it being sent • Can contain INCREDIBLY useful information – NOTE: Database does get cleaned when user chooses to clear all notifications BriMor Labs - 2016 Pebble Time storage (Android mobile device)
  • 35. • Table “timeline_items” contains a listing notifications actually sent to device • This data is stored as json inside of a SQLite database BriMor Labs - 2016 Pebble Time storage (Android mobile device)
  • 37. • Table “weather_locations” contains a list of “locations” that the device receives weather updates • Can be useful to determine if an individual was in a certain place at a certain time BriMor Labs - 2016 Pebble Time storage (Android mobile device)
  • 39. • SMS message notifications are stored under “notifications” table. – The “package_name” is bank, the “SOURCE” is “SMS” Remember, this can potentially contain messages that were deleted from the phone, cannot be recovered through any other tool/mechanism but ARE stored within this database! BriMor Labs - 2016 Pebble Time storage (Android mobile device)
  • 40. BriMor Labs - 2016 Pebble Time storage (Android mobile device)
  • 41. • Obligatory Pebble data on iOS devices slides • Main database of interest is named “PBMyPebbleAppDataCoreDataManager.sqlite” • “f97bcd6b4a35ff9054977f0f62d141cb6580737b” – iOS Backup file name (iOS 9 & earlier) BriMor Labs - 2016 Pebble Time storage (iOS devices)
  • 43. Under Armour Band Specs • Processor: ARM Cortex M4 MCU CPU • Storage: 8MB onboard storage • 1.3” PMOLED touchscreen • Battery: 112 mAh battery (average battery life 5 days) • Bluetooth: Bluetooth 4.0 • Source: http://www.techradar.com/reviews/wearables/ua-band- 1312190/review BriMor Labs - 2016
  • 44. UA Band storage (Android mobile device) • Path: /data/data/com.ua.record – Make sure it is NOT “emulated” BriMor Labs - 2016
  • 46. • Primary folder of interest is “databases” • Folder contains several SQLite databases with kind of easy to decipher names – Kind of BriMor Labs - 2016 UA Band storage (Android mobile device)
  • 47. UA Band storage (Android mobile device) BriMor Labs - 2016
  • 48. • SQLite databases of particular interest (to date): – commonCache.db – mmdk_user – usadk_workout • As more research is done, it is likely more information will be found! BriMor Labs - 2016 UA Band storage (Android mobile device)
  • 49. BriMor Labs - 2016 • commonCache.db contains the following tables of primary interest – Data Point • Can record notes about meals, entirely dependent on user – MfpDailyEnergy • Can contain detailed calorie information bout meals UA Band storage (Android mobile device)
  • 51. BriMor Labs - 2016 • mmdk_user – Database contains information on the primary user associated with the UA Record account on mobile device – Also includes information on any “friends” of the user • Thanks Jessica!! UA Band storage (Android mobile device)
  • 53. BriMor Labs - 2016 • usadk_workout – Contain information on workouts performed by user associated with the UA Record account on device – Also contains information on workouts performed by “friends” – DOES NOT include comments left on workout posts • That I have found thus far UA Band storage (Android mobile device)
  • 55. UA Record - website • Limited information is available via the website • Most of the functionality is in the app on the mobile device BriMor Labs - 2016
  • 56. UA Record - website BriMor Labs - 2016 Entry viewed on UA Record app NOTE: Average pace is 12:29
  • 57. UA Record (Android app) • Much more functionality – Many more options to do many more things • One important note: “My Feed” does not appear to store any data on the device. So every time you want to see the feed, EVERYTHING gets downloaded again BriMor Labs - 2016
  • 58. UA Record (Android app) BriMor Labs - 2016 Entry viewed on UA Record app NOTE: Average pace is 12:30
  • 59. • Almost all app data is stored in metric increments – Joules – Meters – Meters/second – And more • This means things like pace/distance/weight/etc. can vary depending on how “ROUND” is computed on various platforms. BriMor Labs - 2016 UA Record (Android app)
  • 60. Important Take Away(s) • Smart watches are essentially content notification devices – Require another device (mobile device) to “fully” work • Most of the interesting data will be stored on the mobile device itself • Connected apps/websites can have even MORE data! BriMor Labs - 2016
  • 61. Important Take Away(s) • Timestamps are dependent on exact time on device/platform being analyzed & unit conversion(s) • Trust the raw data, but be prepared for slight time skew • No current method to “secure” most smart watches – It pains me to say this, but it is one thing that Apple got right BriMor Labs - 2016
  • 62. Important Take Away(s) • If you are going to do something bad, don’t wear a smartwatch/fitness tracker • Additionally, if you are going to lie about something bad happening to you, don’t wear a smartwatch/fitness tracker BriMor Labs - 2016
  • 63.
  • 64.
  • 65. Protecting your data • Only turn on notifications you want to record – NOTE: iOS will not allow the user to modify some notification settings • Open Pebble app on mobile device – Navigate to “Notifications” – Select “View All Apps” – Change slider from blue (on) to gray (off) accordingly BriMor Labs - 2016
  • 67. Protecting your data • Clear notifications on a regular basis • On Pebble device, – Navigate to “Notifications” – Select “Clear All” • NOTE: You must have at least one notification on the Pebble device to clear the SQLite table on the mobile device BriMor Labs - 2016
  • 69. Protecting your data • Use strong password(s) for your accounts • Don’t reuse passwords - Especially for 2nd/3rd party apps BriMor Labs - 2016 Examples of BAD passwords
  • 70. Data parsing scripts • https://github.com/brimorlabs – allyourpebblearebelongtous.pl • Released June 2016 – allyouruarecordarebelongtous.pl • Released October 2016 • Why Perl? – Easier (for me) – Want companies (Cellebrite) to at least do a little work to make money off of open source research  BriMor Labs - 2016
  • 71. allyourpebblearebelongtous.pl • Give the script a pebble database & output folder and let it run • Tries to figure out if it is iOS or android & parses data accordingly BriMor Labs - 2016 NOW FEATURING IOS PARSING CAPABILITIES!!
  • 72. allyourpebblearebelongtous.pl BriMor Labs - 2016 Screenshot of script running
  • 73. allyourpebblearebelongtous.pl • Produces easy to read HTML output for: – Android • Applications • Canned responses • Notifications • Phone numbers – iOS • Notifications BriMor Labs - 2016
  • 74. Android - Output of parsed notifications BriMor Labs - 2016
  • 75. iOS - Output of parsed notifications BriMor Labs - 2016
  • 76. allyouruarecordarebelongtous.pl • Simply give the script: – UA Record database or directory – output folder BriMor Labs - 2016 SOON TO FEATURE IOS PARSING CAPABILITIES!!
  • 77. BriMor Labs - 2016Screenshot of script running allyouruarecordarebelongtous.pl
  • 78. • Produces easy to read HTML output for: – Android • Data points • Calorie data • User information • Workout entries – iOS • Coming soon!! BriMor Labs - 2016 allyouruarecordarebelongtous.pl
  • 79. Android - Output of parsed Data Points BriMor Labs - 2016
  • 80. Android - Output of parsed Calorie data BriMor Labs - 2016
  • 81. Android - Output of parsed User Info BriMor Labs - 2016
  • 82. Android - Output of parsed Workouts BriMor Labs - 2016
  • 83. Android - Output of parsed Workouts BriMor Labs - 2016
  • 84. Future development (DEPENDENT ON FREE TIME) • Collect more data and do more experimentation – Capturing traffic to/from smart watches is <STILL> my next goal • Expand to other smart watches & fitness trackers(maybe?) – Fitbit & Garmin are intriguing BriMor Labs - 2016
  • 85. Questions? Contact Us! Email: brian@brimorlabs.com Phone: 443.834.8280 Website: www.brimorlabs.com Blog: www.brimorlabsblog.com Twitter: @BriMorLabs (work) @brianjmoran (personal) BriMor Labs - 2016
  • 88. Microsoft Health BriMor Labs - 2016 Golf data viewed on Microsoft Health website
  • 89. BriMor Labs - 2016 Golf data viewed on Microsoft Health app Microsoft Health Android app
  • 90. Microsoft Health • Same methodology can be applied for all “tracking” aspects – Running – Workouts – Sleep – Calories – Etc. BriMor Labs - 2016
  • 91. Microsoft Band 2 storage (Android mobile device) BriMor Labs - 2016 Look at database for file associated with “Sleeping” b0d94bd7-4b17-46f9-9733-090aebcbf0ae
  • 92. BriMor Labs - 2016 Browse to “com.microsoft.kapp/files/responseCache/b0d94bd7- 4b17-46f9-9733-090aebcbf0ae” Microsoft Band 2 storage (Android mobile device)
  • 93. BriMor Labs - 2016 Raw sleep data from app mobile device
  • 94. Microsoft Health - website BriMor Labs - 2016 Sleep data viewed on Microsoft Health website NOTE: Asleep at 12:04AM
  • 95. Microsoft Health app BriMor Labs - 2016 Sleep data viewed on Microsoft Health app NOTE: Asleep at 12:05 AM
  • 96. Microsoft Band 2 Specs • Processor: ARM Cortex M4 MCU CPU • Storage: 64MB onboard storage • AMOLED Gorilla Glass 3 screen, 12.8mm x 32mm (0.5” x 1.25”), 320 x 128 pixels, 255ppi • Battery: Lithium Polymer battery (average battery life 48 hours) • Bluetooth: Bluetooth 4.0 • GPS • Source: http://www.pcadvisor.co.uk/review/activity-trackers/microsoft-band-vs- band-2-comparison-3626883/#productSpecificationFull BriMor Labs - 2016
  • 97. Microsoft Band 2 storage (Android mobile device) • Path: /data/data/com.microsoft.kapp – Make sure it is NOT “emulated” BriMor Labs - 2016
  • 99. • Primary folder of interest is “responseCache” – Found under “com.microsoft.kapp/files” • Folder contains files in json format with GUID type names – Names correlate to entries in SQLite database “cache.sqlite” found under the path “com.microsoft.kapp/databases” – IMPORTANT NOTE: Not all names have an entry, depending on Band usage BriMor Labs - 2016 Microsoft Band 2 storage (Android mobile device)
  • 100. • Data in SQLite database notes a file related to “Golf” is stored as “/data/data/com.microsoft.kapp/files/responseCac he/9524a205-d3d6-4d7c-ad31-cbfba2e25840” BriMor Labs - 2016 Microsoft Band 2 storage (Android mobile device)
  • 101. BriMor Labs - 2016 Microsoft Band 2 storage (Android mobile device)
  • 102. BriMor Labs - 2016
  • 103. • Highlights – Distance is stored in “cm” – Par was 71 – Total score was 85 – Scored par or better on 10 holes (Had a good front nine (+2), but ran into trouble on the back. Not too bad all in all considering I had a torn labrum in my hip) BriMor Labs - 2016 Microsoft Band 2 storage (Android mobile device)
  • 104. Microsoft Health - website BriMor Labs - 2016
  • 105. Microsoft Health - website BriMor Labs - 2016
  • 106. Microsoft Health - website • Remember the text data from golfing earlier? • The data viewed in the application or on the web is much easier to understand BriMor Labs - 2016
  • 107. Microsoft Health BriMor Labs - 2016 Golf data viewed on Microsoft Health website
  • 108. BriMor Labs - 2016 Golf data viewed on Microsoft Health app Microsoft Health app
  • 109. Microsoft Health • Same methodology can be applied for all “tracking” aspects – Running – Workouts – Sleep – Calories – Etc. BriMor Labs - 2016
  • 110. BriMor Labs - 2016 Look at database for file associated with “Sleeping” b0d94bd7-4b17-46f9-9733-090aebcbf0ae Microsoft Band 2 storage (Android mobile device)
  • 111. Microsoft Band 2 storage (Android mobile device) BriMor Labs - 2016 Browse to “com.microsoft.kapp/files/responseCache/b0d94bd7- 4b17-46f9-9733-090aebcbf0ae”
  • 112. BriMor Labs - 2016 Raw sleep data on mobile device
  • 113. Microsoft Health - website BriMor Labs - 2016 Sleep data viewed on Microsoft Health website NOTE: Asleep at 12:04AM
  • 114. Microsoft Health app BriMor Labs - 2016 Sleep data viewed on Microsoft Health app NOTE: Asleep at 12:05 AM
  • 115. Future development (DEPENDENT ON FREE TIME) • Check out a post by b0nb0n on jailbreaking the Microsoft fitness band – http://www.b0n0n.com/2016/04/20/ms-jailbreak/ • NOTE: This was done with the original Microsoft Band, my limited testing has been unsuccessful thus far on the Band 2 BriMor Labs - 2016