Password Leak Analysis
Wearables are still at the beginning of their development. The future will not only bring the portable computers in pretty much every household but also into offices and businesses. That isn’t always an advantage but they can be invasive and apparently unjust.
A look at online stores worldwide shows that Wearables are not considered to be absolutely vital for the continued existence of humanity, even though the biometric data they record can be of help when it comes to health. Humans have managed to stay in shape for generations, even without a Fitbit and hardly anyone’s ever missed an important e-mail despite there not being Google Glass to display them right away. Reading text messages on your wrist is nice and all, but it’s still just gadgetry. The weather can be deducted by looking out of the window, which makes the accurate-to-the-second weather data on Samsung’s Galaxy Gear somewhat superfluous. Basically: Wearables are gadgets at this point.
Still, the eyes of developers and the tech industry as well as those of security consultants everywhere are on the new technology. Because nobody doubts that Wearables will move away from the fringes of technology and become major players. The only question is where this future lies. Will end users like the typical smartphone user have that much of an advantage when they buy a smart watch? Will data glasses only be used by an industry? What about the medicine sector? Will fitness trackers ever become legitimate medical diagnostic devices?
Fact is hat manufacturers of Wearables are working on getting their product away from having the responsibility of being a de facto useless toy. They want to offer their clients real value and be more than just a pretty display on the wearer’s body. Also, a healthy price/service ratio should be maintained because no hobby sportsman with ambition will buy a tracker. A pulse measuring watch from Polar only costs about 64 Swiss Francs, but it only offers a fraction of the features that a Withings Pulse offers. The Withings Pulse costs about twice as much, but records way more data, sleep phases among it, and can be coupled with a smartphone.
The advantage of the gadgets just might be the fact that they don’t have a specific function yet. Therefore, they’re something completely new for everyone involved, no set rules and few limits. This allows for developers as well as the industry to play, furthers creativity on all sides. Developers try new things, they get tested by early adopters. Not only bugs appear during that testing, but also new needs of the user base and – most importantly – more ideas. Maybe that will prove to be the way by which Wearables organically find their niche in our society. A first bit of progress has been made: Fitness trackers show the world how humans can directly influence and interact with technology by using more than just the tips of their fingers.
Sooner or later, just like with any product, the fulfilling of a need will be of vital importance. To do that, a market can establish itself, in which a specific and direct competition between vendors can happen.
But for developers, another battle begins. Because a search for Wearables invariably leads to fitness trackers. It seems, as if the marketing departments of this world have cornered the market on this term. Apparently, a Wearable must be a device that records biometric data. But just with measuring biometrics and analyzing them online, it’s not done. Because the human body, as interesting and seemingly infinitely lucrative as it might be, shouldn’t be the only target of the new technology. Maybe the mobile phone will be replaced. But that can only happen if the technology needed to do just that will be supported by developers, industry and customers, be it with knowledge or money.
To end users, one need is clear: They must not be disturbed by the Wearable. The device must not hinder mobility and it can’t irritate the wearer by an overabundance of visual, auditory and sensual cues. Because as soon as this is the case, the Wearable is being taken off and left at home. Or it gets the same treatment as the clunky wrist watch on the office desk of a man who types on his computer all day long: it’s being put next to the keyboard and doesn’t fulfill any function.
Assuming the model of the smart watch, the multifunctional wrist mounted computer, will end up being the standard, battery life will become important. Prior to the release of Samsung’s Galaxy Gear, the device was eagerly awaited and got a lot of pre-release praise. But the reviews were mostly negative after the release. Apple co-founder Steve Wozniak called the device worthless and got rid of it after half a day. He was not happy with the screen and – despite his love for Android devices – the functionality. Apart from the cumbersome handling and the limited features, the limited battery life also got mentioned.
When looking at the tech market and the finances involved, Wearables should gain a lot of traction. Because for companies like health insurance agencies or others whose business is related to human health, medical diagnostic devices will be of great importance.
The concept that the early adopters have discovered for themselves already – the quantifying and monitoring of their own bodily functions – could prove to be a lucrative business model. An example: If a client walks 10000 steps a day, he gets 10 Francs off of his insurance premium. Further possible factors: A certain time spent on physical activity a day, healthy diet – that can be analysed with blood checks and insulin spikes -, sleep phase analysis or the avoiding of agitation.
To maximize incentives and effects of this method, insurance companies can implement gamification and make health a game. After ten minutes of sports, the insured person gets a virtual merit badge, similar to the achievements players get on the PlayStation Network or Xbox Live.
On the other hand, if we turn this around, the situation suddenly seems unjust: All those who don’t want to measure and quantify themselves 24 hours a day will have a lower score than the ones who do. Subsequently, they will pay more insurance premium. Insurance companies will most likely claim that the 24 hour live diagnostic will minimize insurance fraud. Because if someone can get the achievement that they get for ten minutes of sports a day, then that someone may not be eligible to get disability insurance.
But even the middle class worker will be at a disadvantage due to the surveillance. If the wallet decides who can allow themselves to have the occasional snack, then only the rich will be able to have a steak with fries on a Saturday, followed by two pieces of cake and four to five pints of beer. The middle class, who’s complaining about the rising premiums every year anyways, won’t be able to do this anymore. Unless they want to go broke. Unless they are good at calculating. Of course this will apply to smoking. Smokers will invariably have to pay more due to the cigarettes, pipes and cigars they smoke.
Also, insurance companies will have very accurate and very current health data of their clients. The client basically gives up his or her privacy in order to save a few francs.
Swiss popular science TV magazine Einstein has recently broadcast a segment on the quantifiable self and shown just how all this might work in reality.
Even if insurance companies decide against the premium model where health data affects the price customers pay, the medical sector will be paying very close attention to the portable computers. This is because the constant stream of data could make life a lot easier for patients as well as doctors.
Doctors could be monitoring blood pressure in real time. Psychologists know exactly when their patient’s stress levels are at a max and can deduct what causes the stress by means of data correlation. Personal trainers can develop better workout routines for their clients and Google Glass could help a mechanic by diagnosing damaged parts of a system in real time. Bundle that up with Augmented Reality and faulty parts could be highlighted after the glasses have been loaded with the blueprints and renders of the machine.
This, of course, raises many questions for IT Security in companies. Mainly: How to deal with the devices? Which permissions and rights should be awarded to users, if they have to use a set of data goggles to analyze a machine whose blueprints are confidential? How secure are business mails on a smart watch? What could an attacker do with the biometric data of the company’s CEO? How are the challenges being met, assuming that Wearables not only have the potential to do harm but also a future in society?
Because that’s the point at which security concerns clash with the concept of share everything. It doesn’t always make sense in an economic context to share everything with everyone. There needs to be a system for device management policies similar to the aptly named Device Management Policies for Android. Otherwise, the future of Wearables in business is on thin ice, simply because the widespread implementation is just too risky for sensitive data in a company. Improving security after a deliberate or accidental data leak is good and makes sense. However, it makes much more sense to try to avoid any and all data leaks before they occur.
As of June 2014, Android Wear is on the market. Smart watches are treading on new ground because for the first time, one of the global players, Google in this case, are hopping on the Wearable bandwagon. The two biggest competitors Apple and Microsoft don’t have anything comparable on sale yet.
Samsung, Motorola and LG have launched their first devices that employ the new Google Wear User Interface (UI). The products by Samsung and LG are visually similar. Square screen and Wear UI, which is “locked down”: http://www.forbes.com/sites/marcochiappetta/2014/06/30/google-is-locking-down-the-ui-on-new-android-wear-tv-and-auto-spin-offs. Motorola’s Moto 360 on the other hand is round. This will certainly be an advantage in terms of comfort while wearing as it just manages to avoid covering the end of the ulna.
In addition to all that, there’s also the size of the service package customers get. Companies that offer a complete solution in addition to offering interoperability will be at an advantage and thus, they just might corner the market for themselves.
What seems inevitable, though, is the departure of the Wearable from the idea that it needs to be tied to the mobile phone. As of right now, Wearables aren’t independent devices. They need a mobile phone close by in order to function. Should this evolution of Wearables not take place they will never be a serious competitor to the smartphone. Still, the option to pair the Wearable with a phone should be present, because users are used to it.
Subsequently, the Venn diagram that Brian Moore drew up needs to be expanded, not just as a declaration of intent to the mobile phone industry but also as an idea for developers. What could fit into the green circle? Which device will be the first one that is worn on the body and manages to be completely independent from the smartphone without losing the chance of interacting with the devices as well as having at least the same amount of features as the mobile phone?
But not only the devices need to be reclassified. When it comes to risk assessment, they will probably have to be reevaluated quite a number of times until they’re firmly established. Because back in the day, even smartphones were considered gadgetry without any real use. Not a decade has passed since then and smartphones have become an integral part of our everyday lives. The former market leader, Blackberry, has been relegated to a niche. Smartphones have established themselves successfully as a product that not only satisfies the needs of end consumers but also that of businesses. So smartphones had to be reevaluated, because suddenly, there were sensitive business mails and other data on the phones.
Wearables will go through a similar evolution. Today, they’re a gadget full of obvious potential. As soon as they become independent devices and will find their way into the business world, they need to be reevaluated.
Wearables are still being pioneered. They’re not only offering unheard of new possibilities but also new risks, be they for technology or for users.
What can be said for sure: Wearables have a future ahead of them. They’re not going to disappear any time soon and for end users, there are both risks and possibilities.
Our experts will get in contact with you!
Our experts will get in contact with you!
Further articles available here