Story image

European Commission urges recall of children's smartwatch

05 Feb 2019

If you’ve been on a trip to Germany recently and picked up a few gifts for the family, you might want to take note if you happened to by the Enox Safe-KID-One smartwatch for children.

Despite ‘Safe’ being in the watch’s name, it’s actually anything but safe. In fact, the European Commission has gone as far as urging distributors to recall every single watch from anyone who was unlucky enough to buy it because it’s a ‘serious risk’.

Enox Group, the company behind the Safe-KID-One, describes the smartwatch as a high-tech GPS safety and surveillance watch that helps parents keep track of and talk to their children all the time.

“Through downloading of an app in your smartphone (QR Code included in the user Manual), you can locate and follow your kid – almost to the metre – on a GPS map in your Smartphone. You can, also, follow the route of your kid the last 30 minutes, 60 minutes etc, through recording and playback of movements,” a product sheet on the company’s website says.

The problem is, according to the European Commission, the smartwatch and its app are so unsecure that anyone could hack into the watch, track the child, or talk to them.

“The mobile application accompanying the watch has unencrypted communications with its backend server and the server enables unauthenticated access to data. As a consequence, the data such as location history, phone numbers, serial number can easily be retrieved and changed,” says a statement.

“A malicious user can send commands to any watch making it call another number of his choosing, can communicate with the child wearing the device or locate the child through GPS.”

It’s not so hard to see why that might be a problem – the watch’s inbuilt speaker and microphone could broadcast just about anything.

“The kid has 3 one-click phone call buttons; e.g. For mum, dad and grandma.” Furthermore, it has an SOS button on the watch, which does, by one click for 3 seconds, call or text all 3 parties. Only pre-listed parties can call the kid.”

If hackers got in and changed those numbers, suddenly mum and dad aren’t who the child thinks they are.

The European Commission adds that the watch doesn’t comply with the Radio Equipment Directive and any distributor that dealt with the Safe-KID-One should recall the product from end users.

Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
Facebook fights fake news ahead of Africa elections
“We also show related articles from fact-checkers for more context and notify users if a story they have shared is rated as false.”
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.