{"title":"我只是想记录我的步数!阻止Fitbit设备的不必要流量","authors":"Andrei Kazlouski, Thomas Marchioro, E. Markatos","doi":"10.1145/3567445.3567457","DOIUrl":null,"url":null,"abstract":"The recent advent of wearable fitness trackers has fueled concerns in regards to the privacy they provide. In particular, previous works have indicated that the associated fitness apps may contact unexpected Internet destinations. In this work we identify the third-party connections of the official mobile Fitbit application and its partners, and study whether they can be blocked without hindering the essential functionality of the devices. We show that disabling traffic to the domains contained in well-maintained blocklists does not prevent Fitbit trackers from correctly reporting activity data, including steps, workouts, duration and quality of sleep, etc. Moreover, we demonstrate that Fitbit activity data are correctly synchronized for 6 partner apps of Fitbit when utilizing the above blocking rules. Our results suggest that more than of the third parties for the Fitbit-associated apps are contained in credible domain-based blocklists. Furthermore, we find all studied app to contact between 1 and 20 non-required third parties. Finally, over of the blocked destinations are identified by the default installation of uBlock Origin – universally used content filter (adblocker). Unlike previous works on blocking unnecessary IoT communications, our methodology can be easily utilized by end-users.","PeriodicalId":152960,"journal":{"name":"Proceedings of the 12th International Conference on the Internet of Things","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"I just wanted to track my steps! Blocking unwanted traffic of Fitbit devices\",\"authors\":\"Andrei Kazlouski, Thomas Marchioro, E. Markatos\",\"doi\":\"10.1145/3567445.3567457\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The recent advent of wearable fitness trackers has fueled concerns in regards to the privacy they provide. In particular, previous works have indicated that the associated fitness apps may contact unexpected Internet destinations. In this work we identify the third-party connections of the official mobile Fitbit application and its partners, and study whether they can be blocked without hindering the essential functionality of the devices. We show that disabling traffic to the domains contained in well-maintained blocklists does not prevent Fitbit trackers from correctly reporting activity data, including steps, workouts, duration and quality of sleep, etc. Moreover, we demonstrate that Fitbit activity data are correctly synchronized for 6 partner apps of Fitbit when utilizing the above blocking rules. Our results suggest that more than of the third parties for the Fitbit-associated apps are contained in credible domain-based blocklists. Furthermore, we find all studied app to contact between 1 and 20 non-required third parties. Finally, over of the blocked destinations are identified by the default installation of uBlock Origin – universally used content filter (adblocker). Unlike previous works on blocking unnecessary IoT communications, our methodology can be easily utilized by end-users.\",\"PeriodicalId\":152960,\"journal\":{\"name\":\"Proceedings of the 12th International Conference on the Internet of Things\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-11-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 12th International Conference on the Internet of Things\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3567445.3567457\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 12th International Conference on the Internet of Things","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3567445.3567457","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
I just wanted to track my steps! Blocking unwanted traffic of Fitbit devices
The recent advent of wearable fitness trackers has fueled concerns in regards to the privacy they provide. In particular, previous works have indicated that the associated fitness apps may contact unexpected Internet destinations. In this work we identify the third-party connections of the official mobile Fitbit application and its partners, and study whether they can be blocked without hindering the essential functionality of the devices. We show that disabling traffic to the domains contained in well-maintained blocklists does not prevent Fitbit trackers from correctly reporting activity data, including steps, workouts, duration and quality of sleep, etc. Moreover, we demonstrate that Fitbit activity data are correctly synchronized for 6 partner apps of Fitbit when utilizing the above blocking rules. Our results suggest that more than of the third parties for the Fitbit-associated apps are contained in credible domain-based blocklists. Furthermore, we find all studied app to contact between 1 and 20 non-required third parties. Finally, over of the blocked destinations are identified by the default installation of uBlock Origin – universally used content filter (adblocker). Unlike previous works on blocking unnecessary IoT communications, our methodology can be easily utilized by end-users.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
