
MiSafes' child-tracking smartwatches are easy to hack - wil_I_am_27
https://www.bbc.com/news/technology-46195189
======
LyndsySimon
I suggest the title be change from "easy to hack" to "easy to compromise" \- I
was hoping to see that someone had created a custom firmware for them or
something :(

~~~
jjeaff
As much as "hackers" wish to keep the word hacker to mean what it used to
mean, I think "hacking" has fully entered the English lexicon with the meaning
as used in the headline. No amount of complaining and correcting can change
that now. It still means what it used to in some circles, but the primary
meaning is hacking as in cracking.

Just like we will "literally" never get the literal cat back in the bag.

~~~
LyndsySimon
I get that, but I was suggesting it being changed here, as in this community
the word retains much of its original meaning.

------
LinuxBender
Who in that company would be liable, should there ever be an incident where a
child is tracked, abducted and harmed utilizing this gps device? Just the CEO,
or will board members also feel shared pain?

~~~
tomatotomato37
If the corporate info in the terms of use are accurate (Shenzhen Langya
Electronics Co., Ltd registered in the Republic of Ireland) then the company
would already be bankrupted and assets transferred to a duplicate company in
the time it takes a prosecutor lick the envelope

Edit: This ToS is hilarious

    
    
      No Data Mining or Harmful Code.
    
      You agree that you will not
     (a) obtain or attempt to obtain any information from the Service;
     (b) intercept, examine or otherwise observe any proprietary communications protocol used by the Service, whether through the use of a
         network analyzer, packet sniffer or other device; or
     (c) use any type of bot, spider, virus, clock, timer, counter, worm, software lock, drop dead device, Trojan-horse routing, trap door, time
         bomb or any other codes, instructions or third-party software that is designed to provide a means of surreptitious or unauthorized
         access to, or distort, delete, damage or disassemble the Site or the Service.

~~~
yjftsjthsd-h
> the company would already be bankrupted and assets transferred to a
> duplicate company in the time it takes a prosecutor lick the envelope

I've always been told that judges are in fact humans who can see that for the
no-op it is and are unlikely to be amused by such a stunt.

~~~
c3534l
This is a Chinese company we're talking about. I'm not sure how much influence
an American judge is going to have.

~~~
yjftsjthsd-h
"registered in the Republic of Ireland"

~~~
Namidairo
If I remember correctly, quite a few companies register in Ireland for use as
a tax haven?

------
ortusdux
Germany banned smartwatches for children last year:
[https://www.theverge.com/circuitbreaker/2017/11/19/16671428/...](https://www.theverge.com/circuitbreaker/2017/11/19/16671428/germany-
bans-smartwatches-kids-parents-destruction)

~~~
kachurovskiy
I think only those smartwatches are banned that allow concealed listening or
viewing the camera feed without the kid noticing.

~~~
joe_the_user
No, the article specifically states "Germany’s telecommunication agency, the
Bundesnetzagentur, has banned smartwatches for kids, and is asking parents to
destroy them." It used the fact that these are listening devices, yes, but the
ban as stated sounds quite absolute.

~~~
RagingCactus
The Bundesnetzagentur does not have the capacity to ban random devices for
children.

They banned these devices because they are essentially bugs/covert listening
devices and are even marketed as such. Devices that look innocious (such as
children's watches or teddy bears) but in reality are covert listening devices
are banned in Germany by §90 TKG. [1]

This is why the Bundesnetzagentur banned the smartwatches in question. They
even cited cases in which these watches were used to monitor teachers in
classrooms. [2]

"Normal" smartwatches are NOT banned. "Normal" smartwatches for children are
also NOT banned. Only watches with monitoring functions fall under the §90 TKG
law. [3] Note that using an app to bring covert listening functionality to a
phone or watch also converts that device into an illegal listening device.

[1] [https://www.gesetze-im-
internet.de/tkg_2004/__90.html](https://www.gesetze-im-
internet.de/tkg_2004/__90.html) (Just for reference)

[2]
[https://www.bundesnetzagentur.de/SharedDocs/Pressemitteilung...](https://www.bundesnetzagentur.de/SharedDocs/Pressemitteilungen/DE/2017/17112017_Verbraucherschutz.html)
(German, but google translate works sufficiently well)

[3]
[https://www.bundesnetzagentur.de/DE/Sachgebiete/Telekommunik...](https://www.bundesnetzagentur.de/DE/Sachgebiete/Telekommunikation/Unternehmen_Institutionen/Anbieterpflichten/Datenschutz/MissbrauchSendeanlagen/HinweiseProduktkategorien/hinweiseproduktkategorien.html?nn=690686)
(German, use a translator)

~~~
Gaelan
Amusingly, in your second link, Google refers to watches as “watches,”
“clocks,” and “watchmen.”

------
lizzard
The really disturbing thing about this is how devices like this make
surveillance even more normal. It's like training your own children to accept
what should be an unacceptable loss of freedom and privacy.

------
Eridrus
So, what is the specific threat model here? Who is going to hack these
children's phones, and what are they going to do with that access?

~~~
dharmab
Think about divorced/separated families. Many child kidnappings are
unauthorized custody by a parent or family member.

~~~
Eridrus
Does the watch vulnerability meaningfully increase the risk here?

These people would know what a child's routine is already, and would not need
smartwatch info.

And we're talking about people to are also technically savvy enough to reverse
engineer this software.

It seems more likely that even in this situation, the watch would be a help
rather than a harm.

I'm not saying we shouldn't care about security, but people tend to over-react
whenever children are involved.

~~~
yellowapple
As frustrating as it can be sometimes, if children are involved, it's almost
certainly a better idea to overreact than underreact.

~~~
macintux
Agreed. I hate the "won't someone think of the children" attitude towards
social norms, but they are for the most part utterly defenseless and deserving
of some basic protection.

