Encrypt/mask GPS data stored on watch #6974
Replies: 1 comment
-
Posted at 2023-07-18 by user140377 How about adding a boot script that wipes the clock if the correct key is not entered? Unless you connect it with bluetooth to a computer it should be pretty safe.. Posted at 2023-07-19 by user141569 You could definitely bypass that by taking apart the watch and reading the flash chip externally. You could possibly also bypass that by running something over the SWD pins that dumps the file contents. Also, I don't know whether Bluetooth passkey and whitelist are still active even after a reboot without loading code or in DFU mode. Posted at 2023-07-19 by @halemmerich If protection of e.g. the GPS tracks on the watch is the goal here, maybe regular or automatic sync (with auto delete in case no sync happened for a while) of the data to GadgetBridge or wherever and then just deleting it from the watch would be a way to tackle this? Posted at 2023-07-20 by Mi
What about storing the key only in RAM and only when connected to the phone? That should be safe as long as the phone is not stolen together with the watch . Posted at 2023-07-20 by Hank Can we request a phone ID or e.g the MAC address or something from the watch via Gadgetbridge? It would be cool to just encrypt the data with e.g. the phones MAC address. Posted at 2023-07-20 by @gfwilliams One thing to watch out for is StorageFile can't contain char code 255 so you can't just use normal encryption. It's not just GPS but I guess there might be other personal info (QR codes, received messages, etc). What about extending Gadgetbridge and the app loader to allow it to work with E.setPassword? - http://www.espruino.com/Reference#l_E_setPassword (setPassword would have to be in the Posted at 2023-07-22 by bobrippling Using the phone sounds like an idea, I've created an initial PR to do this without gadget bridge (as I don't have it currently) but would be interested in adjustments to encrypt using a key stored either on the phone, or using some property of the phone. Posted at 2023-07-22 by bobrippling
This is something I've been thinking about for a while - a bluetooth daemon running on a raspberry pi that regularly updates my watch's clock, fetches health/gps data off the watch and so on Posted at 2023-07-23 by bobrippling I like the sound of asymmetric keys or using phone IDs/mac addresses to encrypt too. I'm thinking the existing scramble GPS app works as a lightweight/ease-of-use "lock", and I have a few ideas for a more lockdown-mode which would incorporate these ideas along with encryption based on some key. We could either encrypt just GPS and use Posted at 2023-08-09 by bobrippling I've been thinking about this more and like the idea of
Is there any existing standard setup for adding this into How cautious should I be with this file btw? Could I potentially brick my watch if I accidentally raise an exception or break BLE connections here? Posted at 2023-08-10 by @gfwilliams Nothing else writes to Maybe add a Bear in mind you'll have to manually I'd say be very careful! I'm pretty sure the file is run all the time and can't be circumvented, so the only way to recover would be to boot back to the bootloader and upload a custom firmware that didn't load it! The app that sets the password should come with similar warnings too :) Posted at 2024-04-29 by bobrippling About this - the USB cable that comes with the watch, do you know if its pins that connect to the SWD contacts on the watch also hook up to anything on the USB side? I'm thinking it'd be nice to have a fallback in case I did lock myself out, and SWD would provide a nice way in, but I'm not sure how easy it'd be. I do have a cmsis-dap probe which can talk SWD that I could attempt to manually attach Posted at 2024-04-29 by @gfwilliams
Yes, it's a bit hacky but they do actually connect right through to USB data - so you can just get a USB socket, wire it up as in https://www.espruino.com/Bangle.js2+Technical#swd and plug the charge cable in and you're sorted. cmsis-dap would be perfect - I posted how to use it at https://forum.espruino.com/conversations/393757/#17280505 Posted at 2024-08-02 by bobrippling I've setup an SWD probe and am able to access the watch - there is flashing as one option, but let's say something went wrong with this Posted at 2024-08-05 by @fanoush Well, nrf5x internal flash storage can be erased over SWD quite easily however Bangle.js storage is in external SPI flash which needs custom code to be executed. The password itself is however stored in RAM in variables so the password can be found by dumping RAM. As for SWD access I have SWD Espruino console implemented via Segger RTT, currently it can be used as ordinary Espruino console from openocd via telnet. Something like
|
Beta Was this translation helpful? Give feedback.
-
Posted at 2023-07-17 by bobrippling
I was thinking recently, if I lost my watch (or more specifically, it was stolen) while I had GPS data on it, then my home address, work etc is all present there.
I'm interested in peoples' opinions on this - would a patch to runplus and/or a module for apps to encrypt and decrypt GPS data be useful?
Tech / CPU use
I feel like AES might be overkill, and we could instead perform some simple scrambling of the coordinates based on a code the user enters, perhaps offset them from the middle of the Pacific using the user's code as a seed for a PRNG.
Usability
Unless we saved the key on the watch (which defeats the point), the user would have to enter a code each time they wanted to read/write GPS - this wouldn't be great for usability, but I'm a little out of ideas.
Beta Was this translation helpful? Give feedback.
All reactions