Nike+ IPod = Surveillance

By Annalee Newitz
02:00 AM Nov, 30, 2006

If you enhance your workout with the new Nike+ iPod Sport Kit, you may be making yourself a surveillance target.

A report from four University of Washington researchers to be released Thursday reveals that security flaws in the new RFID-powered device from Nike and Apple make it easy for tech-savvy stalkers, thieves and corporations to track your movements. With just a few hundred dollars and a little know-how, someone could even plot your running routes on a Google map without your knowledge.

The Nike+ iPod gives runners real-time updates about the speed and length of their workouts via a small RFID device that fits into the soles of Nike shoes, and broadcasts workout data to a small receiver plugged into an iPod Nano.

While this setup sounds convenient and cool, it didn't sit well with Scott Saponas, a computer science graduate student at the University of Washington in Seattle. After enjoying his Nike+ iPod for a few months, Saponas began to suspect there might be other, more nefarious uses for the gear.

He brought his concerns to University of Washington computer science professor Yoshi Kohno and fellow graduate students Carl Hartung and Jonathan Lester. After just a few weeks of tinkering, the four researchers discovered that the Nike+ iPod is, as Kohno put it, "an easy surveillance device."

The first problem is that the RFID in the shoe sensor contains its own on-board power source, essentially turning your running shoe into a small radio station capable of being received from up to 60 feet away, with a signal powerful enough to be picked up from a passing car.

Compare this with the roughly 3-centimeter to 10-inch read range of a typical consumer-grade RFID, such as the kind you find in smart tags in Gap clothing or in credit cards, which is passively powered by the reader.

Additionally, the sensor will reveal its unique ID to any Nike+ iPod receiver. With a quick hardware hack that Kohno said "any high school student could do in the garage," the researchers hooked a Nike+ iPod receiver up to a Linux-based "gumstix" -- a tiny, $79 computer that could easily be hidden in door frames, in trees next to jogging trails or in a pocket.

In their report, the researchers detail a scenario in which a stalker who wants to know when his ex-girlfriend is at home taps into her Nike+ iPod system. He simply hides the gumstix device next to her door, and it registers her presence as she passes by in her Nike shoes. If he adds a small "wifistix" antenna to the device, it can transmit this information to any nearby Wi-Fi access point and alert him to her presence via SMS or by plotting her location on Google Maps.

A thief could use a similar set-up to case several houses at once, figuring out when Nike-wearing owners are at home and when they aren't.

Neither Apple nor Nike had comments at press time.

Electronic Frontier Foundation staff attorney Lee Tien says the Nike+ iPod is a harbinger of things to come. "We're going to see more devices like this in the next few years," he said. "This isn't just a problem with the Nike+ iPod per se -- it's a cautionary tale about what happens when companies unwittingly build a surveillance capacity into their products."

UC Berkeley RFID researcher David Molnar agreed with Tien, adding, "This shows a need for independent oversight and investigation of these technologies before they go to market. These things happen because the people building devices don't think about privacy implications."

Molnar also speculated about how easy it would be for a company to build their own tiny readers and deploy them in a large environment, selling the data stream to those who would track spouses or teens, or collect information about how many people wearing Nikes visit malls or movie theaters. "Given that there are no laws about skimming data in California right now, it would be perfectly legal to do it there," he said.

The researchers, for their part, just want to see Apple, Nike and other manufacturers fix the problem. They offer a simple solution in their report, which is to build the sensors to speak to only one reader.

"Using relatively standard cryptographic techniques, you could make it very difficult to listen to broadcasts from somebody else's sensor," said Kohno. He hastened to add that he doesn't believe Apple and Nike purposefully designed the sensors to be surveillance-friendly. "I just think companies should be as aware of privacy issues as they are of safety issues," he said. "Too often, they aren't."