Connected sports wearables collect sensitive health, location and performance data, yet their security design often receives less scrutiny than traditional consumer devices. A deep technical examination of a widely adopted GPS sports watch reveals how insecure Bluetooth Low Energy implementations, weak pairing logic and insufficient firmware protections expose users to privacy loss, account compromise and device disruption. The findings show how wireless attacks can occur without physical access, how application-layer decisions amplify risk on mobile platforms, and how simple protocol flaws escalate into real-world impact.

This session, led by Moritz Abrell, senior IT security consultant and penetration tester at SySS GmbH, will cover:

• BLE pairing weaknesses and unauthenticated communication paths;
• Wireless account takeover and exposure of personal activity data;
• Denial-of-service conditions caused by protocol and parsing flaws.