CSE logo University of Washington Computer Science & Engineering
 Devices That Tell On You: The Nike+iPod Sport Kit
  CSE Home   About Us    Search    Contact Info 

Quick Links
 Overview
 Frequently Asked Questions
 Technical Report
 Video
 Pictures
   

Devices That Tell On You: The Nike+iPod Sport Kit

T. Scott Saponas, Jonathan Lester, Carl Hartung, and Tadayoshi Kohno.
Department of Computer Science and Engineering, University of Washington.

UW CSE Systems, Networking, and Security Research


Overview

Key industry players are incorporating wireless radio communications capabilities into many new personal consumer products. For example, the new Nike+iPod Sport Kit from Apple consists of two components -- a sensor and a receiver -- that communicate using a wireless radio protocol. Unfortunately, there can be negative side-effects associated with equipping these gadgets with wireless communications capabilities.

In the case of the Nike+iPod Sport Kit, our research shows that the wireless capabilities in this new gadget can negatively impact a consumer's personal privacy and safety. As part of our research, we built a number of surveillance tools that malicious individuals could use to track Nike+iPod Sport Kit owners. Our tools can track Nike+iPod Sport Kit owners while they are working out, as well as when they are just casually walking around town, a parking lot, or a college campus. The tracked individuals don't even need to have their iPods with them.

Our research also shows that there exist simple cryptographic techniques that the Nike+iPod Sport Kit designers could have used to improve the privacy-preserving properties of the Nike+iPod kit.

Our work underscores the need for a broad public discussion about and further research on the privacy-preserving properties of new wireless personal gadgets.

We stress, however, that there is no evidence that Apple or Nike intended for these devices to be used in any malicious manner. Additionally, neither Apple nor Nike endorsed this study.


FAQ

  • Q: What is the Nike+iPod kit and how does it work?

    A: The Nike+iPod kit consists of a sensor which is placed in the sole of your left Nike+ shoe and a receiver which plugs into the bottom of the iPod Nano. The sensor in your shoe detects when you take steps (while walking or jogging) and transmits this information to the receiver.

    When you start a workout session with the iPod, software on the iPod collects the data from the sensor and keeps track of the distance you've walked and the pace at which you're walking at. During a workout the iPod can provide audio feedback about the time, distance, pace, or calories burned.

    Once a workout is completed users can sync their iPod's with iTunes and upload their data to the Nike+ website which contains software to track your workouts, challenge other users to competitions, and set personal goals for you to accomplish.

  • Q: How much does the Nike+iPod kit cost, and is it popular?

    A: As for Nov 24, 2006, one can buy the Nike+iPod kit from the Apple online store for $29 (USD). Apple has sold over 450,000 Nike+iPod kits, there are currently 12 versions of the Nike+ shoe, and runners have logged almost 3 million miles on the Nike+ website.

  • Q: Does the Nike+iPod kit reveal private information about a user?

    A: Yes. When you walk or run the Nike+iPod sensor in your shoe will transmit messages using a wireless radio. These messages contain a unique identifier that can be detected from 60 feet away. This information is potentially private because it can reveal where you are, even when you'd prefer for a bad person to not know your location.

  • Q: Why is it a problem if my Nike+iPod kit sensor transmits a unique identifier when I walk or run?

    A: The unique identifier can reveal your presence to nearby receivers. Since the unique identifier doesn't change over time, someone could use the sensor's broadcast messages to track which locations you visit, and when you visit them. A bad person could use this information to compromise your personal privacy and safety. We describe specific example scenarios, like stalking, in our paper.

  • Q: Would it be hard to track someone?

    A: No. It is easy to track someone who has a active Nike+iPod kit sensor in their shoe.

    We have built several mechanisms for detecting and tracking Nike+iPod shoe sensors.

    • Windows XP-based surveillance devices:

      We developed a mechanism for attaching a Nike+iPod receiver to a Windows XP laptop via a USB port. When someone wearing an active Nike+iPod sensor walks near one of our laptops, the laptop's attached Nike+iPod receiver will detect the sensor's broadcast messages and will relay information about those messages to the laptop. The laptop will then display the sensor's unique identifier on the screen. The laptop will also use WiFi to upload information about the observed sensor to a back-end database. This latter step allows our Windows XP machines to serve as participating nodes in a larger surveillance system.

    • Gumstix-based surveillance devices:

      We also made a cheap and small Nike+iPod surveillance device from commercially available miniature gumstix computers. Our gumstix surveillance devices also use WiFi to upload real-time surveillance data to a back-end database, thereby allowing the gumstixs to serve as participating nodes in a larger surveillance system.

      The gumstix-based surveillance device is small enough to hide in the environment, such as in the bushes near a running trail or under someone's desk, and can detect nearby Nike+iPod sensors up to 60 feet away.

      It would also be easy for anyone else to build their own gumstix-based surveillance device, and the total cost for a full, WiFi-enabled gumstix surveillance node is under $250 (USD). The node would be cheaper if one prefers not to use the WiFi capabilities.

    • Second-generation Intel Mote and Microsoft SPOT Watch:

      We also built a Nike+iPod surveillance device using a second-generation Intel Mote (iMote2) and the receiver that comes with the Nike+iPod Sport Kit. We also wrote companion software for a Microsoft SPOT Watch.

      Not only is the iMote2 another small surveillance device, but, because of the SPOT Watch, our system will allow an adversary to obtain real-time surveillance data on his or her wrist watch.

    • Using and iPod as a surveillance device:

      We also show how to convert a third-generation iPod into a surveillance device. Such iPods are often available on eBay for around $100. Our iPod surveillance device runs iPod Linux and our software, and has an attached Nike+iPod receiver.

    • GoogleMaps web application:

      Recall that our Windows XP- and gumstix-based surveillance devices can upload surveillance information to a back-end server in real-time. To demonstrate what an adversary might do with that data, we created a GoogleMaps-based tracking web application. This web application can overlay surveillance data on a map in real-time, and can also display historical tracking data on the map. Our back-end system can also email and SMS text message tracking information to the adversary.

  • Q: How much would it cost for someone to implement your surveillance devices?

    A: It depends on what that someone would like to do. Our gumstix prototype shows that a bad person could build a full-featured, WiFi-enabled Nike+iPod surveillance device for under $250. Adversaries desiring less functionality could reduce the price of each surveillance device. Adversaries could also significantly reduce the price of each surveillance node by custom building nodes in bulk.

  • Q: Would it be hard for someone to build their own surveillance system?

    A: No, it would be neither hard nor expensive. Any hobbyist, including a technically savvy teenager, could build their own surveillance device, assuming that someone posted detailed instructions and the corresponding software on the Internet (we currently do not plan to release our software). This person would also need to perform a minimal amount of soldering (for our gumstix-based surveillance device, this simply means soldering four wires).

  • Q: How far away can you detect a Nike+iPod kit sensor?

    A: 60 feet.

  • Q: Can you detect my Nike+iPod sensor when I'm not working out?

    A: Yes. As long as wearing an active Nike+iPod kit sensor and are walking or jogging.

  • Q: Can you detect my Nike+iPod sensor even if I do not have my iPod with me.

    A: Yes. As long as wearing an active Nike+iPod kit sensor and are walking or jogging.

  • Q: Can't I just turn off the sensor when I'm not using it?

    A: The sensor has an "on-off" button, but the Nike+iPod Sport Kit online documentation says that "[m]ost Nike+iPod runners and walkers can just drop the sensor in their Nike+ shoes and forget about it," and we believe this to be the common case in practice.

  • Q: Can't I just remove the sensor when I'm not using it?

    A: Yes, the sensor can be removed from your shoe when you do not want to workout. Additionally you can place the sensor under your front shoe laces to make removal easier (or use a third party sensor holder to hold the sensor on your shoe laces).

  • Q: What can I do to improve my privacy if I want to use the Nike+iPod kit?

    A: We strongly suggest turning off your Nike+iPod sensor when you are not actively working out. Unfortunately, this suggestion will only help you when you're not working out. If you want to workout with the Nike+iPod kit, then we are unaware of any way to improve your location privacy during your workout.

  • Q: Could Apple have designed their system in a more privacy-preserving way?

    A: Yes, there are simple cryptographic technique that the Nike+iPod designers could have used to improve the privacy-preserving properties of the Nike+iPod Sport Kit. But, as with any technical change, there will be some associated tradeoffs, like sensor battery life, manufacturing costs, and use experience. See Section 6 of the technical report below for more information.

  • Q: Will you be releasing your software?

    A: We currently do not plan to release our software.


Technical Report


Video


Pictures

  • Picture of our gumstix surveillance device:

  • Screenshot of our Windows XP Serial Communication Tool:

  • Screenshot of our GoogleMaps-based web application:


CSE logo Computer Science & Engineering
University of Washington
Box 352350
Seattle, WA  98195-2350
(206) 543-1695 voice, (206) 543-2969 FAX
[comments to Tadayoshi Kohno]