Users of the iPod Sport kit could be putting their privacy at risk by transmitting information of their whereabouts to those with ad-hoc surveillance devices up to 60ft away, according to researchers.
A team from the University of Washington claims it’s easy to build tracking devices that can detect the unique identifier transmitted from Nike+iPod trainer using anything from a Windows XP laptop to a Microsoft SPOT watch.
Launched earlier this year, Apple’s tie-up with Nike allows runners to keep track of their workouts by using receivers in the trainers which detect each step runners take. The sensor then transmits that information to people’s iPods, informing them of their speed and the distance they've travelled.
But the researchers claim the data could be picked up by other people – a person who wanted to engineer a meeting with someone who used the kit, for example.
"Since the unique identifier doesn't change over time, someone could use the sensor's broadcast messages to track which locations you visit, and when you visit them," say the FAQs on the University of Washington's website. "A bad person could use this information to compromise your personal privacy and safety."
The researchers have established several scenarios where someone could easily track the movements of a runner. They claim to have developed a mechanism for attaching a Nike+iPod receiver to a Windows XP laptop via a USB port. Then, when someone using the Nike+iPod kit walks passed the setup, the laptop displays the person's unique identifier on screen.
Once they had that data, the researchers created a Google Maps-based web application that can overlay surveillance data in real-time, and also display historical tracking data to keep a record of a person’s movements over time.
The researchers are encouraging Apple to use cryptographic techniques to protect people's privacy, but warned that the use of the technology would have inevitable trade-offs for sensor battery life, manufacturing costs and user experience.