+ Monday September 23rd, 2019

Australian security researcher Troy Hunt has just reported major security flaws in the popular TicTocTrack Watch used by Australian parents to track their children.

Hunt and Ken Munro from Pen Test Partners discovered that the TicTocTrack Watch was simply a rebranded Gator tracking watch.

This type of child tracking watch has been judged by German regulators to be so flawed that they suggested parents destroy the watches and stop paying for subscriptions:

German parents are being told to destroy smartwatches they have bought for their children after the country’s telecoms regulator put a blanket ban in place to prevent sale of the devices, amid growing privacy concerns.

The details in this story are truly disturbing. With relative ease, researches were able to:

  • Modify the reported GPS location of watches, making them appear to be somewhere they weren’t (i.e. you lose your kids)
  • Modifying watch data to add unknown contacts to the watch (i.e. masquerading as a parent or trusted adult)
  • Making the watch auto-answer calls from third parties so they can monitor your child’s surroundings

Most disturbingly, researchers were able to get the precise GPS coordinates of these watches, and thus the kids wearing them. Combine this with the other features above, and it’s a miracle that someone’s kid hasn’t been kidnapped.

These watches sound like an unmitigated disaster, and absent some significant development work making the software at least ANY more safe, we could only reiterate the recommendation of regulators overseas – if you’ve got one of these devices, destroy it and throw it out.

For more detail about the multiple security flaws found in the TicTocTrack (Gator) watches read Troy Hunts blog post.

Neerav Bhatt   Associate


Neerav has been interested in Android phones since he bought the 1st one ever released (HTC Dream/G1). He has never bought an Apple product :-) His dream phone would have stock Android OS, fast high-res camera and swappable 4000mAh battery.

Profile: Community Spirited, Influencer, Knack for Technology, Environmentalist. Experienced: Librarian, Journalist, Photographer, IT Sales & Support

Join the Ausdroid Conversation

1 Comment threads
0 Thread replies
Most reacted comment
Hottest comment thread
1 Comment authors
Jeni Skunk Recent comment authors
newest oldest most voted
Notify of
Jeni Skunk
Ausdroid Reader

Such a critical security failing really needs a national recall campaign to be carried out by the federal govt.

Check Also

Driving and texting in NSW? From December, you may be on camera, and you’ll be caught

Despite being illegal for a rather long time, the number of motorists still getting caught …