WatchWitch: Interoperability, Privacy, and Autonomy for the Apple Watch

• URL: http://arxiv.org/abs/2507.07210v1
• Date: Wed, 09 Jul 2025 18:33:58 GMT
• Title: WatchWitch: Interoperability, Privacy, and Autonomy for the Apple Watch
• Authors: Nils Rollshausen, Alexander Heinrich, Matthias Hollick, Jiska Classen,
• Abstract summary: We reverse-engineer the Apple Watch's wireless protocols.<n>With WatchWitch, we break out of Apple's walled garden.<n>We thus pave the way for more consumer choice in the smartwatch ecosystem.
• Score: 50.89778047875175
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Smartwatches such as the Apple Watch collect vast amounts of intimate health and fitness data as we wear them. Users have little choice regarding how this data is processed: The Apple Watch can only be used with Apple's iPhones, using their software and their cloud services. We are the first to publicly reverse-engineer the watch's wireless protocols, which led to discovering multiple security issues in Apple's proprietary implementation. With WatchWitch, our custom Android reimplementation, we break out of Apple's walled garden -- demonstrating practical interoperability with enhanced privacy controls and data autonomy. We thus pave the way for more consumer choice in the smartwatch ecosystem, offering users more control over their devices.

Related papers

• Apple Intelligence Foundation Language Models: Tech Report 2025 [246.04717786298764]
  We introduce two foundation language models that power Apple Intelligence features across Apple devices and services.<n>Both models are trained on large-scale multilingual and multimodal datasets sourced via responsible web crawling.<n>A new Swift-centric Foundation Models framework exposes guided generation, constrained tool calling, and LoRA adapter fine-tuning.
  arXiv  Detail & Related papers  (2025-07-17T23:37:19Z)
• Secure Wearable Apps for Remote Healthcare Through Modern Cryptography [1.693687279684153]
  Wearable devices like smartwatches, wristbands, and fitness trackers are designed to be lightweight devices to be worn on the human body. With the increased connectivity of wearable devices, they will become integral to remote healthcare solutions. This paper explores solutions for applying modern cryptography to secure wearable apps.
  arXiv  Detail & Related papers  (2024-10-10T05:50:12Z)
• Goodbye Tracking? Impact of iOS App Tracking Transparency and Privacy Labels [25.30364629335751]
  Apple introduced two significant changes with iOS 14: App Tracking Transparency (ATT), a mandatory opt-in system for enabling tracking on iOS, and Privacy Nutrition Labels. This paper addresses the impact of these changes on individual privacy and control by analysing two versions of 1,759 iOS apps from the UK App Store. We find that Apple itself engages in some forms of tracking and exempts invasive data practices like first-party tracking and credit scoring.
  arXiv  Detail & Related papers  (2022-04-07T16:32:58Z)
• SPAct: Self-supervised Privacy Preservation for Action Recognition [73.79886509500409]
  Existing approaches for mitigating privacy leakage in action recognition require privacy labels along with the action labels from the video dataset. Recent developments of self-supervised learning (SSL) have unleashed the untapped potential of the unlabeled data. We present a novel training framework which removes privacy information from input video in a self-supervised manner without requiring privacy labels.
  arXiv  Detail & Related papers  (2022-03-29T02:56:40Z)
• AirGuard -- Protecting Android Users From Stalking Attacks By Apple Find My Devices [78.08346367878578]
  We reverse engineer Apple's tracking protection in iOS and discuss its features regarding stalking detection. We design "AirGuard" and release it as an Android app to protect against abuse by Apple tracking devices.
  arXiv  Detail & Related papers  (2022-02-23T22:31:28Z)
• Analysis of Longitudinal Changes in Privacy Behavior of Android Applications [79.71330613821037]
  In this paper, we examine the trends in how Android apps have changed over time with respect to privacy. We examine the adoption of HTTPS, whether apps scan the device for other installed apps, the use of permissions for privacy-sensitive data, and the use of unique identifiers. We find that privacy-related behavior has improved with time as apps continue to receive updates, and that the third-party libraries used by apps are responsible for more issues with privacy.
  arXiv  Detail & Related papers  (2021-12-28T16:21:31Z)
• CovidAlert -- A Wristwatch-based System to Alert Users from Face Touching [1.9502559508200459]
  Face touching is a compulsive human begavior that can not be prevented without making a continuous effort. We have designed a smartwatch-based solution, CovidAlert, that detects hand transition to face and sends a quick haptic alert to the users. The overall accuracy of our system is 88.4% with low false negatives and false positives.
  arXiv  Detail & Related papers  (2021-11-30T21:58:50Z)
• Are iPhones Really Better for Privacy? Comparative Study of iOS and Android Apps [25.30364629335751]
  We present a study of 24k Android and iOS apps from 2020 along several dimensions relating to user privacy. Third-party tracking and the sharing of unique user identifiers was widespread in apps from both ecosystems, even in apps aimed at children. Across all studied apps, our study highlights widespread potential violations of US, EU and UK privacy law.
  arXiv  Detail & Related papers  (2021-09-28T13:40:32Z)
• OpenBot: Turning Smartphones into Robots [95.94432031144716]
  Current robots are either expensive or make significant compromises on sensory richness, computational power, and communication capabilities. We propose to leverage smartphones to equip robots with extensive sensor suites, powerful computational abilities, state-of-the-art communication channels, and access to a thriving software ecosystem. We design a small electric vehicle that costs $50 and serves as a robot body for standard Android smartphones.
  arXiv  Detail & Related papers  (2020-08-24T18:04:50Z)
• Mind the GAP: Security & Privacy Risks of Contact Tracing Apps [75.7995398006171]
  Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy. We demonstrate that in real-world scenarios the GAP design is vulnerable to (i) profiling and possibly de-anonymizing persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts.
  arXiv  Detail & Related papers  (2020-06-10T16:05:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.