Authors: Jared Fuchs, Melody Spencer, Sukhendu Chakraborty Introduction: As part of the e-commerce and tools team at Fitbit one of our missions is to enable other teams by providing an extensible framework for surfacing device/application data to whoever needs it. Towards that goal, we have provided a common set of APIs that any team...
Security
An open-source framework to connect wearables and other IoT devices to mobile phones, tablets and PCs with an IP-based protocol stack over Bluetooth Low Energy TL;DR If you wished your wearable or IoT devices and mobile applications could communicate over Bluetooth Low Energy as seamlessly, securely, and reliably as if they were on an IP...
Fitbit has always been committed to protecting consumer privacy and keeping data safe. Our internal security team is constantly testing our products for vulnerabilities as we strive to continuously strengthen our security. And, as our devices become more and more complex, we we are more mindful than ever that weaknesses can be difficult to...
We were thrilled to hear today that the Fitbit Security Team has been awarded two awards in Bugcrowd’s second annual Buggy awards. This year we took home the “Best Response Time” and “Program of the Year” awards. Now that we have three Buggy Awards in our trophy cabinet (we took home “Best Response Time” last year) it feels like a...
On February 23, 2017, Google Project Zero and Cloudflare revealed the existence of the Cloudbleed bug. Fitbit uses Cloudflare as our content distribution network and the majority of our web and API traffic routes through the Cloudflare platform. We learned of the issue the same way as everyone else – when security-minded team members at...
With the pace of security today, nobody can afford to go it alone. Even if you hire the greatest security team, deploy airtight process, tools, design reviews, testing, etc, there’s a global community of like-minded security folk working on these problems. There are economies of scale that come from researchers honing test strategies over many...