CypherCon 2023

Weighing in on Smart Health Device Security: Hacking a Smart Scale

Matt Brown


The market for smart health and wellness devices has exploded recently, aided in part by the ubiquitous support for Bluetooth Low Energy (BLE). In this talk, we dive into the fundamentals of BLE security as well as the tools and techniques we use when performing BLE device security assessments. We will also explain our reverse-engineering of the FitTrack Smart Scale that uses BLE to transmit sensitive health data to a user’s mobile device. We hope to inspire the audience to start their own security research projects of other BLE and IoT devices.

Matt Brown

Healthcare Device Security

Matt Brown is an Embedded Security Pentester and Reverse Engineer that loves all things IoT. Over his career he has had a wide array of Security, System Administration and Software Engineering experience that he enjoys bringing to bear on tough business problems. He enjoys finding vulnerabilities and helping businesses remediate those vulnerabilities to create better products and services for their customers. Matt Brown graduated from Iowa State University with an undergraduate degree in Management Information Systems and a graduate degree in Information Assurance.