Wacom Tablet Data Exfiltration Raises Security Concerns

2020-02-07 22:25

The Wacom digital drawing tablet appears to be silently exfiltrating user data, according to an investigation by software engineer Robert Heaton - and the company responded on Friday, downplaying the report.

Though the data seen by Wacom is supposedly aggregated, Heaton said that it could use the "User Explorer" tool in Google Analytics to drill deeper, possibly to build a fairly rich profile that could be used for phishing or scam attacks.

Heaton falls into the "Amateur enthusiast" camp of the Wacom user base; and he said that he invested in a tablet to do some drawings to go with his blogs.

Google-analytics.com in the form of "Lots of TLS-encrypted traffic." He then set up a Burp Suite proxy server on his computer to intercept and log the specific data being sent to and from the Wacom tablet drivers.

Wacom said that users can choose to opt out of data collection by going to settings: Desktop Center -> clicking "More" on the top-right corner -> Privacy Settings -> and selecting "Off" in the "Participate Wacom Experience Program" box.

News URL

https://threatpost.com/wacom-tablet-data-exfiltration-security-concerns/152707/

#exfiltration #security #tablet