Friday, January 4, 2013

Fitbit One Sync Logs

My first order investigation of the Fitbit One involved the following:
  • Installing the FitbitConnect software on my Win7 VM
  • Setting up the device with my account
  • Forcing a sync
  • Finding for the sync logs
The FitbitConnect options panel allows the specification of a proxy server, so I obliged and used Fiddler to capture network traffic.  

I figured the sync logs had to be stored somewhere on the Win7 filesystem, since the FitbitConnect UI mentions them (provides a checkbox to keep them for 5 days), and so does this guy.

On my install, the logs were found under C:\ProgramData\FitbitConnect\Logs.  An example filename is log-20130104004939.txt

UPDATE: On my iMac, the log is here: /private/var/run/com.fitbit.galileod.log

Scanning the logs I see scattered bits of interesting things.

1. The server is basically in control of the FitbitConnect UI.  On almost every action, the server returns an HTML page embedded in the XML response.

2. Among other things, the service also appears to provide the display strings to be used on the device.  For example, here is part of the data blob that the service provided in one of its responses:

    0000020: 0b00 5045 5445 5220 2020 2020 4855 4720  ..PETER     HUG 
    0000030: 4d45 2020 2020 5741 4c4b 204d 4520 2020  ME    WALK ME   
    0000040: 4845 5920 4845 5921 2020 0000 0000 0000  HEY HEY!  ......

3. The server classifies me as "obese".  While I can't disagree with this, it caught me by surprise that this is part of my account profile.

            var props = {
                'Android App Version': '',
                'iPhone App Version': '',
                'Has Android App': false,
                'Environment': 'prod',
                'Has iPhone App': false,
                'User Age Range': '35-44',
                'Body Type': 'obese',
                'Gender': 'male',
                'Locale': 'en_US',
                'Premium': false,
                'Premium Expired': false,
                'Platform': 'Fitbit Connect',
                'Facebook Linked': false,
                'Height': '76.02362',
                'GoalPrimary': 'steps',
                'GoalWeight': '',
                'Operating System Version': osVersion,
                'Paired Aria': false,
                'Paired One': true,
                'Paired Zip': false,
                'Paired Flex': false,
                'Paired Ultra': false,
                'Paired Classic': false
            };

More later.  Planning to add a USB filter driver to capture traffic at the dongle.
Posted by at
Labels: ,

2 comments:

  1. UnknownMarch 5, 2013 at 8:06 PM

    Any chance of capturing the activity data?

    ReplyDelete
  2. Koen ZomersMarch 13, 2014 at 3:28 AM

    Interesting stuff. Considering buying a Fitbit Aria, but only if I will be able of parsing the data myself. It seems like exporting the data from Fitbit is only possible against a high subscription fee which then would void my interest for this device. I was wondering if I could intercept the information just like you did. What isn't clear to me from your blogpost is if the data captured by Fiddler was actually useful? Or is it binary/cryptic data that you would have to decode yourself in some undocumented way? Could you shed some light on that?

    ReplyDelete

Subscribe to: Post Comments (Atom)