1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Polar fitness app exposed location of soldiers and government agents

By midian182
Jul 9, 2018
Post New Reply
  1. Polar's line of smart devices are able to connect to the company’s fitness app, Polar Flow, where users can record their activities and routes on a publicly viewable ‘Explore’ map. The security concerns arose from the fact that anyone could use the map to find sensitive installations and see if any users’ workouts end at these locations. Many runners give their real names and profile pictures on the app, allowing someone to gather a slew of information on soldiers or government agents who use Polar fitness trackers.

    This isn’t the first time a tracking app has come under fire for potentially revealing military bases and staff routines. Back in January, Strava changed its privacy settings after its heatmap was found to be exposing data on personnel stationed in bases around the world. But while Strava's information was only accessible via a user’s profile page, Polar allowed you to select an interesting site, pick one of the profiles exercising there, and get a full workout history (going back to 2014) of that person.

    De Correspondent identified over 6400 users exercising at sensitive locations, including the NSA, the White House, MI6, Guantanamo Bay, and foreign military bases.

    Even users who marked their profiles as private weren’t safe from prying eyes. A flaw in the app allowed reporters to gather their data, and the API didn’t cap the number of requests that someone could make, thereby allowing them “to determine their home address, where people’s workouts often begin and end.”

    Polar has apologized and suspended the Explore feature in the Flow app. It added that there had been no breach of private data and that it is now “analyzing the best options that will allow Polar customers to continue using the Explore feature while taking additional measures to remind customers to avoid publicly sharing GPS files of sensitive locations.” You can read the company's full statement here.

    Permalink to story.

     
    Last edited by a moderator: Jul 9, 2018
  2. Uncle Al

    Uncle Al TS Evangelist Posts: 4,280   +2,732

    Yep, that's one that needs to be banned from all government installations simply for the sake of security .....
     
  3. Impudicus

    Impudicus TS Booster Posts: 89   +40

    I would have thought any non military gps device would have been banned from military locations in the first place. Smart phones, fitness trackers.... seems like common sense.
     

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...