Application for fitness Polar until recently allowed to monitor the movement of users, including people working on secret sites, security officers and military personnel. This is stated in the report, which was jointly published by Bellingcat and De Correspondent.
As The Next Web writes, to find out the vulnerability, journalists didn’t have to get permission to get acquainted with the closed information–all data were placed in free access. Polar uses the Flow site as a social platform where you can view information about other users, including their personal data and the routes that people are running through.
For example, if someone regularly runs on the territory of a military base, it is not difficult to assume that this is a soldier. Sometimes the jogging routes end near the facilities of the US Department of Defense–so the application issues where the user’s home is located.
Bellingcat and De Correspondent reported that, using public data, they had access to surveillance of people who work in the White House, British intelligence and, for example, in nuclear weapons storage facilities.
Polar is not the only application that uploads data about users’ movements, but it differs from analogs with even more openness. The program among other things allows you to view information about each particular user–most of the Polar analogs do not disclose it. After the publication of the investigation, the Polar management disconnected the access to the displacement map.
At the beginning of the year, a similar scandal occurred with another popular fitness application Strava. Then the activity card of the owners of fitness trackers revealed the location of US military bases abroad, in particular in Iraq, Syria, and Somalia.