Polar Fitness App Accidentally Maps Locations of Military Bases, Nuclear Warehouses

Share

Polar is the manufacturer of such popular running watches like the Polar M200 and M400, as well as fitness-oriented smartwatches like the Polar M430 and M600, while its Polar Flow app is used to organize and view user data. The number of fitness trackers on the market, from Strava and Runkeeper to many others, suggests that the answer is no.

The researchers have also probed other fitness tracking apps like Endomondo, Runkeeper and Strava (which was earlier this year found revealing patterns of life in military bases and secret sites).

What's more, even the setting that was supposed to show a Polar user's workout data only to their friends "still let profiles show a name, photo and the locationthey wrote in during registering to anyone".

Nathan Ruser, a member of the Institute for United Conflict Analysts, pointed out how examining remote areas on the map which display a high concentration of exercise could give away the location of secret bases and military operations.

Finding Western military service personnel was easy by cross-referencing names found on the Polar website with social network profiles such as those found on LinkedIn.

According to De Correspondent, only about two percent of Polar users chose to share their data, but that nonetheless allowed anyone to discover potentially sensitive data from military or civilian personnel.

Similar to Strava, Polar is showing an individual's activity - their route, date, time, etc - on the map, and then adds even more information potentially revealing this same information about their home.

Will the US Senate vote for Trump's Supreme Court nominee?
The president has already begun using the high court vacancy as a rallying cry as he campaigns for Republicans across the country. If you're going to do something risky in this emergency situation, it should be something that might actually make a difference.

Researcher Bellingcat and Dutch news siteDe Correspondent have revealed the results of a joint investigation which show that the social layer of the app is so flawed that they were able to get the home addresses of military personnel and spies without blinking. As people tend to turn their fitness trackers on/off when leaving or entering their homes, they unwittingly mark their houses on the map.

The company has now suspended the Explore feature that enables users to publicize their activity.

We also learned the names and addresses of personnel at nuclear storage facilities, maximum security prisons, military airports where nuclear weapons are stored, and drone bases.

Among them are USA troops in Iraq, Syria, Guantanamo Bay, those deployed to the demilitarized zone separating the two Koreas, staffers at the Federal Bureau of Investigation and NSA, military intelligence and cyber security specialists and many others stationed at bases in Africa, South Asia and the Middle East.

However, the investigation claims that despite many users making their profiles private it was able to find user details due to "an oversight in the Polar app".

Meanwhile, Polar explains that its "goal is to raise the level of privacy protection and to heighten the awareness of good personal practices when it comes to sharing Global Positioning System location data". And you can see where those runs start and stop.

It is important to understand that Polar has not leaked any data, and there has been no breach of private data.

Share