Polar has become the latest fitness tracker to be accused of spilling identifying user data to all and sundry.
According to investigative news site Bellingcat, the company's app is so flawed from a security perspective that it was able to get the home addresses of military personnel using the app with little difficulty.
Free app Polar enables fitness enthusiasts to time and compare their runs. It also connects with the company's own heart-rate monitor, and results can be compared with others' via the company's Polar Flow social platform.
This is where the insecurities come in - especially for people engaged in potentially sensitive occupations, such as the military.
"By showing all the sessions of an individual combined onto a single map, Polar is not only revealing the heart rates, routes, dates, time, duration, and pace of exercises carried out by individuals at military sites, but also revealing the same information from what are likely their homes as well," explained Bellingcat.
It continued: "Tracing all of this information is very simple through the site: find a military base, select an exercise published there to identify the attached profile, and see where else this person has exercised."
It added that as fitness apps are typically turned on and off at a users' home, the app would enable individuals working near sensitive sites to be relatively easily targeted.
The Polar app not only makes it relatively easy to view the training sessions of specific people, replete with handy maps, but can also show every exercise an individual has done going back to 2014.
Bellingcat illustrated the insecurity of the app by displaying a map showing exercises of servicemen at a military base in Mali, West Africa. It adds that it was also able to individually identify individuals on Polar, completed with their full names and various social media profiles, and was able to locate their home addresses.
"We were able to scrape Polar's site (another security flaw) for individuals exercising at 200+ of such sensitive sites, and we gathered a list of nearly 6,500 unique users. Together, these users had made over 650.000 exercises, marking the places they work, live, and go on vacation," it warned.
The Institute for United Conflict Analysts (IUCA) founding member Nathan Ruser discovered that the interactive map could be used for intelligence gathering, highlighting the location of military facilities - many supposedly secret.
Children as young as four to be taught about the dangers of social media
Bans already issued to hundreds of players who used offensive language
The site is perfectly situated for launching small satellites into orbit
Delegates at the ESOF 2018 conference were warned that their perceptions of the digital age were coloured by private industry