Scientists from leading universities conducted a thorough analysis of ten of the most used Android fitness applications, which have a total of 237 million installations. Through static and dynamic review of the code and server communication, they revealed numerous alarming practices that threaten the privacy of user data.
Some of the discovered vulnerabilities include embedding API keys directly in the applications, using inadequate encryption (such as AES in ECB mode), as well as excessive communication with over 230 different third-party domains. This significantly increases the risks of tracking activity and leaking personal information, including health parameters and workout data.
You may also like
Generative AI in Bulgaria: Social Attitudes and Consumption According to a New National Study
Apple Watch with a revolutionary AI trainer: Workout Buddy arrives with watchOS 26
Revolution in Waste Management: An Innovative Model in Pomorie
A large-scale environmental program transforms heating in Nesebar by 2029
The authors of the study categorically conclude that without constant security checks and compliance with modern standards, user trust in mobile health applications can quickly crumble. They recommend limiting the permissions granted and selecting only applications with a proven safe backend.
Коментари (0)
Все още няма коментари.