Scientists from leading universities conducted a thorough analysis of ten of the most used Android fitness applications, which have a total of 237 million installations. Through static and dynamic review of the code and server communication, they revealed numerous alarming practices that threaten the privacy of user data.
Some of the discovered vulnerabilities include embedding API keys directly in the applications, using inadequate encryption (such as AES in ECB mode), as well as excessive communication with over 230 different third-party domains. This significantly increases the risks of tracking activity and leaking personal information, including health parameters and workout data.
You may also like
Smartphones in Pre-Adolescent Children: Risk of Obesity, Depression, and Sleep Deprivation
Bulgarians and Scams: How AI is Changing the Game and What We Need to Know
Demonstration with AI glasses in Amsterdam startled Europe: is this the end of anonymity?
Telecare: Remote care for the elderly and people with disabilities in Nessebar
The authors of the study categorically conclude that without constant security checks and compliance with modern standards, user trust in mobile health applications can quickly crumble. They recommend limiting the permissions granted and selecting only applications with a proven safe backend.
Коментари (0)
Все още няма коментари.