Ever wondered how secure you are with a fitness tracker on your wrist? The researchers at Open Effect have... and their answer is "not as much as you'd probably like." In their analysis, several common trackers have flaws that theoretically let attackers follow you or intercept data. Seven out of eight used static hardware identifiers that could allow location tracking over Bluetooth, for a start. Also, the companion apps from Garmin, Jawbone, Withings and Xiaomi have holes that not only expose data, but let evildoers fake fitness info -- a problem in lawsuits where that data could be crucial evidence.
Don't be too quick to toss out that wearable, though. Open Effect notes that the Apple Watch is truly secure based on its testing methods, and devices like the Fitbit Charge HR and Mio Fuse are safer than most. Also, these brands aren't necessarily turning a deaf ear. Fitbit, Intel (creator of the Basis Peak) and Mio have all talked to the researchers, and it won't be surprising if the companies tighten up their security through updates and future products.
As it stands, it's important to put these vulnerabilities in context. While there are real risks here, the likelihood of someone targeting your fitness tracker is fairly slim -- a hacker is more likely to want your banking info or phone location than your step count or heart rate. Still, these findings could help if you're concerned that any significant security flaw is one too many.