Previous post
![State of the Union: Actions Speak Louder than Words [VIDEO]](https://victorygirlsblog.com/wp-content/uploads/2018/01/sotu.jpg)
In an era where we are beginning to reach “Star Trek” levels of voice commands to our computers, it behooves everyone who utilizes these devices to do so safely. With that in mind, why on earth are United States military personnel using a fitness app that can track them???
The app, Strava (who says on their website that they are “Connecting the world’s athletes”) has a map of everywhere that anyone using their app has ever run. EVERYWHERE.
The map, released in November 2017, shows every single activity ever uploaded to Strava – more than 3 trillion individual GPS data points, according to the company. The app can be used on various devices including smartphones and fitness trackers like Fitbit to see popular running routes in major cities, or spot individuals in more remote areas who have unusual exercise patterns.
However, over the weekend military analysts noticed that the map is also detailed enough that it potentially gives away extremely sensitive information about a subset of Strava users: military personnel on active service.
So, yeah, it’s cute when the kids hack Alexa to order themselves some new toys…
… not so great when the running paths of active duty personnel highlight where their bases are located!
I don't know who in the @39thAirBaseWing is running laps among the nuclear weapons at Incirlik AB with @Strava on his/her smartphone or IOT wearable … but please stop. (Also, lets take the weapons out.) pic.twitter.com/T7XZytNPJx
— Jeffrey Lewis (@ArmsControlWonk) January 28, 2018
I guess I am taking this too seriously, but it took about ten seconds to figure out how I would use this to pick out every missile site in half a dozen countries.
— Jeffrey Lewis (@ArmsControlWonk) January 28, 2018
Strava released their global heatmap. 13 trillion GPS points from their users (turning off data sharing is an option). https://t.co/hA6jcxfBQI … It looks very pretty, but not amazing for Op-Sec. US Bases are clearly identifiable and mappable pic.twitter.com/rBgGnOzasq
— Nathan Ruser (@Nrg8000) January 27, 2018
Not just US bases. Here is a Turkish patrol N of Manbij pic.twitter.com/1aiJVHSMZp
— Nathan Ruser (@Nrg8000) January 27, 2018
Here are some FOBs in Afghanistan. pic.twitter.com/JoB7hKHwyh
— Nathan Ruser (@Nrg8000) January 27, 2018
If soldiers use the app like normal people do, by turning it on tracking when they go to do exercise, it could be especially dangerous. This particular track looks like it logs a regular jogging route. I shouldn't be able to establish any Pattern of life info from this far away pic.twitter.com/Rf5mpAKme2
— Nathan Ruser (@Nrg8000) January 27, 2018
And it’s not just the running routes that Strava knows. It’s who’s USING the app.
So… um, you could probably trivially scrape Strava and thus identify individual runners and routes. What I'm saying is, you could identify just who made those tracks in Rutba. #yikes pic.twitter.com/uzlTO4HvJL
— Paul D (@Paulmd199) January 28, 2018
Sometimes, Strava even points out who is using them!
Pro runner (and inspiration) @AllieKieffer just joined Strava – and she uploaded her 2017 NYC Marathon, where she finished 5th overall. Follow Allie and give her some kudos! https://t.co/j1jrtjMjmN pic.twitter.com/lCSKUagm26
— Strava (@Strava) January 25, 2018
So far, the Strava Twitter account has not made any statements on the security of their information, but they published their Global Heatmap last November, and no one at the company gave a second thought to the detail that was available via the data.
The military is reportedly looking into what information has already been revealed.
Air Force Col. John Thomas, a spokesman for U.S. Central Command, said Sunday that the U.S. military is looking into the implications of the map.
The military did not respond to a question about what the regulations are regarding use of fitness-tracking apps. But the Pentagon has encouraged the use of Fitbits among military personnel and in 2013 distributed 2,500 of them as part of a pilot program to battle obesity.
How much do you want to bet that everyone who has the app is ordered to delete it immediately? And get yelled at for not turning off the tracking – which you can do?
A lot of people are going to have to sit thru lectures come Monday morning.
— Tobias Schneider (@tobiaschneider) January 27, 2018
Technology is a wonderful thing, especially when someone on active duty has the ability to stay in touch with loved ones at home with that technology. But we all have to be smart about our tech use, or it is going to come back and bite us. Bigly.
CaptDMO says: Lest we forget…..
“Intel” that is gathered, can just as well be intel that was planted.
That being said, I’m in AWE that folks will PAY for (ie)OnStar, and “Houdsehold” Voice recognition (VOIP?)
hardware.(“toys”, et alia)
I’d LIKE to think that the locations of such “sensitive” zones would fall under continuing “worst kept secrets”
for folks on all sides with actual skin in “the game”.
For wanna-be “activists”, tripping over such “discoveries, it would probably serve better as
“There be Monsters here, abandon hope all that enter”.
GWB says: This goes to the larger question of society, as a whole: how much info do you really want to let people aggregate on you? Especially if they actually hand off any of that data to advertisers or even the public, at large?
Any sort of smart watch is already banned (generally) in sensitive or classified spaces, because of its storage ability and its wireless function. I’m betting they’re mostly banned on patrols. We’ve already had lots of OpSec briefings on social media usage, and at least one on this sort of issue.
More people concerned with their privacy – even if they aren’t doing anything wrong – would help us tremendously as a society. *smh*
2 Comments