Results 1 to 5 of 5

Thread: Strava fitness tracking data reveals details of secret bases

  1. #1

    Strava fitness tracking data reveals details of secret bases

    Location data in fitness apps is frequently a good thing, since it helps you remember and optimize your routes. However, it's also producing an unexpected security risk: it's revealing details of secret military bases. UCA analyst Nathan Ruser has discovered that Strava's publicly available activity map includes the fitness routes of soldiers and agents in sensitive locations, including American bases in Afghanistan and Syria, the UK's Mount Pleasant airbase in the Falkland Islands, a suspected CIA base in Somalia and even Area 51. It's mostly American and British troops who show up, but Russian bases have also been outlined by the Strava data.

    More at: https://finance.yahoo.com/news/strav...233300274.html
    Never attempt to teach a pig to sing; it wastes your time and annoys the pig.

    Robert Heinlein

    Give a man an inch and right away he thinks he's a ruler

    Groucho Marx

    I love mankindÖitís people I canít stand.

    Linus, from the Peanuts comic

    You cannot have liberty without morality and morality without faith

    Alexis de Torqueville

    Those who fail to learn from the past are condemned to repeat it.
    Those who learn from the past are condemned to watch everybody else repeat it

    A Zero Hedge comment



  2. Remove this section of ads by registering.
  3. #2
    Stravasssholes or Stravaterrorists?

  4. #3
    Instagram Posts Accidentally Reveal Turkish Soldiers' Locations In Syrian Invasion

    https://www.zerohedge.com/news/2018-01-30/instagram-posts-accidentally-reveal-turkish-soldiers-locations-syrian-invasion
    Never attempt to teach a pig to sing; it wastes your time and annoys the pig.

    Robert Heinlein

    Give a man an inch and right away he thinks he's a ruler

    Groucho Marx

    I love mankindÖitís people I canít stand.

    Linus, from the Peanuts comic

    You cannot have liberty without morality and morality without faith

    Alexis de Torqueville

    Those who fail to learn from the past are condemned to repeat it.
    Those who learn from the past are condemned to watch everybody else repeat it

    A Zero Hedge comment

  5. #4
    It appears that government and intelligence agencies throughout the world did little or nothing to change their policies for personal fitness app and tracker usage as for the second time this year a massive data breach has exposed sensitive locations and the daily routines of government personnel, all accessible to the public.
    And like with Strava's interactive online fitness tracking map that made headlines last January, which we detailed revealed clandestine sites in places like Syria, Iraq, and Africa, including for example a CIA "black site" in Djibouti, the new breach allows easy access to view the daily habits of millions of users going back years.
    Yet now in some instances even the names and addresses of intelligence and military personnel are able to be known.

    This time it's the fitness app Polar Flow, created by a Finnish-based company with offices in New York, at the center of controversy after an investigation by Dutch news site De Correspondent confirmed that the app "lets anyone find names and addresses for thousands of soldiers and secret agents."
    This can even include profile pictures and often actual names of users shared via the publicly available “Explore” feature; but as researchers also found this data can potentially be accessed through a design flaw in the privacy setting.
    De Correspondent actually demonstrates just what can be known by examining one particular Polar fitness tracker near Erbil's international airport in Iraq. The results, found through quick open source searches, are startling:
    The man – let’s call him Tom – is a Dutch soldier, part of the Netherlands’ Capacity Building Mission in Iraq. The CBM is encamped near the Erbil airport. Since 2015, this base has been one of the key locations from which the war against the terrorist group Islamic State is being waged.
    We are absolutely not supposed to know who Tom is and where he’s stationed. And we most definitely shouldn’t know where Tom lives.
    Yet the activity tracking map in Polar’s fitness applets us see that many of Tom’s runs start and end near a cluster of homes in a small town in the northern Netherlands. A little Googling gives us his exact address. We also find the names of his wife and children, and photos.
    Though as the Dutch journalists note, exposing identities of intelligence agents is illegal in the US and many European countries, "we still found the names and addresses of personnel at intelligence agencies including the NSAand Secret Servicein the US, the GCHQand MI6in the UK, the GRU and the SVR RF in Russia, the DGSEin France, and the MIVD in the Netherlands."
    Dutch news site De Correspondent, working with the open source analysis site Bellingcat, produced infographic maps based on the Polar app, demonstrating how easy it is to locate home addresses of users via the Polar "Explore" feature:




    "We found the names and addresses of personnel at military bases including GuantŠnamo Bay in Cuba, Erbil in Iraq, Gao in Mali, and bases in Afghanistan, Saudi Arabia, Qatar, Chad, and South Korea." De Correspondent says this also included "the names and addresses of personnel at nuclear storage facilities, maximum security prisons, military airports where nuclear weapons are stored, and drone bases."
    Other journalists have since found names and addresses for what are believed to be intelligence and military personnel at sensitive government locations throughout the US as well, and noted that "Although the existence of many government installations are widely known, the identities of their employees were not."
    In the case of the Polaris app, as the tech site ZD Net explains, this can be done even if the user's settings are set to "private":
    With two pairs of coordinates dropped over any sensitive government location or facility, it was possible to find the names of personnel who track their fitness activities dating as far back as 2014.
    The reporters identified more than 6,400 users believed to be exercising at sensitive locations, including the NSA, the White House, MI6 in London, and the Guantanamo Bay detention center in Cuba, as well as personnel working on foreign military bases.
    ...they also found they could trick the API into retrieving fitness tracking data on private profiles.
    Who knows how many times either foreign intelligence services or terrorist groups have already used this and possibly other apps to pinpoint the exact locations US government agents operating abroad? After all the journalists testing the online system explain how easy it was to cull the data: "Because there were no limits on how many requests the reporters could make, coupled with easily enumerable user ID numbers, it was possible for anyone — including malicious actors or foreign intelligence services — to scrape the fitness activity data on millions of users."
    But a few of the examples, names withheld by the journalists, are as follows:

    • ZDNet was able to trace one person who exercised nearby to NSA headquarters in Ft. Meade. The user later started his exercise tracking as he left his house in nearby Virginia. Through public records, we confirmed his name, and his role as a senior military official.
    • Another person, also believed to be an NSA staffer based at Ft. Meade, was found exercising close to the Guantanamo Bay detention facility.
    • The Dutch reporters also found the fitness tracking data of several foreign military and intelligence officers near sensitive installations in the US.
    • De Correspondent explained in an additional report how easy it was to follow around one Polar user, believed to be an officer at the Dutch state intelligence service, across the world, and even locate his home address.

    Polar has since taken its tracking map offline and put out a statement: "While the decision to opt-in and share training sessions and GPS location data is the choice and responsibility of the customer, we are aware that potentially sensitive locations are appearing in public data, and have made the decision to temporarily suspend the Explore API" the company posted on its website.
    The Office of the Director of National Intelligence (ODNI), which oversees America's 17 intelligence agencies, issued the following predictable and somewhat vague statement to ZD Net while saying it was "aware of the potential impacts" of personal fitness devices: "The use of personal fitness and similar devices by individuals engaged in US Government support is determined and directed by each agency and department."
    Based on this official response from the ODNI which is essentially an admission that we'll just keep doing what we're doing, we fully expect more massive classified data and identity breaches to follow.
    No doubt action will finally and belatedly be taken if and when the first "Fitbit tracker-based kidnapping" of a government employee takes place.
    * * *

    More at: https://www.zerohedge.com/news/2018-...itness-tracker
    Never attempt to teach a pig to sing; it wastes your time and annoys the pig.

    Robert Heinlein

    Give a man an inch and right away he thinks he's a ruler

    Groucho Marx

    I love mankindÖitís people I canít stand.

    Linus, from the Peanuts comic

    You cannot have liberty without morality and morality without faith

    Alexis de Torqueville

    Those who fail to learn from the past are condemned to repeat it.
    Those who learn from the past are condemned to watch everybody else repeat it

    A Zero Hedge comment

  6. #5
    Military troops and other defense personnel at sensitive bases or certain high-risk warzone areas won't be allowed to use fitness-tracker or cellphone applications that can reveal their location, according to a new Pentagon order.The memo, obtained by The Associated Press, stops short of banning the fitness trackers or other electronic devices, which are often linked to cellphone applications or smart watches and can provide the users' GPS and exercise details to social media. It says the applications on personal or government-issued devices present a "significant risk" to military personnel, so those capabilities must be turned off in certain operational areas.
    Under the new order, military leaders will be able to determine whether troops under their command can use the GPS function on their devices, based on the security threat in that area or on that base.
    "These geolocation capabilities can expose personal information, locations, routines, and numbers of DOD personnel, and potentially create unintended security consequences and increased risk to the joint force and mission," the memo said.
    Defense personnel who aren't in sensitive areas will be able to use the GPS applications if the commanders conclude they don't present a risk. For example, troops exercising at major military bases around the country, such at Fort Hood in Texas or Norfolk Naval Station in Virginia, would likely be able to use the location software on their phones or fitness devices. Troops on missions in more sensitive locations, such as Syria, Iraq, Afghanistan or parts of Africa, meanwhile, would be restricted from using the devices or be required to turn off any location function.

    More at: https://finance.yahoo.com/news/penta...-politics.html
    Never attempt to teach a pig to sing; it wastes your time and annoys the pig.

    Robert Heinlein

    Give a man an inch and right away he thinks he's a ruler

    Groucho Marx

    I love mankindÖitís people I canít stand.

    Linus, from the Peanuts comic

    You cannot have liberty without morality and morality without faith

    Alexis de Torqueville

    Those who fail to learn from the past are condemned to repeat it.
    Those who learn from the past are condemned to watch everybody else repeat it

    A Zero Hedge comment



Similar Threads

  1. Replies: 2
    Last Post: 06-23-2014, 08:49 PM
  2. Replies: 36
    Last Post: 06-30-2013, 06:31 AM
  3. Document Reveals Draconian Details of Obamaís Secret Globalist Trade Pact
    By John F Kennedy III in forum U.S. Political News
    Replies: 1
    Last Post: 06-14-2012, 08:14 PM
  4. Paul campaign reveals ground game details
    By TexMac in forum Ron Paul Forum
    Replies: 23
    Last Post: 01-02-2012, 03:38 PM
  5. How to See the Secret Tracking Data in Your iPhone
    By DamianTV in forum Privacy & Data Security
    Replies: 0
    Last Post: 04-22-2011, 03:09 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •