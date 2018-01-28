Fitness-Tracking App Reveals Locations of Secret Army Bases (theguardian.com) 73
Coisiche shared this story from the Guardian: Sensitive information about the location and staffing of military bases and spy outposts around the world has been revealed by a fitness tracking company. The details were released by Strava in a data visualisation map that shows all the activity tracked by users of its app, which allows people to record their exercise and share it with others. The map, released in November 2017, shows every single activity ever uploaded to Strava -- more than 3 trillion individual GPS data points, according to the company. The app can be used on various devices including smartphones and fitness trackers like Fitbit to see popular running routes in major cities, or spot individuals in more remote areas who have unusual exercise patterns.
However, over the weekend military analysts noticed that the map is also detailed enough that it potentially gives away extremely sensitive information about a subset of Strava users: military personnel on active service... In locations like Afghanistan, Djibouti and Syria, the users of Strava seem to be almost exclusively foreign military personnel, meaning that bases stand out brightly. In Helmand province, Afghanistan, for instance, the locations of forward operating bases can be clearly seen, glowing white against the black map.
One analyst analyst predicted that after this discovery, "A lot of people are going to have to sit through lectures come Monday morning."
Another military analyst told the Guardian "U.S bases are clearly identifiable" -- though he added that the map "looks very pretty."
This can be a problem for anyone -- if you allow it.
If you leave from home for runs/rides, someone can easily see where you live, and learn the patterns of when you are won't be home. For that reason, even the freeware version of strava provides some privacy options:
1) Allows to make your records private, or available only by request
2) Provides a way to hide certain areas (such as start/stop location) from followers.
3) Plus the normal stuff, such as hiding real name and not allowing followers.
"One analyst analyst...." (Score:4)
I have never before heard of analysts being tasked with analyzing other analysts. Thank you for making me aware of this new occupational opportunity.
I believe the industry term is meta-analysis. It actually makes sense that it exists, as there's far too much information for one analyst or one team to analyze, especially when it crosses disciplines. At some point analysis has to trust on the other of other analysis.
It's probably in the interest of the higher-level analyst to be a natural skeptic though, since it's always a good idea to at least spot-check the work of others that one is reliant on.
If I had mod points, you would get at least 17 of them.
Analyse this track.. (Score:2)
https://labs.strava.com/heatmap/#14.11/127.41159/39.18004/hot/all
Inside north korea, either starting or ending just off the shore of a port, then messing around the port a bit
;)
I have never before heard of analysts being tasked with analyzing other analysts. Thank you for making me aware of this new occupational opportunity.
Thanks for making it clear that you are not an analyst analyst analyst. (There's another one for you if you weren't previously aware of the existence of analyst analysts.)
And this is why... (Score:2, Informative)
And this is why letting some company track your data is a bad idea. This would probably have been avoided if this company didn't track their users and then publish the data.
And this is why letting some company track your data is a bad idea. This would probably have been avoided if this company didn't track their users and then publish the data.
Don't blame the company. Whether to (a) use location data or not, or (b) sync with the Strava site or not are both voluntary.
It's the goons that chose to do both that are to blame here. If they're too stupid to see the problem, why the hell are they cleared to work at secret facilities?
Re: And this is why... (Score:2)
Its the old alcoholics anonymous argument. You can micromanage, spending enormous resources on never ending mitigation and remediation, or you can let a person or organization "hit rock bottom" and get a sense of the horror and self-correct.
Not just the military. What happens when a whole bunch of vehicles start showing up [slashdot.org] at some remote skunk works site? You don't think that foreign intelligence services have advertising company fronts? They can buy phone and vehicle location data and mine it for the travel patterns of known technical experts.
Ya think?
Where have my eyes gone? (Score:5, Insightful)
Cause god knows spotting a military base with a shit load of military hardware in it and a dirty great big barbwire fence is impossible without these fitness apps.
"Advice from an old tracker. You want to find someone? Use your eyes." - Mal Reynolds
Re: (Score:3)
Re:Where have my eyes gone? (Score:5, Insightful)
Cause god knows spotting a military base with a shit load of military hardware in it and a dirty great big barbwire fence is impossible without these fitness apps.
My thoughts exactly. Concerning Afghanistan at least (since it was mentioned), the locations of US bases are not exactly unknown. And updated Strava data is not readily available to the public at any time, is it? And elsewhere, any hostile force of serious concern can surely locate significant military facilities without this, right?
I don't think hordes of US Humvees, support vehicles, and encampments are really that hard to identify as such in Africa, Central Asia, and the Middle East. Once you locate a
Drone bases (Score:2)
Smart Phone app (Score:4, Insightful)
Re: (Score:3)
If you are in a sensitive area and you have a smart phone turned on then you aren't smart enough to be allowed in a sensitive area. If we are near people who potentially want to kill me and you turn your fucking position broadcasting device on beside me, I will turn it off after I take it off of your recently deceased body.
True. I would amend the above to say "phone" instead of "smart phone" to be even more accurate. If the area is that sensitive, your probably don't want the cellular provider tracking you either. Even a non-smart cellular phone with no applications is giving up your location constantly.
And I'm sure that the eighteen year old recruit two weeks out of AIT and four months out of basic has this weighing heavily on his mind when he's going overseas for the first time in his life, when five months ago he'd never even held a rifle before.
Why? (Score:3)
Re:Why? (Score:5, Informative)
Because the location isn't sensitive. These bases aren't hidden, they are fortified forward operating positions.
What is inside the base is sensitive, what information there is sensitive, what force composition is there is sensitive.
Because the location isn't sensitive. These bases aren't hidden, they are fortified forward operating positions.
Oh well there's no problem then.
Because the location isn't sensitive. These bases aren't hidden, they are fortified forward operating positions.
What is inside the base is sensitive, what information there is sensitive, what force composition is there is sensitive.
Oh well there's no problem then.
The Russians know where these bases are, the Chinese know where these bases are, they both also know what force composition is there because they have satellites photographing these bases at regular intervals and in some cases probably ground assets sniffing around them as well, even the news media probably knows the location of many of these bases. The only people who didn't know the location of most of these bases is the general public and the vast majority of them don't care.
If these numbers can be used to determine the number of personnel and where various facilities on-base are located then there is.
Re: (Score:2)
Because the location isn't sensitive. These bases aren't hidden, they are fortified forward operating positions.
What is inside the base is sensitive, what information there is sensitive, what force composition is there is sensitive.
Yes, which you can start to discern the sensitive information once you start getting more pieces of the puzzle. How many people work there, day/night movements, shift change times, supply routes, etc.
Long ago, the military used to be concerned about these things we called Essential Elements of Friendly Information (EEFIs). Gather enough of them together, and you can start to figure out very sensitive or classified information. EEFI was later called "Critical Information". I guess now that includes "anon
My girlfriend's nipples are sensitive.
The tip of my penis is sensitive.
Can I rub the tip of my penis across your girlfriend's nipples?
My girlfriend's nipples are sensitive.
Is your girlfriend Manti Te'o's ex by any chance, or her sister?
You're not fooling anyone, and you surely don't understand what or who I'm referencing.
Probably because "infosec" is not a person standing over you slapping your hand when you go to do something stupid, but is instead an abstract concept penned-down in that operating manual that you never read because the author essentially found the cure for insomnia.
What about Russian military personnel? (Score:2)
Are their troop concentrations now a matter of public knowledge as well? Do they simply not use these devices? Or do they have their own private infrastructure for this kind of thing, along with the sense not to let private companies have access to the data?
I know hindsight is 20/20, but I'm sure people in the Pentagon get paid lots to anticipate and thwart this kind of dumpster fire. This looks REALLY bad on them - kinda like strapping on a pair of cleats and stepping on your own dick.
Stupid spreads like wildfire. [washingtonpost.com]
If they need camera, they use approved camera and camera team. If they need radio, they use approved radio. Gym? Thats part of everyday.
They know the NSA and GCHQ is trying to collect on them. So no extra kit. Private companies support Russian mil in approved way. Not with consumer devices that do not help security. A better esprit de corps that is professionally aware of the risks of NATO collect it all. i.e. always on mission rather than a shift is over a
Dumbasses (Score:2)
It's called flash memory.
What part of radio silence is hard? The radio or the silence?
Wait, you don't thinking shouting, "radio silence", makes you invisible like the stealth warplanes Trump spoke so highly of, do you?
You DUMB SHITS (Score:1)
Known about this for years (Score:2)
A friend of my has a free app that soldiers find useful in their missions and was telling me how he would notice location requests coming from odd out of the way places and then would here about some military operation happening there.
Are the data sets that descriptive as to sort the low ranks from the unhappy officers, contractors with money problems?
Wonder if the US and UK had the smarts to create fake signals and see who went looking to be a base "friend" attracted by the data sets.
Comic (Score:2)
Always reminds me of the Batman and Robin in the batcave. [pinimg.com]
Re: Comic (Score:2)
When the machines come for us... (Score:2)
they'll be able to find us and take us out in an instant. We might as well be implanting chips to make the job easier for them
:(
Did anyone else see Elon Musk's video on the immediate dangers of A.I. and how just facial recognition coupled with tiny weaponized drones could allow for a very effective policy state? Fear-mongering or is time to call up Larry Niven's A.R.M.?*
*The science fiction writer Larry Niven thought that certain technologies would become just so deadly and available to so many people th
Local storage (Score:2)
Why don't users have the option to store everything on their computer? No cloud update.
I'm still using an old Polar Heart rate monitor because it comes with a Windows program (Polar ProTrainer) to store and display all my workouts. I love the fact that my data isn't in the cloud. That is a HUGE selling point for me.
Korea... (Score:2)
Perhaps now something will be done about privacy (Score:2)
Perhaps now the information collected under loose "we can share it with anyone" agreements is of detriment to the State (when used by an enemy) something good will come of it. Mandatory, perhaps also with discretionary, geo-fencing of the data collection, or on-device-only options, for example. Not just Strava but all of these services. Unfortunately, this data works both ways: the "Good Guys" can use similar methods against "Bad Guys." Maybe our "Good Guys" feel that exploiting this data is more valu
Full Metal Jacket (Score:2)
No One Will Be Punished (Score:2)
> I would love to see the base commanders go Full Metal Jacket
> on the soldiers for being so dumb. Fucking meat heads.
No one will be punished... because it was the idiot higher-ups at the Pentagon who were handing out free FitBits to their soldiers. And no, Trump was not president in 2013.
https://www.washingtonpost.com... [washingtonpost.com]
> But the Pentagon has encouraged the use of Fitbits among
> military personnel and in 2013 distributed 2,500 of them as
> part of a pilot program to battle obesity.
I would love to see the base commanders go Full Metal Jacket on the soldiers for being so dumb. Fucking meat heads.
How tall are you, private!?!
Doesn't matter (Score:2)
From the summary, this doesn't look to be a real time map, so I doubt old Strava data is of any significant tactical concern. If I'm wrong, please explain, I'm not just trying to be contrarian.
Area 51 (Score:2)
One lousy cyclist [strava.com]?? How do those out-of-shape bums expect to chase down the escaping aliens?!?
Seriously though, it looks like the heat map goes to the granularity of a single single user? I think the app lets you do that already, but it's more than a little creepy from the whole privacy angle. I'm not sure how I'd feel about my daily route sitting there on a map.