The IT Nerd

Seeing as I am a cyclist, I use Strava to keep track of my rides and also to help me improve. The same is true for millions of other cyclists, runners, and other weekend warriors. Which is when I saw this news over the weekend, I was kind of floored:

Sensitive information about the location and staffing of military bases and spy outposts around the world has been revealed by a fitness tracking company. The details were released by Strava in a data visualisation map that shows all the activity tracked by users of its app, which allows people to record their exercise and share it with others. The map, released in November 2017, shows every single activity ever uploaded to Strava — more than 3 trillion individual GPS data points, according to the company. The app can be used on various devices including smartphones and fitness trackers like Fitbit to see popular running routes in major cities, or spot individuals in more remote areas who have unusual exercise patterns.

However, over the weekend military analysts noticed that the map is also detailed enough that it potentially gives away extremely sensitive information about a subset of Strava users: military personnel on active service… In locations like Afghanistan, Djibouti and Syria, the users of Strava seem to be almost exclusively foreign military personnel, meaning that bases stand out brightly. In Helmand province, Afghanistan, for instance, the locations of forward operating bases can be clearly seen, glowing white against the black map.

Well, Strava is in a whole lot of trouble. But it does illustrate that when companies like Strava, or Map My Run which is owned by UnderArmor, or Runtastic collect the data on millions of users, that data can have all sorts of unintended consequences. For example, I had a brief look at this and these maps (which for the record I have used previously to design cycling routes for myself) clearly outline what I assume are patrol and supply routes. Thus if you’re a bad guy who wants to kidnap or kill people, this would be a great way to figure out where to set up shop so that you could do just that. I am guessing that all these app companies are going to have to get together with the US military to get this sorted for that reason alone. I’m also going to guess that the US military is going to have to crack down on the usage of these sorts of apps to avoid this problem going forward.

This entry was posted on January 29, 2018 at 9:25 am and is filed under Commentary with tags Strava. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.