Many fitness enthusiasts are probably aware of Strava, an application that lets them track their routines, complete with precise positioning data. That’s great for anyone looking to see the map of their jogs and other outdoor activities that can be tracked via GPS.
It’s not so great if you’re a member of the military who forgot to turn off location tracking on your mobile device. That’s because Strava published a heat map that shows the recorded activity of millions of users around the world, complete with data that might identify key army secrets.
The data on display in those heat maps comes from a billion activities and includes some 3 billion latitude and longitude points, The Verge explains. In theory, that kind of data is too broad to spy on known and unknown US army base locations from around the world.
But the data does offer some valuable details to spies, including routines of military personnel. On top of precise locations, the data Strava plotted provides insights into how people are moving around different places, including army bases.
Strava released their global heatmap. 13 trillion GPS points from their users (turning off data sharing is an option). https://t.co/hA6jcxfBQI … It looks very pretty, but not amazing for Op-Sec. US Bases are clearly identifiable and mappable pic.twitter.com/rBgGnOzasq
— Nathan Ruser (@Nrg8000) January 27, 2018
What may be worrying is that spies may be able to use this data to detect secret US bases. It’s one thing to try to discern any viable information from a heat map of the US or Europe, and quite a different thing to discover potential bases in war zones. The Washington Post explains it best:
In war zones and deserts in countries such as Iraq and Syria, the heat map becomes almost entirely dark — except for scattered pinpricks of activity. Zooming in on those areas brings into focus the locations and outlines of known U.S. military bases, as well as of other unknown and potentially sensitive sites — presumably because American soldiers and other personnel are using fitness trackers as they move around.
The US-led coalition fighting the Islamic State said on Monday that it’s revising guidelines on the use of wireless devices. “The Coalition is in the process of implementing refined guidance on privacy settings for wireless technologies and applications, and such technologies are forbidden at certain Coalition sites and during certain activities,” the Central Command press office in Kuwait told The Post.
Strava, meanwhile, has not done anything wrong, as its app does offer users a way to opt-out of location tracking. The company told The Verge that the map represents “an aggregated and anonymized view of over a billion activities uploaded to our platform. It excludes activities that have been marked as private and user-defined privacy zones.” The company added that it’s “committed to helping people better understand our privacy settings.”
The map doesn’t include live data. Instead, it’s combined fitness activity registered between 2015 and September 2017, and the map was first published in November. Unfortunately, the damage may have already been done at this point.