Fitness-Tracking App Reveals Locations of Secret Army Bases

Coisiche shared this story from the Guardian: Sensitive information about the location and staffing of military bases and spy outposts around the world has been revealed by a fitness tracking company. The details were released by Strava in a data visualisation map that shows all the activity tracked by users of its app, which allows people to record their exercise and share it with others. The map, released in November 2017, shows every single activity ever uploaded to Strava -- more than 3 trillion individual GPS data points, according to the company. The app can be used on various devices including smartphones and fitness trackers like Fitbit to see popular running routes in major cities, or spot individuals in more remote areas who have unusual exercise patterns.

However, over the weekend military analysts noticed that the map is also detailed enough that it potentially gives away extremely sensitive information about a subset of Strava users: military personnel on active service... In locations like Afghanistan, Djibouti and Syria, the users of Strava seem to be almost exclusively foreign military personnel, meaning that bases stand out brightly. In Helmand province, Afghanistan, for instance, the locations of forward operating bases can be clearly seen, glowing white against the black map.
One analyst analyst predicted that after this discovery, "A lot of people are going to have to sit through lectures come Monday morning."

Another military analyst told the Guardian "U.S bases are clearly identifiable" -- though he added that the map "looks very pretty."

"One analyst analyst...."

[macraig]

I have never before heard of analysts being tasked with analyzing other analysts. Thank you for making me aware of this new occupational opportunity.

Re:"One analyst analyst...."

[brayrobert201]

No, that's a combination of analyst and therapist.

Re:"One analyst analyst...."

[TWX]

I believe the industry term is meta-analysis. It actually makes sense that it exists, as there's far too much information for one analyst or one team to analyze, especially when it crosses disciplines. At some point analysis has to trust on the other of other analysis.

It's probably in the interest of the higher-level analyst to be a natural skeptic though, since it's always a good idea to at least spot-check the work of others that one is reliant on.

And this is why...

And this is why letting some company track your data is a bad idea. This would probably have been avoided if this company didn't track their users and then publish the data.

Re:And this is why...

[Paradise+Pete]

This would probably have been avoided if this company didn't track their users and then publish the data.

Ya think?

Re:And this is why...

[PPH]

Not just the military. What happens when a whole bunch of vehicles start showing up at some remote skunk works site? You don't think that foreign intelligence services have advertising company fronts? They can buy phone and vehicle location data and mine it for the travel patterns of known technical experts.

Where have my eyes gone?

[Harlequin80]

Cause god knows spotting a military base with a shit load of military hardware in it and a dirty great big barbwire fence is impossible without these fitness apps.

Re:Where have my eyes gone?

[ragahast]

Sure, but this shows where many of them are all at once, for free, with GPS coordinates. People run on the roads mostly, so it also gives a road map of the base. Go zoom in on some of those random hotspots in podunk Afghanistan, it's pretty weird.

Re:Where have my eyes gone?

[RightwingNutjob]

The problem isn't spotting the base, anyone with an internet connection can look at satellite photos. The problem is outlining the patrol and supply routes. Not just for military, I might add. If you're an aid worker in some third world hole and the only one in town using this fitness app, and you take the same route to work every day, so it's nice and bright on the map, then you just bought yourself an invitation to get targeted for robbery or or kidnapping.

Re:Where have my eyes gone?

[careysub]

Every additional piece of information you can layer on to the intelligence that you already have builds a more complete understanding of the operations.

Re:Where have my eyes gone?

[dwillden]

A road map that any local who wishes already has. These bases are not secret, they are not hidden, they use local nationals employees for many general labor services, Further on average there are not massive numbers all at one spot on any base's running routes. There will be more runners at sunrise and sunset as it's cooler but not to dark to safely see, but they don't usually group together.

This is being blown out of proportion by people who don't understand what they are even talking about. Yes it is of some degree of concern, I would expect the devices to become restricted on smaller forward bases, but mostly this is not an issue. A local national working on base can generate the same information with his mark one eyeballs and he doesn't need a computer or internet access to do so.

Re:Where have my eyes gone?

[mjwx]

Cause god knows spotting a military base with a shit load of military hardware in it and a dirty great big barbwire fence is impossible without these fitness apps.

Have you ever tried drawing a map from just what you have seen on ground level with no equipment beyond a pair of binoculars?

Now there are detailed and accurate maps in public. Even worse, they may now know patrol routes and what parts of the base are not occupied at night.

We aren't talking about sleepy bases in Wyoming either, these are for bases overseas that could easily be attacked. Seems the military has forgotten the wisdom of "loose lips sink ships". Uploading anything to anywhere in an active theatre needs to be strictly controlled.

Smart Phone app

[FeelGood314]

If you are in a sensitive area and you have a smart phone turned on then you aren't smart enough to be allowed in a sensitive area. If we are near people who potentially want to kill me and you turn your fucking position broadcasting device on beside me, I will turn it off after I take it off of your recently deceased body.

Re:Smart Phone app

[Nkwe]

If you are in a sensitive area and you have a smart phone turned on then you aren't smart enough to be allowed in a sensitive area. If we are near people who potentially want to kill me and you turn your fucking position broadcasting device on beside me, I will turn it off after I take it off of your recently deceased body.

True. I would amend the above to say "phone" instead of "smart phone" to be even more accurate. If the area is that sensitive, your probably don't want the cellular provider tracking you either. Even a non-smart cellular phone with no applications is giving up your location constantly.

Re:Smart Phone app

[mapkinase]

I wonder what the Napoleon army, or Genghis Khan army, or Alexander the Great army, or Hitler army did before invention of iPhone for their fitness.

Finess apps is a fad for rich idiots. Army does not need apps, it already has the greatest app of all - Sergeants.

Re:Smart Phone app

[HalAtWork]

Some watches store the info and just upload when the phone is turned on, or function as phones themselves, so no smart devices period

Why?

[fluffernutter]

Why would anyone in a military base in a sensitive location be allowed to have an app that tracks your location? Why would they turn it on?

Re:Why?

[Harlequin80]

Because the location isn't sensitive. These bases aren't hidden, they are fortified forward operating positions.

What is inside the base is sensitive, what information there is sensitive, what force composition is there is sensitive.

Re:Why?

[fluffernutter]

Because the location isn't sensitive. These bases aren't hidden, they are fortified forward operating positions.

Oh well there's no problem then.

Re:Why?

[geekmux]

Because the location isn't sensitive. These bases aren't hidden, they are fortified forward operating positions.

What is inside the base is sensitive, what information there is sensitive, what force composition is there is sensitive.

Yes, which you can start to discern the sensitive information once you start getting more pieces of the puzzle. How many people work there, day/night movements, shift change times, supply routes, etc.

Long ago, the military used to be concerned about these things we called Essential Elements of Friendly Information (EEFIs). Gather enough of them together, and you can start to figure out very sensitive or classified information. EEFI was later called "Critical Information". I guess now that includes "anonymized" data that comes from a fitness app. I sure as shit hope the innocence gets lost real quick around data mining like this.

Re:Why?

[Freischutz]

Because the location isn't sensitive. These bases aren't hidden, they are fortified forward operating positions.

What is inside the base is sensitive, what information there is sensitive, what force composition is there is sensitive.

Oh well there's no problem then.

The Russians know where these bases are, the Chinese know where these bases are, they both also know what force composition is there because they have satellites photographing these bases at regular intervals and in some cases probably ground assets sniffing around them as well, even the news media probably knows the location of many of these bases. The only people who didn't know the location of most of these bases is the general public and the vast majority of them don't care.

Re:Why?

[uvajed_ekil]

My girlfriend's nipples are sensitive.

Is your girlfriend Manti Te'o's ex by any chance, or her sister?

You're not fooling anyone, and you surely don't understand what or who I'm referencing.

Re:Why?

[careysub]

Mod this guy up someone! There are far too many posters here opining that "but the Russians and Chinese know these bases are there anyway". Anything that discloses operational patterns direct or indirectly is a security risk.

Normally intelligence outfits build up pictures of the entity of interest one piece at a time.

Re:Dumbasses

[bradley.uffner2292]

This could happen regardless of "radio silence". Strava can log your route even when not actively broadcasting your location. It could be uploaded months, or even years later.

Re:What about Russian military personnel?

[RightwingNutjob]

WaPo article says yes.
Stupid spreads like wildfire.

Comic

[BrookHarty]

Always reminds me of the Batman and Robin in the batcave.

Re: Comic

[Brockmire]

Not clicking on gay porn, nice try.

Re:BWA-HA-HA-HA-HA-HA-HA!!!!

[bigwheel]

This can be a problem for anyone -- if you allow it.

If you leave from home for runs/rides, someone can easily see where you live, and learn the patterns of when you are won't be home. For that reason, even the freeware version of strava provides some privacy options:
1) Allows to make your records private, or available only by request
2) Provides a way to hide certain areas (such as start/stop location) from followers.
3) Plus the normal stuff, such as hiding real name and not allowing followers.

But then again, even a photo taken from your phone contains GPS information and timestamp if you don't specifically disable it.

Perhaps now something will be done about privacy

[GumphMaster]

Perhaps now the information collected under loose "we can share it with anyone" agreements is of detriment to the State (when used by an enemy) something good will come of it. Mandatory, perhaps also with discretionary, geo-fencing of the data collection, or on-device-only options, for example. Not just Strava but all of these services. Unfortunately, this data works both ways: the "Good Guys" can use similar methods against "Bad Guys." Maybe our "Good Guys" feel that exploiting this data is more valuable than protecting their own troops/targets.

Analyse this track..

[thesupraman]

https://labs.strava.com/heatmap/#14.11/127.41159/39.18004/hot/all

Inside north korea, either starting or ending just off the shore of a port, then messing around the port a bit ;)

Re:Analyse this track..

[AmiMoJo]

The annual Pyongyang Marathon is in April. There are probably people training for that, or maybe for the Olympics. NK does import tech like Fitbits, mostly via China.

No One Will Be Punished

[knorthern+knight]

> I would love to see the base commanders go Full Metal Jacket
> on the soldiers for being so dumb. Fucking meat heads.

No one will be punished... because it was the idiot higher-ups at the Pentagon who were handing out free FitBits to their soldiers. And no, Trump was not president in 2013.

https://www.washingtonpost.com...

> But the Pentagon has encouraged the use of Fitbits among
> military personnel and in 2013 distributed 2,500 of them as
> part of a pilot program to battle obesity.

Re:Local storage

[careysub]

Ditto. In evaluating smart phone apps for diet and exercise I found that a majority of them require, as a first step to using the app, creating a personal account on a website/server. That automatically moved them to the reject pile.