TidBITS: Strava Fitness Network Reveals Secret Military Sites

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

TidBITS: Strava Fitness Network Reveals Secret Military Sites

TidBITS Articles
Strava Fitness Network Reveals Secret Military Sites

This article was just published by TidBITS and sent to you at your request.

Strava Fitness Network Reveals Secret Military Sites

By Josh Centers
http://tidbits.com/article/17767

How’s this for an unintended consequence? The Strava fitness app, which brands itself as the “social network for athletes,” lets users map their workouts, which has led to a potentially deadly security breach. U.S. troops stationed abroad are using Strava to share their workouts, and a heat map released by the company reveals the locations of military bases and travel routes—some known, others not. The company responded by pointing out the app’s privacy settings, but this is likely a problem the military will have to solve with smarter policy.

Post a comment

TidBITS members can unsubscribe from just-published articles at http://tidbits.com/subscriptions. TidBITS Talk readers will need to create a filter to delete these articles.

Article copyright © 2018 By Josh Centers . Reuse governed by Creative Commons License.




____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: TidBITS: Strava Fitness Network Reveals Secret Military Sites

Doug Miller


On Jan 30, 2018, at 4:27 PM, TidBITS Articles <[hidden email]> wrote:

Strava Fitness Network Reveals Secret Military Sites

It’s not just Military Sites. I looked at the heatmap of my neighborhood and found that my driveway was one of two on our mile-long street that had people using Strava going up and down the driveway often enough to show up on the heatmap (I have a long driveway so it’s obvious where my house is; it is also using Google Maps, so the house location is outlined on the map anyway.) I had set my workouts to private but I didn’t realize that Strava didn’t change the historically collected data when I did that, and, to make matters worse, there is no bulk edit functionality to change all of my past data to private. I just finished tediously editing hundreds of data points to private. (My data remains in the heatmap, unfortunately.)

I’m not all that concerned, but it is a publicly available data point that shows that somebody who lives at my house is frequently out exercising, and anybody who found that data would see that I am most often gone in the early morning. It’s a very marginal risk, but a risk nonetheless. 

Most of my data was uploaded in bulk when I connected my Garmin Connect account with Strava - I don’t actually use the Strava app to collect data - and I changed my privacy about a year ago, without understanding that it was only data uploaded from that point forward that would be private. 

Doug



____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: TidBITS: Strava Fitness Network Reveals Secret Military Sites

Paul Schinder

> On Jan 30, 2018, at 4:46 PM, Doug Miller <[hidden email]> wrote:
>
>
>
>> On Jan 30, 2018, at 4:27 PM, TidBITS Articles <[hidden email]> wrote:
>>
>> Strava Fitness Network Reveals Secret Military Sites
>
> It’s not just Military Sites. I looked at the heatmap of my neighborhood and found that my driveway was one of two on our mile-long street that had people using Strava going up and down the driveway often enough to show up on the heatmap (I have a long driveway so it’s obvious where my house is; it is also using Google Maps, so the house location is outlined on the map anyway.) I had set my workouts to private but I didn’t realize that Strava didn’t change the historically collected data when I did that, and, to make matters worse, there is no bulk edit functionality to change all of my past data to private. I just finished tediously editing hundreds of data points to private. (My data remains in the heatmap, unfortunately.)
>
> I’m not all that concerned, but it is a publicly available data point that shows that somebody who lives at my house is frequently out exercising, and anybody who found that data would see that I am most often gone in the early morning. It’s a very marginal risk, but a risk nonetheless.
>
> Most of my data was uploaded in bulk when I connected my Garmin Connect account with Strava - I don’t actually use the Strava app to collect data - and I changed my privacy about a year ago, without understanding that it was only data uploaded from that point forward that would be private.

Where I live there are still books that contain your address.  Look up my name, and you find my address.  And there are devices that you can input the address and they’ll direct you there.  That ship has long sailed.

Strava has a setting where you can obfuscate your home location so it won’t show up in your tracks.  (Doesn’t do me much good; there are only two ways into my neighborhood, so the neighborhood, if not the house, is located exactly.)

>
> —
> Doug



--
Paul Schinder
[hidden email]






____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: TidBITS: Strava Fitness Network Reveals Secret Military Sites

Doug Miller


On Jan 30, 2018, at 4:58 PM, Paul Schinder <[hidden email]> wrote:

Where I live there are still books that contain your address.  Look up my name, and you find my address.  And there are devices that you can input the address and they’ll direct you there.  That ship has long sailed.

There is not a book, however, that shows a map of all of the people who are frequently away from home exercising roughly from 7:30 am to 9:00 am. almost every day. Somebody may find that information helpful.


Strava has a setting where you can obfuscate your home location so it won’t show up in your tracks.  (Doesn’t do me much good; there are only two ways into my neighborhood, so the neighborhood, if not the house, is located exactly.)

Yes, I have that set, as of about a year ago, when I also turned on privacy by default. But it didn’t change historical data already in Strava. (There is still a potential leak of information. It may not be important information, but because it is a circle around my house, somebody could still find the exact location pretty easily if I was running or biking on more than one side of the circle.)

Doug




____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: TidBITS: Strava Fitness Network Reveals Secret Military Sites

@lbutlr
On 30 Jan 2018, at 15:54, Doug Miller [hidden email]> wrote:
>> On Jan 30, 2018, at 4:58 PM, Paul Schinder <[hidden email]> wrote:
>>
>> Where I live there are still books that contain your address.  Look up my name, and you find my address.  And there are devices that you can input the address and they’ll direct you there.  That ship has long sailed.
>
> There is not a book, however, that shows a map of all of the people who are frequently away from home exercising roughly from 7:30 am to 9:00 am. almost every day. Somebody may find that information helpful.

That's OK, most people are away from 8am to 5pm, which is when the majority of burglaries occur.

--
'They're the cream!' Rincewind sighed. 'Cohen, they're the cheese.'




____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____