
Norway: Soldiers' location history found in data sold by Tamoco - santamarias
https://www.nrk.no/norge/xl/norske-offiserer-og-soldater-avslort-av-mobilen-1.14890424
======
dang
We have nothing but respect for Norway, but HN is an English-language site, so
articles here need to be in English.

I'm sorry, but we have enough trouble getting this audience to read the
articles as it is.

~~~
santamarias
point taken, thanks :)

------
santamarias
A bit of context for non-Norwegians: The government owned media NRK bought
location data from Tamoco worth approximately 3,400 USD.

The NRK subsidiary NRKbeta has "connected the dots" from that data set. In
this article they present how they could track down military personnel
visiting restricted military sites in Norway, including the disputed radar
installation in Vardø, close to the Russian border.

~~~
SiempreViernes
This reminds me of this rumour about how someone used tinder to triangulate
opponent units during an exercise and arty them to shit. Supposedly Finns
outwitting Norwegians, but is a anon text so who knows:
[https://imgur.com/gallery/bySUH](https://imgur.com/gallery/bySUH)

~~~
csiegert
Reminds me of a story I heard: In a conflict, Russia sent SMS to the mothers
of Ukrainian(?) soldiers, informing them of their son’s death (pretending to
be the Ukrainian government/military). The mothers, distraught, called their
son’s cellphone. The increased, clustered cellphone activity near the
frontline gave away the unit positions. Shortly after, Russian bombs dropped.

~~~
ISL
Went looking for citations:

[https://www.ausa.org/articles/russia-gives-lessons-
electroni...](https://www.ausa.org/articles/russia-gives-lessons-electronic-
warfare)

[https://mwi.usma.edu/text-messages-hell-restraint-
informatio...](https://mwi.usma.edu/text-messages-hell-restraint-information-
warfare/)

~~~
eloff
That's some next level evil genius. Pretty scary.

------
Grollicus
This reminds me of an experiment I'd like someone to run on Strava. They had
this big scandal some time ago where People identified US military bases
simply by having a lot of activity in an otherwise empty area.

Now they've added some mojo to prevent this but still sell location data.

So how about running the same attack but instead of using the browser and
their own website just use the bought location data.

I suspect they didn't fix that as I've disabled appreaing on their heatmap but
they still sold my location data when I forgot to disable my vpn during a run
some time ago.

~~~
mathieuh
You can add privacy zones around locations so when people look at your
activities your line just disappears inside the radius of your privacy zones.

I have ones around my home and where I work. No idea if that affects whatever
data they sell (I doubt it, since you can still the full activity yourself
even with a privacy zone), but stops people finding where you live/work and
nicking your bike

~~~
egwor
The fact that an area is made private is also a piece of information. I was
thinking that you could use that to track down sensitive areas.

~~~
muldvarp
Unless I'm missing something you can easily triangulate the center point of
the private area.

------
erikbye
"On average app publishers make $10,000 a month with Tamoco data
monetization."

[https://www.tamoco.com/blog/best-app-revenue-
calculator/](https://www.tamoco.com/blog/best-app-revenue-calculator/)

------
user5994461
Google translate:
[https://translate.google.com/translate?sl=auto&tl=en&u=https...](https://translate.google.com/translate?sl=auto&tl=en&u=https%3A%2F%2Fwww.nrk.no%2Fnorge%2Fxl%2Fnorske-
offiserer-og-soldater-avslort-av-mobilen-1.14890424)

Original article is in Norwegian.

------
daffy
It would be interesting to know which ``apps'' were responsible for leaking
the data.

~~~
dylkil
check the settings on your phone, the ones with location data access are
selling it.

~~~
daffy
All of them? How do you know this?

~~~
im3w1l
The vast majority. You have to go out of your way to find apps that don't
scoop up all the data they can. Why not? It's not like consumers penalize it.

------
john_minsk
Don't allow soldiers to have mobile on restricted ground...

~~~
willvarfar
Traffic Analysis.

A lot of British intelligence during WW2 was gleamed not from the contents of
the messages they intercepted, but rather from tracking who was where and
communicating with whom.

And if you stop soldiers from using mobile phones on restricted ground, you
are just going to have lots of tracks stopping abruptly at the gates and
secure facilities identifiable by their lack of emissions.

Patterns.

There have been great examples of correctly identifying the crews of nuclear
submarines by their predictable periods of time offline.

~~~
stan_rogers
It was giving that away in his book, rather than any of the other activities
at Bletchley Park, that got Gordon Welchman into trouble. Even without any
detail as to the techniques used, the fact that he and his group had basically
worked out the German operational structure and deployment situation entirely
from traffic analysis before the improved Enigma was reliably broken revealed
a lot that was meant to be kept secret.

~~~
willvarfar
Yes the hut six story was an excellent and eye opening book. We are quick to
idolize Turing - and he was an amazing man - but there are others such as
Welchman and Tutte who sadly get less attention.

------
JacobHonore
Reminded me of this New York Times article where they got hold of location
data from 12 million americans. I think NRK found some inspiration from that.

[https://www.nytimes.com/interactive/2019/12/19/opinion/locat...](https://www.nytimes.com/interactive/2019/12/19/opinion/location-
tracking-cell-phone.html)

------
TazeTSchnitzel
Something similar has happened before:
[https://news.ycombinator.com/item?id=16249955](https://news.ycombinator.com/item?id=16249955)

