I just created an overlay of Google Maps and Strava Heatmap of the forward operating base I was at in Afghanistan. The heatmap clearly shows the layout of the base.
That base has been in operation for at least 6-8 years, and it is well-developed. The up-to-date satellite imagery of the area is not available on Google Maps for a good reason, and Strava just released it.
I imagine that this heatmap has been thoroughly scraped already.
* I was deployed to Afghanistan from 2011-2012.
edit: initially mis-typed '2011-2102' =D
edit2: A well-established military base, even in a combat zone, has access to wifi and cellphone network.
We are constantly training physically, and we like to keep track of ourselves. We were early adopters of fitness trackers, and I used a couple of them myself also.
Strava didn't release it. It's not strava's job to stop you from uploading sensitive information. Strava does not have a security clearance. Military personell released it to strava. Surely the military already has rules about not uploading GPS tracks of their bases to random websites?
If one guy runs around a base using Strava, that's not an issue. If a few hundred do, then it lights up on the map. But realizing that is a potential issue ahead of time and then proactively addressing it is the challenge.
right, but what i'm saying is that i don't believe this. I'm sure every military has rules about uploading GPS tracking of soldier's movements to civilian websites, and those rules are being disobeyed or not being enforced.
and if the military doesn't care, i'm not sure why strava (or HN) should.
Many professional endurance based athletes also do not track using GPS for similar reasons. Openly sharing training programs is an advantage to opposition and their coaches. Especially with Strava, where people are searchable by name like facebook.
That might need a citation. They might not be using Strava and posting them publically (although a lot of pro cyclists do) but instead use something like Training Peaks for communication with coaches etc.
Does each internet service need to proactively hire someone with clearance and coordinate hiding of sensitive information with the US military?
Not sure if this can be solved from the civilian side. There is just too much information being transmitted out of a combat zone, and I think it has to be controlled from the source. Certain sites need to be just blocked in combat zones. Rather, we need to only have a list of allowed sites.
I know how much it sucks in a combat zone, and I know how much that internet connection makes someone feel like they are still part of the civilization. However, some data just should not be transmitted out of it, and it needs to be heavily controlled.
Basically people go home or whatever and plug in their Garmin and then it'll just upload the last 6 months of data, and there is the same issue.
To track their personal fitness while deployed?
My imagination of how an army is run requires careful maintenance of fitness of soldiers, so use of PT instructors, regular monitoring of fitness metrics. It also has dieticians to monitor food production/intake. Opsec would probably deny any personal electronic devices.
If a deployed soldier needs to track their personal fitness then that suggests a deficiency - fitness of sisters must be of prime importance during deployment? There seems no reason that soldiers wouldn't have a fitness record they could access that included all food intake, mandated exercise, regular weight monitoring, blood pressure, and whatever.
Of course, the use of personal fitness devices suggests my conception is wildly off how a deployed corpus of soldiers is actually run.
When deployed operationally fitness is usually your own business. PTIs often have a different job operationally (something like close protection of the commanding officer), although they may provide some mentorship and help improvise fitness equipment.
Generally soldiers are treated like professionals and left to manage their own fitness when deployed, using the skills and self discipline they've been taught. A fitness monitor is a good way to do that.
> Opsec would probably deny any personal electronic devices.
It doesn't. I've been told to not connect to Afghan mobile networks, and obviously not to talk about what you are doing, but apart from that you can just use your common sense.
> Of course, the use of personal fitness devices suggests my conception is wildly off how a deployed corpus of soldiers is actually run.
It's probably far more chilled out than you imagine. In my experience tech people think the Army is all 'sir-yes-sir'. I've literally never said that in my entire life in the military.
Check the FB group Fill Your Boots for what Army catering is really like... Nutrition seems to be very, very far down the list of priorities.
Soldiers generally lose a lot of fitness while deployed, manning an observation point or a weapons emplacement just doesn’t involve much movement, only a small minority are out on foot patrolling every day.
The problem isn't just the soldiers and it's not just Strava, it's the culture around data itself. Tech companies that produce quantified-self devices or services need to realize the ENORMOUS responsibility they're taking on by collecting and using this data. Users need to realize just what it is they are sharing and how their data gets from point A to point D. Burying it in the fine print is not enough. Maybe people should get into the habit of looking at the data profiles each company has on them or at least being aware of the totality of what's collected so they can make better decisions. It is kind of ironic that the point of collecting this data is to help people make better decisions while this particular case is actually a collection of really bad decisions. Fire is both a useful tool and a dangerous chemical reaction, this is no different.
Perhaps there needs to ALWAYS be an option to route the data to a private server of the user's choosing instead. If that were standard practice, it probably could have prevented this problem.
I guess people could also be using their smartphone app, which I am less familiar with. If I'm misunderstanding what the source of the data is I apologize.
In this case, the sensitive data being uploaded is entirely the fault of the user. I'm actually shocked that soldiers would track a run around a military base. It takes about 10 seconds of thought to realize how bad of an idea that is.
The locations of these bases are not secrets, and the locals already know the layout thoroughly. What I am concerned about is that Strava released this data in such an easily accessible format, and also, whether they even had an internal conversation about managing sensitive material.
Probably not, because that's not their job. A service like Strava should not have confidential or sensitive material uploaded to it (obviously), but it's not on Strava to make sure the data it has is not confidential or sensitive.
So the concerns of people that need privacy are being balanced against that. Are the 2 options of either not using the activity tracking app or activitating the privacy setting not sufficient for people with safety concerns regarding their location?
Either way, there's a very clear route that leaves the road at my house and follows my driveway. It doesn't take much effort to find many, many more examples of this throughout the heatmap.
I don't think I have strong feelings about it. I can see the point of something as severe as a data protection law that would require the app to explicitly ask for permission to share every activity (with options like "store to cloud" and "store to cloud, share data publicly"). On the other hand I'm not really bothered by the "don't use Strava" method of opting out of their data collection.
Sometimes locals keep trails secret because having a ton of people on them would destroy them. I've been on both sides of that dilemma, but I don't think looking for trails on a heatmap is a good answer.
I also wonder why they would share the trails they want to keep secret on the social network for athletes........
Anyway, Strava advertises using the heatmap that way so go tell them you don't like it.
It would also cover the military bases, since they could just pick 100km.
In general though, just knowing that an event has ever occurred thanks to the map, circadian rhythms often take care of the rest, since it’s a map of (mostly recreational) human activity.
And ride / run through the circles on occasion. These will show up in tracing confusing the analysis.
You may not get the exact street address, but you could definitely figure the block or the street. Maybe not super useful in a dense city, but that could leak quite a bit about you if you live in a suburb or rural area.
They do offer manual route trimming from both ends, too. I've found this useful mostly when I forget to turn off my watch after running.
I wish they had a way to do an auto-trim so my bike rides didn’t include GPS bounce leaving the building. CommuteMarker.com had auto-tagging for Strava rides but not auto-trimming last time I looked.
For instance, if I set a privacy zone centered on my house (or my military base) with a radius of 100 miles and all of my running activities are contained within that privacy zone are those runs automatically marked private? If I never run across the boundary then there's no issue of inadvertently exposing the privacy zone center point. Would Strava hide the GPS information but allow my run stats to accumulate? I don't think the feature is quite there yet but it could be close.
I've found a couple of these nearby.
Why? It indicates someone lives in the house. Pretty safe assumption without Strava.
The problem created by Strava (and other apps) is that people list their very expensive bike in their profile, then ride that bike to and from their house. Supposedly, thieves target users that way. But the heat map does not provide that info, or link back to the rider/runner.
 - http://road.cc/content/news/136239-police-warning-thieves-us... -- I'm not sure I buy the connection to using an app is causal.
Your options are not carrying a standard phone, or just not deliberately tracking yourself.
These are not "always on" sorts of things, you have to enable them every time you want to be tracked.
Also, like companies, the government uses (can use) MDM policies to enforce settings, restrict applications, etc., on iPhones, etc.
You can just opt out of the apps as well? I don't have either of those. I don't use Google Fit (or whatever that broken thing is called these days).
True, my phone can track my position and steps etc. - but I made every effort to opt out of bullshit and to not opt in into worse things (aka .. Strava etc.).
A phone is problematic these days. But I do believe that it mostly does what you want it to. People just love to share their lives online?
I am reminded of the Dutch "first name database". It's a neat little website showing data (collected by the government/administrative/statistics dept). You can look up any first name in the Netherlands (17M ppl, FYI) and see how many people share this name. You can also see historical data how usage of the first name tracks through time.
AND, this is the crucial bit, you can also see a nice heat map of the geographical distribution for this first name, per municipality.
HOWEVER, and this is where it gets relevant to Strava. They simply won't show the geographical distribution heat map for names that are very rare. If a first name is not nationally rare, but it is in a certain municipality, they will also round it down to zero. Finally, if there's only 5 or less people in NL with that name they won't even show the full total (regardless of location).
Strava could, and IMHO should have done that for regions where only a single (or just a few) individual accounts run a track.
Yes. But in that case, the person being followed can tell that they are being followed. A spy (MI6/CIA/etc) might be able to follow a target without being seen, but an jilted lover would probably not. So the victim is aware that they are being observed, and by who.
In this case, the victim cannot see who is looking at the track, and cannot take evasive actions.
I actually share your intuition that this is somehow terribly revealing, but I think this is a broken intuition that needs to be updated for a more technological age.
OSINT is a very big field in military intelligence; with the amount of information everyone pumps out about themselves, some leakage of militarily sensitive information is bound to happen. As an organization defending against this type of espionage, you just have to try to minimize the leakage.
On a more serious note though, this is an good example of how important it is to control our own data. It only makes me take even more efforts to secure my data and to try to make less of it available to others.
We really need to convert Internet to what it was meant to be, a "decentralised system"
Virtually every government seems to feel the same way, and in a rare moment I find myself in agreeance, even if this perspective currently manifests itself mostly in drug-related stings
I guess the devs who made this heatmap forgot that one should remove data when there is not enough info to anonymise it by virtue of aggregation.(overlapping of multiple paths in this case).
What I was suggesting is that people should care about who gets to see the data they generate and try to minimise the count.
btw I didn't understand what you meant in the second sentence.
Their only means of communication with superiors was a bog-standard cell phone with a US-number SIM-card.
Forget the tracking implications: orders were texted, often via SMS.
“Yeah, getting all those Foo widgets to that secret storage place was a real pain, I know! It was bunker X9, I think.. that’s the worst, am I right?"
These tools also go a long way toward operational readiness / fitness. They incentivize these things and are used for a reason. There are trade-offs with all these things, not to mention the practical issues of blocking them.
I would expect, however, that identifying this as a huge security problem is relatively easy. "HEY DO NOT UPLOAD YOUR RUN WHILE DEPLOYED OR YOU MAY GET MORTARED" is likely a better option here, just below "MAKE SURE YOU WEAR YOUR NEON BELT" on every sign.
I take the whole lesson here to be: information can leak in unexpected ways. So solving this particular issue does nothing to help the larger problem. I'd imagine there are countless similar side channel leaks that already exist... and then even more that don't exist yet but will retroactively exist with a future phone or app update. The fox is in henhouse.
It's stupid easy to leave an Apple Watch or FitBit on your wrist walking around a secure location (as evidence suggests). Big signs required to avoid these kinds of risks.
The signage required just to get people to leave their bloody phones outside a room is incredible - and they still err. Social Network training is already provided as well to avoid these kinds of social engineering risks, and yet... well, just search LinkedIn I'd imagine.
Communication with family and friends would be my first thought.
Many historical accounts put a lot of emphasise on the mail delivery and what the news from home was. It must be/have been a significant problem dealing with the mail when you had a lot of troops in the field.
In some ways this is similar however the immediacy of the data in an active conflict is more troubling.
Because there are only so few people who have factually so much power, I urge every hacker, everybody who understands the digital world, to act in the best faith of everybody. This technological revolution is too important to serve only a few.
Luckily, many hackers do the right thing and don't do everything they could to maximize their immediate benefit. I sincerely hope for humanity, for the people of poor countries, for people suffering from corrupted governments, for people who weren't as fortunate as we were, that we provide them with the technology they need. But we must not maintain control over it to have control over them. Free and just software and hardware must prevail.
If you look at GPS watches like Garmin tactix Bravo. It has a feature set, where some of the features, really only makes sense in a military/hunting setting. Although I wonder what kind of animal you are hunting if you start your hunting trip by doing a HALO parachute jump.
Garmin is not the only one making those kind of GPS watches either. I believe that Suunto has similar watches as well.
Obviously the soldiers should not be uploading their GPS tracks to Strava. But banning your non special forces soldiers from buying the same "civilian" watches that your special forces soldiers use. Sounds like a morale killer.
Want to transfer files between computers? Can't use a thumb drive! You need to burn a disk (for real).
This got a lot of attention a couple years ago:
This kind of problem is endemic to small cheap devices, too – for example:
Around here a lot of places don't allow USB drives, but .. I think that's mostly a "Do Not Steal Our Data" policy.
Not, my real question is: Does that make sense? People talk about USB HID things, but .. I would expect that most keyboards and mice these days are using USB. So if you find a way to block USB drives for mass storage aka "Do Not Steal Data" uses, are you still open for all the "I type in exploits because I'm not really a USB drive, I can be a keyboard too" things?
Say you're in a "secure" place, where I'm not allowed to do stuff. You probably have keyboard/mouse connected via USB, right?
I can easily unplug them and insert my own, if you don't glue them in place. I did that in a number of internet cafes in the past.
Correct. If you're doing it right, you've blocked all unused ports, and you've glued in all used ports. Ideally having testing that the devices you're plugging in aren't already compromised first.
USB device fails and needs replacing? One place I worked disposed of the whole unit and bought a new computer to replace it, rather than dealing with glue removal. It's difficult to distinguish between legit and illegit tampering, so better to have no signs of tampering.
>I can easily unplug them and insert my own [keyboard/mouse]
Can you see where the problem lies? For you to be able to insert your own kb/mouse, you'd need to bring it from home in the first place. And while it might work if you're at an Internet cafe which isn't super strictly controlled, in an office with more stringent security requirements and checks you'd at least raise some eyebrows.
My subthread started as a reply to "Want to transfer files between computers? Can't use a thumb drive" and I wondered if that on its own - disallowing data transfers by say blocking USB mass storage device drivers or something - is useful or enough, when anything I can connect via USB can _act_ as a keyboard for example.
At no point did I talk about bringing an actual keyboard or mouse anywhere.
Not to mention lower level exploits that exist for USB.
Alternatively, have the driver require that keyboards verify themselves with a digital signature from a trusted source.
Flash drives are a huge security vulnerability. With more secure workstations you can't plug in any USB peripherals, because they're such big risk.
Write only media is a lot safer, despite the waste it causes.
can anyone explain what happened here?
Nobody on a smuggling operation would have Strava turned on. That makes no sense.
More accurately it's where people don't send their tracking data. Plausible to also say that it's where people don't own this tracking software/device at all. However it seems like a gigantic stretch to derive that there's no running going on.
Maps ok-ish to the African American population distribution
No conspiracy, just planning department bureaucracy.
Heavy straight lines are lifts.
Yes, there is a bright line on Strava that leads from a spiderweb of trails in the park right to the door of my private, personal house! My neighbors don't run often, but I post on Strava 5 days a week, so my driveway stands out like a yellow arrow. You could learn, from the Strava dataset, that someone (me) lives in my house. Gasp! /s.
Of course someone lives in my house. It is not news to anyone local. My address is on the map, and it's pretty obvious that someone lives here if you drive by and see it.
What damage has Strava done by releasing this data? Humans that post on Strava are not hermits, trying to remain secret in their underground hideouts in the middle of nowhere. We live in houses, or on giant military bases...we're not exactly hidden.
There is something (seriously) wrong with the above thinking. I don't think I need to spell it out.
I agree that voting records should be kept secret, but information like the location of a house at the end of my line on the Strava heatmap is not analogous to voting records.
- The answer is: it's the attitude itself which I consider equivalent.
Here again is the poster (direct unmodified and representative quote):
>Of course someone lives in my house. It is not news to anyone local. My address is on the map, and it's pretty obvious that someone lives here if you drive by and see it.
Here is my pretend quote for comparison:
>It's no secret that I'm a [Democrat/Republican] - You could get the same information just by asking.
If you don't see how this is literally the exact same attitude then you kind of need me to come up with scenarios.
Since you politely asked me to spell it out, what is your guess - what do I mean, why is it the same attitude exactly?
I appreciate your tone with me and if you will do me the courtesy of guessing what I mean then I can correct you if that is not what I meant. What's your most charitable guess, why did I mean that it is the same attitude?
>"Yes, there is a bright line on Strava that leads from a spiderweb of trails in the park right to the door of my private, personal house! "
... and not to laps around it, ever. So their voting with their feet is recorded plainly for everyone to see. Doubt they checked "Share my personal steps (location) history with entire world" in any agreement - nobody would check that box any more than anyone would check a Gmail box "Allow Google to publish all contents of my Google account, including all chats and emails, with entire world."
But their attitude is "so what - people could see that information anyway". It's exactly the same attitude as "so what - if anyone asked me I'd be happy to tell them I'm a [Democrat/Republican]". Please judge their sentiment here (attitude) as that is what I am comparing.
Would you agree it's the same attitude?
I'm also hoping they put some logic to prevent a single device trace from showing up on the heatmap regardless of frequency, and that 2 devices would need to converge within a radius for there to be a trace, but that might be wishful thinking.
Just how much useful military information can soldiers haemorrhage from their cellphones? Imagine somebody being convicted of war crimes in an international tribunal because some recruit forgot to turn off their automatic geo-locating Candy Crush notifications. This is quite the brave new world we are entering.
The first time I was told about Strava, I immediately dismissed it as useless. (After all, what service could they possibly provide when I'm unwilling to tell them precisely where I go to work out?) I almost gave a quizzical look to my conversation partner, but that would have given him more insight into my thoughts than I cared to share, so I surpressed the expression.
I think the patrol routes are more important(fun) than locations.
see OpenStreetMap key:military:
It's like these companies valuations aren't off the product, but more off how much data they are getting off consumers. I bet they are selling this to advertisers.
> Metro anonymizes and aggregates this data and then partners with departments of transportation and city planning groups to improve infrastructure for bicyclists and pedestrians.
The heatmap is neat but I don't see why it's specifically bad for military bases.
“I roll to see what I can find out about their supply routes”
“Ok, you can see from their strava heat maps their supply routes go north to south along this particular road”
“When do they happen”
“Roll for perception”
(Fuck this guy)
“Ok, you see that they result every Thursday at noon”
“That’s when we’ll attack!”
Who are the “any satellite photo providers”?
How many are there?
How do I find them?
The more obvious sources would be Bing Maps and Google Maps/Google Earth, and they likely aggregate multiple sources. I know I've seen Digital Globe, USGS, and Pictometry cited as sources.
A quick Google search brings up Digital Globe and a list as the first two non-sponsored results.
(e.g. Say you could cross-reference some of your customers with military ranks, and a bunch of people above rank X had a certain area blocked out. You could then infer that (a) there's something there that only people with that level of clearance would know about, and (b) then infer that anyone else who blocked it out had at least that level of clearance.)
We are constantly training physically, and we like to keep track of ourselves. We were one of the first adopters of fitness trackers, and I used a couple of them myself also.
zoom in a lot to enable the strava heatmap, and you can edit openstreetmap if you know what you are doing.
There are many seemingly "uninhabited" places in these remote equatorial areas that light up with clear tracks or circles, in areas that are obscured by clouds, blurred or look like brown dirt.