The details were published by Strava in a data visualization map that shows all the exercise tracked by users of its app, which allows users to record their performance and share it with others.
The map, published in November 2017, gives every single activity ever uploaded to Strava more than 3 trillion unique GPS data points, according to the corporation. The app can be used on various devices including smartphones and fitness trackers like Fitbit to see current running routes in major cities or spot people in more remote areas who have unique exercise patterns.
However, over the weekend military investigators noticed that the map is also complicated enough that it potentially gives away remarkably sensitive information about a subset of Strava users: military personnel on effective service.
Nathan Ruser, an investigator with the Institute for United Conflict Analysts, first noted the lapse. The heat map “looks very pretty” he wrote, but is “not astonishing for Op-Sec” short for operational security. “US Bases are decidedly identifiable and mappable.”
“If officers use the app like normal people do, by training it on tracking when they go to do an activity, it could be especially dangerous,” Ruser added, highlighting one precise track that “looks like it logs a regular jogging route.”
“In Syria, known coalition bases light up the night,” writes analyst Tobias Schneider. “Some light markers over known Russian positions, no notable coloring for Iranian bases A lot of people are going to have to sit into lectures come Monday morning.”
In locations like Afghanistan, Djibouti, and Syria, the users of Strava appear to be an almost exclusively foreign military organization, meaning that bases stand out brightly. In Helmand province, Afghanistan, for instance, the locations of forwarding operating bases can be clearly seen, glowing white upon the black map.
Take your time to comment on this article.