Shot off shut off the Fitbit - others collecting my activities is over. Cell phones and iPads are bad enough. There is no such thing as privacy - at least minimize the invasive data collectors. Seriously going to review using Facebook etc
2
Makes you wonder how these people get jobs at the Pentagon. The stupidity is mindnumbing.
1
Shouldn’t our troops have enough common sense to realize that posting their workouts online is a bad idea?
5
Contrary to posts here, it is not "wrong to vilify" Strava. No one is forcing them to publish target data on American forces, they're doing it on their own. I wonder who's paying them to do so? Someone might want to check accounts at the ISI and FSB offices.
Tonight, as I watched the President's State of the Union, I noticed Paul Ryan playing with what I assumed to be his Apple watch. What an easy way to tap into our systems.
2
We spend how much money on the Pentagon, the CIA, the NSA, and all the other organizations responsible for our "national security" and supposed "defense."
And then this type of stuff is allowed to occur, possibly endangering the lives of our military personnel? You couldn't make this stuff up for a Hollywood spy movie.
In a real multinational business (that's what the Pentagon is) those accountable would be swiftly demoted or fired.
4
I guarantee you that the Strava private contractor project managers and team that pitched their bosses that the military is a prime target market have a high degree of culpability. If this tool was added to the military's tactical spec recommendation, this addition came after Strava sales pitched, demoed, or facilitated it, hoping for a deluge of exposure and market capture, either directly or in soft requisitioning. No doubt Strava put their name and a security compromised product in front of the military, just another market segment. I would like to see a detailed accounting of where and how Strava marketed to the military, what access have they had formally as well as informally. Where is their product advertised to military personnel?... Are their Strava posters with exercise tips in base gyms? Do they have ads in military magazines, websites, or other materials widely distributed? I would also like to know how much they are spending on PR spin trying to shift this discussion of accountability away from themselves. The commentary appears to be fielding some responses that read like company PR spin. That is not surprising but neither is it convincing.
2
It's a mistake to vilify Strava or reduce the issue to public/private data. We are all sharing our location data constantly, and much of that data is "public."
The difference is how data scientists are allowed to mine and visualize that data. There are few legal guidelines; only self-imposed standards. E.g., google trends goes only to the state level/country level, while Flickr map search shows people's photos from any place on earth (including military bases). In contrast, health care research has strict data mining guidelines to ensure that personally-identifiable health information is not accidentally revealed.
A mistake? Companies like Strava and Facebook make their fortunes by having more information on you than intelligence agencies yet a lot of people will scream and gibber when Snowden tells us that intelligence agencies are collecting more than we suspected.
There is extensive regulation and oversight over intelligence as we recognise the possible dangers of letting them collect everything, yet when Strava, an entity with less oversight than any publicly operated agency, broadcasts sensitive data to the world, it's a mistake to vilify them?
I've never understood the extreme antipathy directed towards intelligence agencies when coupled with the just as extreme apathy aimed at all things private.
You can take the NSA. You personally can't take Strava. That should concern you. Hell, that should terrify you for the same reason the Snowden leaks made the front pages for a month.
1
I recently tracked down someone via their fitness app (they were posting to an "anonymous" twitter account their long distance runs) a person who was running from being served legal documents. I expect to see more of this type of activity using trackers to find people who don't wish to be found.
2
As an avid cyclist, when I first encountered Strava a few years ago, my first reaction was simple: what kind of out-of-control ego needs to share this information with the world? If one is a competitor, the last thing to share widely is one's workout information.
11
I'm 66 , a child of the 50's , and up to now I have felt - - - or I should say " been MADE to feel " - - - out of it for only acquiring bare bones / basic computer knowledge and not including techno/ cyber convenience in my life . This article validates concerns I've had all along . I've never owned a cell phone , much less a smart one . I refuse to use online banking or any paperless online accounts . I still write ( and mail ) checks or pay with cash when I am out and about . I have never had a social media account on any website such as Facebook .
We all did just fine like this until the last 25 years or so , and we could continue as such if we wanted to . Now nothing is private anymore and we have been rendered vulnerable by greedy companies invading our lives under the pretense of making them better somehow .
7
Actually when it comes to paying by cheques, only doing banking in person, etc, we upgraded for a reason. I can personally remember waiting in line for half an hour at a bank on a busy day for a trifle which these days can be done immediately meaning I only need to go into a bank for something more serious. This vastly decreases waiting time which is important as populations continue to grow.
As for cheques, they have always been terribly insecure so the move away from those was a long time coming but definitely worth it. And mobiles? They may seem like a bad idea but if you're in an accident today you can call emergency services without even getting out of a wreck. Useful if you're trapped.
Having to struggle out and then crawl to a payphone, if one was even around, or till you could find a house and hope that someone was home, and that someone was okay with you using a phone... I don't miss those days.
Not having a Facebook app on your smartphone is a brilliant idea. But not having a cell at all? You're sacrificing much more than you're gaining, IMO.
2
Strava has been blamed for injuring cyclists and pedestrians for years by encouraging road racing - on public streets.
After a pedestrian was killed in San Francisco by a cyclist racing to beat someone else’s Strava time for a route I thought the app might be banned. What’s next, motorcycle/car races?
6
Scary to say the least. So after reading both the Story and the Comments , one can't help but think of The Presidential Election.
3
It seems to me not just Strava but every apps you choose to open up the tracking function would do that. Even for my credit card providers, who ask if I want to share my location so the credit card would not be rejected in the event of my going oversea. People should be more cognizant about their mobile device usage
13
If you take a deep dive into Strava's heat map, a few things become clear. There are many examples of people walking a route around buildings in Syria repeatedly. It's easy to gather data in this way - first of all, to know that this particular building is considered high-value, and secondly, to know the exact route the guards are walking.
9
It's stunning that even US military intelligence seems to oblivious to the fact that Silicon Valley is about invasive market-research (a.k.a. Big Data) and not about offering services to brainwashed millenials.
Even if you care about privacy settings, any app on an internet-enabled device will collect your data, which can be then easily be stolen by semi-competent hackers.
The internet and mobile devices are wonderful advances, but social media are only for the lonely and gullible. None in his right mind would share his private diary with the general public, only that those using Facebook or Strava fitness apps do.
It's high time to stop fawning over Silicon Valley types. All they are giving us is a brave new world, which is a toxic mix of Huxley's and Orwells dystopic visions.
13
The articles author states "But there also appear to be other airstrips and base-like shapes in places where neither the American-led military forces nor the Central Intelligence Agency are known to have personnel stations."
It may be true that few in the U.S. know about those smaller bases know or of their existence but you can be certain that the local population are aware of them. Consider food and fuel deliveries, whether by air or ground will stand out. You don't have to know where the fire is to know there's a fire when you see the fire truck go by. That sort of intelligence gathering only requires patience, nothing more.
Further, many of those bases, but perhaps not all, will have members of the local population employed as cooks, sanitation works, carpenters, or similar jobs.
And, while it is mostly true that the locals might not know precisely what a given group of U.S. employees (civilian or military) is doing, they really don't need to know. They will watch observe patterns of movement and (just as we do) act accordingly.
So wearing exercise trackers of whatever sort are not going to protect or endanger anyone.
4
I completely disagree. In our area they nabbed a bicycle thief that was using the App to target only high end bicycles. With the settings left “open” on Strava the guy was able to figure out where someone lived, when they were home, what kind of bike they had and also figure out other friends with a similar profile. Extend the concept a little bit a switch bike theft to targeting people and you have a serious problem.
5
Observing traffic patterns can tell you where a base is and roughly how many people are in it, what it's equipped for, etc. Personal trackers tell you exactly which individuals are at that base, and as noted in the article, where they are when not on base.
Like, say, where they live.
One is an inevitability, a known problem that you expect and work with. The other is unbelievably reckless and completely unnecessary.
1
For all the commenters riffing that Strava and the like aren't to be accountable, I suggest they don't get off so easily. Apps that promise this and that bury the metrics monitoring deep in terms of use that are intentionally obtuse and labyrinthine. NPR did a dedicated piece about these common but intrusive "dirty" apps last year.... flashlight apps that give the company access to your phone mic, your contacts, your camera and pictures... users had no idea. Should anyone desiring to use a flashlight app expect it to be tapping all of this data in order to provide a flashlight? This app isn't an isolated situation by any means, and people are unaware that what used to be a reasonable expectation is off the reservation. It is a wild west where the data is the gold mine, not the piddling little app which is often free anyway. Demand accountability and regulation in line with the right to privacy alluded to in the fourth amendment protection from unreasonable seizure (of personal data through private vehicles). How could the founding fathers have ever conceived of these modern dilemmas? Public leaders are woefully behind the curve on these issue.
5
Protection from unreasonable search and seizure is from the government. What a lot of people don't seem to realise is that your constitution doesn't apply to Facebook, Strava, Alphabet... They're all private companies being increasingly deregulated by morons who vote hard right.
They can do whatever they please and you have very little protection from them. Which is insane.
What people also don't realise is that companies like Apple don't like paying employees and they get around this by handing over development to any random person and/or company. Who writes a few lines of code to give you access to a flashlight and another couple hundred to monitor your microphone.
That sort of laziness should be punished. Instead we declare them brilliant and give them massive tax breaks.
Public leaders are dead on the curve but public leaders represent you, their voter, who thinks your constitution protects you from the likes of Strava.
1
Strava has features where athletes can make their workouts private. Moreover, they also have features to hide the route within proximity of your starting point (home, work, etc.). So perhaps military personnel could use those features if they have concerns.
1
Ever try to enable Strava to hide your start/stop location? It doesn’t work.
1
A company should not have to refer customers to a blog post for instructions on how to avoid allowing the company access to private data. It sounds to me like they're being very manipulative here by making it so hard to do this that a blog post is necessary. It should be 100% self-explanatory through the app alone. This sounds like an issue in programming ethics.
5
Any such collection must be opt-in, opt-out at any time after the opt-in, and the collected data unavailable to creeps or marketers (but I repeat myself).
What confuses me is that American mainstream media are reporting on the security breach afforded by Strava today - but overseas, in Holland, England, and Germany, that I have seen, the Strava tracks of their military exposing supposedly secure bases all over the globe has been going on for at least a week. I think we ought to get intelligence services to shut the app and its people down, let's give 'em a week off from collecting Mexicans. This isn't a mistake, this isn't a mishap, this is what happens when you allow the development of data collecting technologies without oversight. The damage is done, but we need to develop a development oversight like we used to have when telephones still had wires.
4
The app is also being blamed for exposing unfaithful spouses who go on suspiciously long runs.
2
It reads like Le Carre. meets Trump. Initially it sounded scary but I hope for America and the US Military's sake it was intentional. Though something tells me it wasn't.
Here's an upside - by hacking Strava a little bit, the military could easily generate the impression of large forces of (exercising) troops anywhere they want!
(just kidding)
3
I’m sure a bathroom app can’t be far behind. Just imagine what that will reveal.
2
Any moment now the Republicans on the House Intelligence Committee are going to say they have a secret memo blaming this on the FBI.
6
Or Hillary.
1
Wait until Devin Nunes finds out
2
I recall reading an article not too long ago that detailed how the technology embedded in the phones used by soldiers in the war theater was alerting enemy combatants to location and now we see the same thing with another kinds of tech. I hope use of these apps have been shut down hard and the risk attenuated. I think it is high time that everyone understand that with any internet based tech, a user is inherently exposed to tracking capabilities. Any individual whose security depends on autonomy should leave these contrivances in the waste bin. How difficult for military security personnel whose job is to ferret out dangerous tech that can put soldiers at risk; damnable shame on those contractors or personnel who dismissed the issue in r & d meetings as lucrative products like this were rolled out. No doubt they have blood on their hands. It was unimaginable even 20 years ago that anyone other than your closest family, friends, or coworkers knew definitively where you were. Now people behave as if it has always been this way. Btw, this tech didn't, by default, have to evolve this way, meaning the constant location and internet activity tracking and the subversion of personal privacy. While public leaders constantly argued economics with small "e," corporations plowed ahead. It is anybody's guess if we have the strength, will, intelligence or intregrity (money,money,money) to put that genie back in the bottle.
4
After reading about all this tracking, I’m just imagining how hurt I’m going to feel if I were to find out that no one was tracking me.
7
So, combine young peoples' love of digital gadgets, inclination to instrument their mundane activities, and compulsion for sharing on social media.
Are we surprised?
5
We are not there, or anywhere, to win wars. In fact, the machine of war is more concerned about escalating the conflict, and supplying intelligence to the other side, regardless, is just good business practice. I know, they're fighting for our freedoms, but it reality they're just cogs in the wheel of making the military industrial complex grow without bound.
"Je suis Thump"
10
You seem to be excluding the possibility that our country could be attacked by someone else. Our military is meant to be prepared for such a possibility, as remote as it seems at this point in time.
Personal technology is about making people stupider and lazier and, therefore, easier to control and exploit. And it's working thanks to the "geniuses", both stable and unstable.
17
So how did you get online to join us?
3
This is what happens when you end the draft!
Right. If we still had the draft, none of these guys would be working out.
HUH ?
2
Right.
If we still had the draft, that fitness app could never have posted a map.
Right?
2
Hey US Military, there's an app called Find Your Phone on most Apple products. You may want to make sure our troops have THAT disabled too. Sort of amazing that this is just coming to light now.
17
Have these maps been deleted?
As a US based company seemingly could/ should be?
Of ciurse if data already downloaded irrelevant.
What is being done to modify, help ammeliorate this?
Of course politicians will blame the other party, instead of focusing on what needs to be done.
Moving troops.
Masking posted data.
Setting new rules.
SAD
This is a very serious security issue. The app might reveal Donald Trump's walking routes; which hallways and staircases he uses, which rooms he visits the most, and how much time he spends in each. The president may be targeted by ... ridicule.
14
But we already know all that.
Especially about the "guest" bedrooms.
4
Donald doesn't walk.
He has bearers for that.
9
I am betting none of these are actually secret, but maybe they are, who knows...
4
The warnings are absurd. Foreign intelligence agencies (just like the US) can better track people from their mobile phones than from their athletic devices. All the data shows is a) people that bought the devices and b) do athletics (which is what we should be encouraging).
Has everyone forgot how easy it was for the NSA to track Angela Merkel's activities from her secured phone? As for revealing military sites, one can determine the degree of classified nature of a site by how blurred or blocked out the location is on Google Maps and that data is available in public. All one has to do is look for the absence of geolocation data and you find all the classified areas. Again, the idea that a fitness app is going to reveal a secret military installation is a joke. Anyone willing to spend the time using the Google Map API to look for missing geolocation data can find all the hidden US bases.
3
Wait - you're saying there's a downside to obsessively and voluntarily sharing incredibly personal details about our lives with the entire world through social media platforms?!
Who'd a thunk....Makes me glad I scrubbed my online info. right after everyone's parents joined FB.
Social media is awesome and powerful - sharing your life with total strangers (and those who would wish you harm), less so.
17
"Social media is awesome and powerful - sharing your life with total strangers (and those who would wish you harm), less so."
BUT, NICK, YOU JUST DID. OR DO YOU REALLY THINK YOU CANNOT NOW BE TRACED FROM THIS WEB SITE?
4
The American tech giants are ALL on in bed with the Central Committee of the Chinese Communist Party, or with Putin, for their own personal enrichment. This is NOT news.
Not news? Then why bother to tell us?
OK, thanks for the enlightenment.
(Although, if it really is not news, why bother to enlighten?)
"You can run but you can't hide."
8
LOL. Talk about the Law of Unintended Consequences!
2
Another incredible benefit: Fitbit users gain weight.https://www.cbsnews.com/news/fitness-trackers-may-not-help-with-weight-l...
1
Well, Duh!! If you track your fitness miles with a watch or fitbit, or phone, and you are in a potentially hostile country, you are indeed sending your location out over the net. This is what we get with a volunteer military, not the highest apple on the tree.
In Viet Nam the VC could smell our troops cigarette and tobacco stink for a hundred yards, now it's the internet stupid!
2
Are you kidding me?! This is insane.
1
Welcome to the Internet of Things (IoT).
Your Fitbit users are now a Thing.
Do you suppose the Twitter-in-Chief has one?
2
I was talking to someone in work about that. Maybe George Jetson will mention during the State of the Union.
1
Our privacy is under attack from all sides. As consumers we have agreed to give up a certain amount of privacy for convenience. Our government has taken away some of our privacy & liberty in an effort to increase our security. In some ways I am jealous of my 80 year old mother who has absolutely no digital footprint whatsoever. I often lament that I have given up too much privacy for convenience and security. What’s worse is there’s no going back.
4
Don't tell Mom, but, if she watches TV or uses the phone, she does indeed have a digital footprint.
This is a cautionary tale.Apps are fun and connect users to places and people and even measure effort and ability. Before clicking on an App does anyone think for several seconds about privacy issues and whether "connection" is worth the hazards which may ensue.An App issuer is going to use the information it generates-does anyone care?
1
including anyone who was able to get to these Comments in the first place.
Does it only record when you are walking or even if you are driving with it? I don't see all those people walking in NYS at least. I think it is counting subway riders etc.
Remarkable. A quick look revealed a lone cyclist at Area 51 (and plenty of other activity within the same high-security perimeter); people running laps of the drone base in Chabelley, Djibouti; small outposts in Afghanistan that have no recent or detailed satellite imagery associated with them.
There's definitely information here that could be useful to the right people.
1
And the wrong people. The military are already in harms way.
Not too long ago (and still an issue,) members of the military took photographs with their smartphones without realizing the photos were all being geotagged, time-stamped, etc. When the troops posted these photos online, they also shared all the metadata. The "intelligence report" received by the enemy came directly from our troops and led to the destruction of several helicopters in Iraq.
We keep missing the memo.
6
You'd be amazed, by the way, how little the military knows about what's shared on social media about their operations. Even unacknowledged bases have photographs, 360 panoramas, ironic reviews, and of course the USAF logo painted on the bottom of the swimming pool - that you can see clearly on Google Earth.
1
Yes, I really AM amazed.
How did you find out about all this and they didn't?
And why are you not sharing with them?
I shared it. They were shocked. That's how I know they weren't aware.
Theater of the absurd, we are there...
21
Surprise: an app geolocalizing your activities shows... the users geolocalization! This is painfully obvious. How military personnel thought they could use such an app around military bases in hostile territories is beyond my comprehension.
85
Surely it's not difficult. They didn't make the connection.
2
Agreed with Zaslavsky - who would have thought? Hindsight, as they say, is 20/20
1
The answer to this, as to most, military problems is for the US to stop invading other countries.
65
What an interesting thought. Kinda like my 2-yr-old. If he hides his eyes, then I can't see him. Very 2-yr-old !
1
Of course. If we never again set foot in another South American country, we would not have anything to fear from any Asian military power?
HUH ?
1
How quaint. If we don't "invade" Portugal, then the Chinese will never know anything about our bases in Alaska. Wow !
2
Seems like the military should take steps to prohibit any use of wearable devices that might transmit location information by armed service members. Or at least prohibit transmission of such data, if it can be monitored somehow.
20
Thank You.
The headline and focus on Strava are a bit unfair. The problem is that military personnel are choosing to share their personal location data and the military does not have good policies to advise those choices. Plenty of private citizens are able to think twice before clicking yes when an app asks to use your location data and I have faith that the military can train its personnel to do the same. Strava does not need to change.
51
Our military bases are no secret to the people and countries in which they exist......should they be secrets to the American people who pay for them?
31
Interesting observation, but I've found it not to be the case. Several countries in which we operate do so on the assurance that we will not publicize our bases, and neither will they. I asked a business colleague in one of those countries, who lives just 8 miles from a major US base, if she was aware of its existence. No idea whatsoever.
How do you live 8 miles from a major military base and NOT know it's there? Did she ever read the news? What about the traffic from trucks, planes, helicopters? Or the business clustered around the base? That's surprising, what country?
2
Most people just don't look around themselves, it seems.
It should also be noted that this was a host nation base; the US just rents space on it. So for all intents and purposes, you see planes coming and going - unless you're well versed in these things, it's just another military plane.
Those in the military's more active roles already know well the hazards of their personal locales being made public in a digitized world; or should if they have good immediate leaders and appropriate training regimes. The problems often reside with the softer targets in uniform; they can become more complacent from being detached and ignorance being bliss. One would be foolish to use any device that could record your path homeward, not just from terrorists looking for an easy mark, but also from foreign powers looking to sway family members to gain intelligence. Even back in the 70s, when there was no digitized world, and when the IRA was active, military members were frequently warned to vary their routines (workouts, trips home, pubs, etc.) and never to wear their colors in public. It would seem that basic common sense has been somewhat lost in this internet age, where everything we do can be recorded and used against us so much easier than before. It took years, and another continent, for me not to have to look beneath my car every time I used it. These are the same times again, if indeed they ever really left.
11
I don't think Strava should get singled out for all the blame here.
They simply didn't allow for the possibility that military folks would be carrying their PERSONAL SMARTPHONES with Strava or whatever apps they want into forward operating bases in hostile war-zones and other sensitive locations.
The bulk of the blame has to fall on military commanders that seem to need a NYTimes article to be alerted to this possibility. The soldiers who carry Strava-equipped smartphones deserve some of the blame too. They ALL KNOW that any Strava user with internet access can see their KOM exploits.
30
Correct me if I'm wrong here--but maybe this issue is failure to create, communicate, and enforce security guidelines about social media use to people on deployment?
66
An alarming development, to be sure. But luckily the fix is simple. Soldiers on patrol or stationed in remote, dangerous places are not supposed to do things like set off highway flares that signal their location. They should likewise be forbidden from using applications that do the same thing. Odds are they are getting enough exercise fighting a war on our behalf and don't need this app anyway.
12
Military Intelligence is the ultimate oxymoron. It's time to reduce military spending by at least one-third, including the vast sums wasted on weapons programs, "intelligence" gathering, espionage and clandestine operations. We will then have more than enough money for health care, teacher training and infrastructure repair.
40
The largely useless NSA costs enough secret money to pay for all federally funded scientific research several times over. The largely destructive CIA does the same.
9
PA, you might have the right priorities but not the right math. One third of the military budget is about $200 billion. Although the Feds spend "only" $100 billion on education, the states spend more than $600 billion. The CBO estimates total government spending on infrastructure at more than $400 billion per year. The big ticket item is health, more than $1000 billion just at the federal level, and another $500 billion at the state level.
Add these up, and the total is about $2.6 trillion. Your $200 billion military saving windfall would allow for a 7.5% increase in spending. To me that does not sound like more than enough for more than token improvements.
1
Bob Krantz, you're right but you went too far in the other direction. $200 billion is enough to do more than tokenism. It should be more, of course.
Perhaps CIA contractors and soldiers on covert deployment should click the "Private" activity option when they upload to Strava. If the heat map fails to omit Private activities, it is an easily fixed bug.
9
Strava's CEO just posted an update: the heat map does already omit activities marked "Private".
It is well within the military's budget to tell active duty members not to publicly share that they are cross-training outside of Kabul (i.e.: tap the "private icon" so the enemy doesn't know where your spin class is).
3
"Budget"? Anyway, I get the impression that total reveal is the default; and we all know what that means.
It seems to me that this isn’t a problem with the app but with the users. The military needs to know to either prohibit the use of or educate their employees on how to use these things. The product itself is agnostic.
28
Does anyone really think the Russians, Chinese, North Koreans etc. don't already have this information? This is interesting to lay people, like myself, but I feel certain world powers have had this information for quite some time.
12
The only question is: which has the clearer view? Google Maps or Microsoft Bing?
2