Popular jogging app Strava has leaked classified U.S. military information, numerous media outlets are reporting.
According to Wired, Strava – a company based in San Francisco – released a massive global heat map detailing a whopping one billion exercise activities such as running routes carried out by people using Fitbits and other forms of wearable fitness trackers.
While the heat map itself is certainly impressive, problems arose when security experts realized that some of the data it shows come from military and intelligence personnel who use GPS-connected fitness trackers.
"I wonder if I can find US drone bases in Djibouti"
*Literally 30 seconds later* pic.twitter.com/GMqO5yqJ67
— Jack Nelson (@jack_dot_bin) January 28, 2018
By extension, then, the data gives away locations for a number of U.S. military bases that are supposed to be secret. Further, according to Popular Mechanics, the global heat map is so precise that potential enemies may be able to identify individuals.
By doing this, said potential enemies would be able to track military personnel even after they leave their confidential base and go about their normal lives or, equally bad, visit other classified locations.
Somebody forgot to turn off their Fitbit. Markers trace known military outposts, supply and patrol routes. pic.twitter.com/7YTzoqKgDl
— Tobias Schneider (@tobiaschneider) January 27, 2018
“This is the part that is perhaps most worrisome, that an individual’s identity might be pullable from the data, either by combining with other information online or by hacking Strava – which just put a major bullseye on itself,” Wired quotes Peter Singer, a strategist at Washington think tank New America, as stating.
“Knowing the person, their patterns of life, etc., again would compromise not just privacy but maybe security for individuals in US military, especially if in the Special Operations community.”
So… um, you could probably trivially scrape Strava and thus identify individual runners and routes. What I'm saying is, you could identify just who made those tracks in Rutba. #yikes pic.twitter.com/uzlTO4HvJL
— Paul D (@Paulmd199) January 28, 2018
Wired quotes Strava CEO James Quarles as acknowledging the major flaws in the heat map.
“Please know that we are taking this matter seriously and understand our responsibility related to your data you share with us,” he reportedly said.
Speaking of which, if you use a GPS-linked fitness tracker, you may be wondering: What should you do if you’d like to keep your data secure from prying eyes?
Well, if you happen to be reading this from a top-secret military location, your best bet according to IFLScience would be to turn your location data immediately, assuming the alarming nature of this news hasn’t prompted you too already.
The same advice applies if you’re just a normal citizen who wants to remain private and off the grid.
Turning off the GPS function on your FitBit is very simple – according to a Fitbit forum moderator, just use the “treadmill” or “workout” function. Boom, you’re now free to go about your life – even if your life takes you to a top-secret military facility.