I just created an overlay of Google Maps and Strava Heatmap of the forward operating base I was at in Afghanistan. The heatmap clearly shows the layout of the base.
That base has been in operation for at least 6-8 years, and it is well-developed. The up-to-date satellite imagery of the area is not available on Google Maps for a good reason, and Strava just released it.
I imagine that this heatmap has been thoroughly scraped already.
* I was deployed to Afghanistan from 2011-2012.
edit: initially mis-typed '2011-2102' =D
edit2: A well-established military base, even in a combat zone, has access to wifi and cellphone network.
We are constantly training physically, and we like to keep track of ourselves. We were early adopters of fitness trackers, and I used a couple of them myself also.
Strava didn't release it. It's not strava's job to stop you from uploading sensitive information. Strava does not have a security clearance. Military personell released it to strava. Surely the military already has rules about not uploading GPS tracks of their bases to random websites?
Surely the issue is not that Strava decided to release sensitive information, or the military decided to release sensitive information, but that neither actor realized that they were in aggregate revealing sensitive information ahead of time.
If one guy runs around a base using Strava, that's not an issue. If a few hundred do, then it lights up on the map. But realizing that is a potential issue ahead of time and then proactively addressing it is the challenge.
>neither actor realized that they were in aggregate revealing sensitive information ahead of time.
right, but what i'm saying is that i don't believe this. I'm sure every military has rules about uploading GPS tracking of soldier's movements to civilian websites, and those rules are being disobeyed or not being enforced.
and if the military doesn't care, i'm not sure why strava (or HN) should.
I'm surprised that using a GPS tracking tool is permitted in forward operating bases. I guess I would think that if one guy runs around the base with Strava, it actually is an issue.
I imagine many of these soldier's higher ups are unaware that such networked 'workout by GPS' services exist to provide insight beyond a personal means. If so, I wonder why soldiers were permitted to run with GPS watches or phones.
Many professional endurance based athletes also do not track using GPS for similar reasons. Openly sharing training programs is an advantage to opposition and their coaches. Especially with Strava, where people are searchable by name like facebook.
> Many professional endurance based athletes also do not track using GPS for similar reasons.
That might need a citation. They might not be using Strava and posting them publically (although a lot of pro cyclists do) but instead use something like Training Peaks for communication with coaches etc.
I would wager that many, many more professional athletes and teams all over the world do not use GPS over those that do. Do you really see the thousands of coaches all over the world backing up their athletes data to the cloud or using some company platform and making sure every workout is on private mode? Or do you see pen and notebook, excel docs, and local hard drive folders full of manually written logs? The world extends far beyond the borders of 'mericuh.
What would be the bigger security risk? Uploads of ambivalent track data or the existence of a dataset of geofenced high importance areas shared with private companies?
It's sort of in that realm of de-identified personal data. I think that location data is right up there with physical address. It's because one doesn't have to take a very large stretch to identify your house ... from cross-identified information publically on the WWW and use it maliciously with this. with basic code skills. (I just did)
It also has a setting for private and public workouts that can be set as default. Whether or not a private workout adds to global heatmap data, I am unsure...
It does not, nor will it count towards challenges, so if you’re into that (which I am so I can’t really fault anyone else) you are incentivised to be public
I call this data scrapping .. two sets of data, and making correlations is my primary job function. I can't tell you how easy it is to take static data and make it dynamic with a series of algorithms that are well thought out, for correlation longitudinal goals.
We were on a separate network from the secured military network, but we had complete and free access to the internet when I was there 6 years ago. Even in the most remote combat operating posts, we had access to wifi.
Not sure if this can be solved from the civilian side. There is just too much information being transmitted out of a combat zone, and I think it has to be controlled from the source. Certain sites need to be just blocked in combat zones. Rather, we need to only have a list of allowed sites.
I know how much it sucks in a combat zone, and I know how much that internet connection makes someone feel like they are still part of the civilization. However, some data just should not be transmitted out of it, and it needs to be heavily controlled.
In this particular case I'm not sure that blocking internet access at the base will solve much since the data is stored on the device, and it's enough to bring the device to a location with internet access?
Basically people go home or whatever and plug in their Garmin and then it'll just upload the last 6 months of data, and there is the same issue.
Why do deployed soldiers need personal fitness trackers (or what did you mean by a Garmin). Surely anything with a GPS or other wireless network abilities is an affront to opsec I'd imagine?
"need" or "want"? I'm sure they don't "need" them any more than anyone else, but I'm also sure they "want" them for the same reason as everyone else that wants them -- for fitness tracking.
I was hoping for something a little more inciteful ;o)
My imagination of how an army is run requires careful maintenance of fitness of soldiers, so use of PT instructors, regular monitoring of fitness metrics. It also has dieticians to monitor food production/intake. Opsec would probably deny any personal electronic devices.
If a deployed soldier needs to track their personal fitness then that suggests a deficiency - fitness of sisters must be of prime importance during deployment? There seems no reason that soldiers wouldn't have a fitness record they could access that included all food intake, mandated exercise, regular weight monitoring, blood pressure, and whatever.
Of course, the use of personal fitness devices suggests my conception is wildly off how a deployed corpus of soldiers is actually run.
> My imagination of how an army is run requires careful maintenance of fitness of soldiers, so use of PT instructors, regular monitoring of fitness metrics
When deployed operationally fitness is usually your own business. PTIs often have a different job operationally (something like close protection of the commanding officer), although they may provide some mentorship and help improvise fitness equipment.
Generally soldiers are treated like professionals and left to manage their own fitness when deployed, using the skills and self discipline they've been taught. A fitness monitor is a good way to do that.
> Opsec would probably deny any personal electronic devices.
It doesn't. I've been told to not connect to Afghan mobile networks, and obviously not to talk about what you are doing, but apart from that you can just use your common sense.
> Of course, the use of personal fitness devices suggests my conception is wildly off how a deployed corpus of soldiers is actually run.
It's probably far more chilled out than you imagine. In my experience tech people think the Army is all 'sir-yes-sir'. I've literally never said that in my entire life in the military.
use of PT instructors, regular monitoring of fitness metrics. It also has dieticians to monitor food production/intake
Check the FB group Fill Your Boots for what Army catering is really like... Nutrition seems to be very, very far down the list of priorities.
Soldiers generally lose a lot of fitness while deployed, manning an observation point or a weapons emplacement just doesn’t involve much movement, only a small minority are out on foot patrolling every day.
They are not robots. Why do they need iPads? Why do they need personal phones? Not being snide, but when on deployment they have a LOT of tech tools, just like any other demographic of folks. It's just a thing ...
True and false. At the moment, they are inexorably linked if tracking how much and how well you move is part of your fitness plan. GPS tends to be part of a common and usually pretty smart way to do that. For people who are deployed, it's important to have metrics of personal performance and keep track of any progress or decline in physical capabilities. Using that data wisely makes them better at whatever they do.
The problem isn't just the soldiers and it's not just Strava, it's the culture around data itself. Tech companies that produce quantified-self devices or services need to realize the ENORMOUS responsibility they're taking on by collecting and using this data. Users need to realize just what it is they are sharing and how their data gets from point A to point D. Burying it in the fine print is not enough. Maybe people should get into the habit of looking at the data profiles each company has on them or at least being aware of the totality of what's collected so they can make better decisions. It is kind of ironic that the point of collecting this data is to help people make better decisions while this particular case is actually a collection of really bad decisions. Fire is both a useful tool and a dangerous chemical reaction, this is no different.
Perhaps there needs to ALWAYS be an option to route the data to a private server of the user's choosing instead. If that were standard practice, it probably could have prevented this problem.
Well, the data does not just appear on strava all by itself. I made an assumption that a non-neglible fraction of the data uploaded was from Garmins/fitness trackers or similar devices (like watch for tracking your running etc).
I guess people could also be using their smartphone app, which I am less familiar with. If I'm misunderstanding what the source of the data is I apologize.
It's a platform problem. The cross-availability of information on let's say ... Google Android. They can use a microphone, wifi signal analysis, and other techniques that make your GPS coordination data moot. What's getting more complex is the data itself, and how it be sorted and moved around the need for actual location data. That's why I think the "disable GPS / Location" actions in Android (and macOS) needs to be more granular. When we say "don't track me" .. it means ... on everything and protect the information from software in silos. It goes against the grain of security vs. usability .. but its gonna happen by will of the people.
I believe it covers sensitive materials only. Soldiers should not be punished through UCMJ for using Strava. That's ridiculous. Strava just should not be accessible within Afghanistan.
So let me ask you .... how do IT folks actually handle this type of situation? The experience required for systems work both in the field and base are both between making soldiers at home, in combat zones, and also keeping them safe. It's something that requires a LOT of experience on new tech to really stop/filter/protect against situations where data is being transferred off base. There is also the STORED perspective. That data may not be transmitted ON base .. it could be transferred over a wifi at something like the "sister's house" or some other place you never expected on an open network for wifi with that device. It's nearly impossible to stop this. It's like White House leaks .. when there is a way to transmit, it will be used.
Exactly. I'm all for constructive criticisms to make technology better, but these services (like Strava) are reaching millions of people. We're only talking about this military base issue because we became aware of it. How many other externalities are waiting out there for us to find? We really can't expect tech companies to proactively account for all of them; that's literally impossible.
In this case, the sensitive data being uploaded is entirely the fault of the user. I'm actually shocked that soldiers would track a run around a military base. It takes about 10 seconds of thought to realize how bad of an idea that is.
100% behind your point. You are so much putting yourself and others in danger with using internet connected devices. Why don't you only use VPN secured services to text. Fitness tracking is like a luxury problem that puts alot of people at risk.
Everything shown in the Afghanistan heatmap is a military base.
The locations of these bases are not secrets, and the locals already know the layout thoroughly. What I am concerned about is that Strava released this data in such an easily accessible format, and also, whether they even had an internal conversation about managing sensitive material.
> whether they even had an internal conversation about managing sensitive material
Probably not, because that's not their job. A service like Strava should not have confidential or sensitive material uploaded to it (obviously), but it's not on Strava to make sure the data it has is not confidential or sensitive.
In some cases where the data is sparse, you can find where individual people live, because the trails sometimes lead back to a starting point. Like this person who runs around the park regularly. Of course you could also just follow them IRL if you were there, so I'm not sure this is a big deal.
So one of the reasons they publish the heat map is that it is a great tool for trail and route discovery. Look at an area where you haven't been before and activities pop right out. Many Strava users are using it this way.
So the concerns of people that need privacy are being balanced against that. Are the 2 options of either not using the activity tracking app or activitating the privacy setting not sufficient for people with safety concerns regarding their location?
Strava could easily make this opt in, or they could filter spots where there are only a few people using it. There are a ton of in between options, this data is not a yes or no scenario.
That seems like the best option: multiple users whose activity patterns aren’t highly similar (i.e. couples who run together) and blur start / end points which aren’t used by many people at different times.
Strava already has an option to mask your starting location. It tracks it from your house, but the public data hides a certain radius around your start and finish locations
I already use this feature but I can reliably find my driveway on the heatmap so either a) they aggregate everything into the heatmap regardless of the privacy sphere or b) it's from my friends visiting, picking me up, etc.
Either way, there's a very clear route that leaves the road at my house and follows my driveway. It doesn't take much effort to find many, many more examples of this throughout the heatmap.
The problem is that it’s not available in the mobile apps and fairly well hidden on the website. For a big public data dump it seems like a reasonable precaution to assume many users aren’t aware of that feature.
They want the UX to be opt in. Or more opt in anyway, that the data ends up on a server is reasonably clear, so just using Strava involves a fair amount of opting in to begin with.
I don't think I have strong feelings about it. I can see the point of something as severe as a data protection law that would require the app to explicitly ask for permission to share every activity (with options like "store to cloud" and "store to cloud, share data publicly"). On the other hand I'm not really bothered by the "don't use Strava" method of opting out of their data collection.
Look at an area where you haven't been before and activities pop right out.
Sometimes locals keep trails secret because having a ton of people on them would destroy them. I've been on both sides of that dilemma, but I don't think looking for trails on a heatmap is a good answer.
This is actually an existing Strava feature called Privacy Zones[1]. It doesn't explicitly say that setting up a Privacy Zone will render activities which exist entirely within those zones private or that the Global Heatmap respects privacy zones but those are reasonable assumptions.
You’d have to cache an available copy, wait for updated data, and then compare the two, to produce a diff. I’d imagine (or hope) there’s a process behind the scenes that slows down and selectively fragments the availability of new data, so that such diffs are too coarse to be revealing. Annual updates, staggered by decoupled groupings, being an ideal strategy.
In general though, just knowing that an event has ever occurred thanks to the map, circadian rhythms often take care of the rest, since it’s a map of (mostly recreational) human activity.
If you start and stop your run going different directions it's not too hard to figure out the central point between them, but if you start/stop from the same direction then it's not clear what the "middle" of the circle would be because the radius of the circle is configurable and unknown to viewers.
To expand on this, it takes three points to identify a circle, so you'd need to leave home and return from three different roads (at least at the intersection with the circle).
You can still potentially make useful inferences without 3 points. For instance, imagine the configuration where there is a single straight road that leads to your home (center of the privacy circle) - you can just extend the line where the GPS tracks for 5/8 mile (the biggest privacy setting) and infer the location of the home. Similarly, if you have 2 straight GPS tracks leading to your home, you can infer both the center and the radius of the privacy zone.
You may not get the exact street address, but you could definitely figure the block or the street. Maybe not super useful in a dense city, but that could leak quite a bit about you if you live in a suburb or rural area.
They’re also what 99% of their users use so they really meed to have feature parity on important things like privacy, especially given how trivial this would be (“fuzz n meters from my current location”).
Interestingly, this feature is one of the first I recall using on Android maybe 8 years ago. It was very visible and easy to turn on... Not sure why they made it harder to discover. Or have they removed it?
They do offer manual route trimming from both ends, too. I've found this useful mostly when I forget to turn off my watch after running.
I’d believe it needed work after a major rewrite and is still in someone’s backlog. They seem to have a fairly small dev team - probably busy with device support & other time-sinks.
I wish they had a way to do an auto-trim so my bike rides didn’t include GPS bounce leaving the building. CommuteMarker.com had auto-tagging for Strava rides but not auto-trimming last time I looked.
If you go to the Privacy section of the iOS app it's mentioned at the bottom with a link to the webpage ("Further customise your privacy..."). Not ideal you can't do it from within the app though.
They do have the counter pressure of not losing users or inspiring government action. I’m not sure how this plays, for example, with the EU data protection laws but I’d bet there are some smart lawyers looking at this.
Strava apps are not perfect; they have a lot of settings in weird places. To sync with an ANT+ or Bluetooth sensor on Android you have to actually start recording an activity, and then press the small "settings" button in that page. Those settings are different than the ones in the main "settings". And then you add your HR sensor, record heartrate data for your workout and at the end you find that if you want it displayed in the app you have to pay :).
I'd be curious if you're able to set up large privacy zones for the sensitive area case.
For instance, if I set a privacy zone centered on my house (or my military base) with a radius of 100 miles and all of my running activities are contained within that privacy zone are those runs automatically marked private? If I never run across the boundary then there's no issue of inadvertently exposing the privacy zone center point. Would Strava hide the GPS information but allow my run stats to accumulate? I don't think the feature is quite there yet but it could be close.
There is an alley in my neighborhood where a single line is super dark and turns into a single house. I'm not sure how useful that is but I'd still rather not have that line if it were my house.
> I'd still rather not have that line if it were my house.
Why? It indicates someone lives in the house. Pretty safe assumption without Strava.
The problem created by Strava (and other apps) is that people list their very expensive bike in their profile, then ride that bike to and from their house. Supposedly, thieves target users that way[1]. But the heat map does not provide that info, or link back to the rider/runner.
I'd say people with a GPS fitness tracker are much more likely to have small fenceable items that drug users (who burgle to feed their habit) are usually looking for. If you're after a good car, then they're probably good marks too - crossmatch with low populationin density FTW.
the flip side of that is that a GPS tracker is probably a better indicator still of "willingness to fight off an intruder or pursue an opportunist thieving items from a garden", especially in countries where normal people don't use firearms. Basic local knowledge probably gives you a better idea of which streets have the best cars - which are obviously usually visible when available to steal - and most fence-able items.
Even non-supervised iPhones can be set up with "Restrictions" where location services are disabled locked behind a passphrase. Surely an iPhone in supervised mode offers similar restrictions in any enterprisey MDM solution.
You can just opt out of the apps as well? I don't have either of those. I don't use Google Fit (or whatever that broken thing is called these days).
True, my phone can track my position and steps etc. - but I made every effort to opt out of bullshit and to not opt in into worse things (aka .. Strava etc.).
A phone is problematic these days. But I do believe that it mostly does what you want it to. People just love to share their lives online?
That's ... honestly a bit disappointing. While I personally believe that the leaking of military location data is almost entirely the military's problem/fault, I feel that this could have been avoided with a minimal bit of forethought by the Strava team. It's not their job to protect military secrets or keep track if some of the data that's sent to them may be connected to a military secret or not. They are, however, responsible for the individual privacy of their own users/customers.
I am reminded of the Dutch "first name database". It's a neat little website showing data (collected by the government/administrative/statistics dept). You can look up any first name in the Netherlands (17M ppl, FYI) and see how many people share this name. You can also see historical data how usage of the first name tracks through time.
AND, this is the crucial bit, you can also see a nice heat map of the geographical distribution for this first name, per municipality.
HOWEVER, and this is where it gets relevant to Strava. They simply won't show the geographical distribution heat map for names that are very rare. If a first name is not nationally rare, but it is in a certain municipality, they will also round it down to zero. Finally, if there's only 5 or less people in NL with that name they won't even show the full total (regardless of location).
Strava could, and IMHO should have done that for regions where only a single (or just a few) individual accounts run a track.
> Of course you could also just follow them IRL if you were there, so I'm not sure this is a big deal.
Yes. But in that case, the person being followed can tell that they are being followed. A spy (MI6/CIA/etc) might be able to follow a target without being seen, but an jilted lover would probably not. So the victim is aware that they are being observed, and by who.
In this case, the victim cannot see who is looking at the track, and cannot take evasive actions.
What have you actually learned? That somebody you don't know anything else about lives in that house? Presumably, you could have assumed that somebody you know nothing else about lives in that house. Somebody you don't know anything else about lives in every house.
I actually share your intuition that this is somehow terribly revealing, but I think this is a broken intuition that needs to be updated for a more technological age.
I've heard about similar issues in a somewhat older context; it took some training work to get 18-21-year-old Israeli draft soldiers to stop creating Facebook groups that reflected their unit structure, or at least to obfuscate the names. And there's been a lot of interesting work done by e.g. bellingcat.com to identify the exact Russian Army units and soldiers operating in Ukraine based on social media pictures taken out of theater.
OSINT is a very big field in military intelligence; with the amount of information everyone pumps out about themselves, some leakage of militarily sensitive information is bound to happen. As an organization defending against this type of espionage, you just have to try to minimize the leakage.
I’ve been fascinated by OSINT recently, not least for the amazing journalism bellingcat produces. Their investigations into Russian attack on MH17 and the coup attempt in turkey have both been some of the best journalism I’ve read.
Just started, and already found a patrol route of Pakistan army, although it was quite obvious one, going parallel to a border river. Hope they don't take this down, it's going to entertain me for many days to come.
On a more serious note though, this is an good example of how important it is to control our own data. It only makes me take even more efforts to secure my data and to try to make less of it available to others.
We really need to convert Internet to what it was meant to be, a "decentralised system"
I don't think a heat map of your surrounding environment counts as "your data".
Virtually every government seems to feel the same way, and in a rare moment I find myself in agreeance, even if this perspective currently manifests itself mostly in drug-related stings
Not the heat map of surroundings, but the map of routes taken by people, especially when it's not anonymised due to getting overlapped by other data, can surely be considered as personal data. Like in this case, it's with soldiers patrolling remote areas.
I guess the devs who made this heatmap forgot that one should remove data when there is not enough info to anonymise it by virtue of aggregation.(overlapping of multiple paths in this case).
What I was suggesting is that people should care about who gets to see the data they generate and try to minimise the count.
btw I didn't understand what you meant in the second sentence.
Yeah people on HN and elsewhere really have this warped view about how secure things are. They don’t understand that militaries and intelligence agencies are run by normal people with normal beauracies and dumb rules and shortsights. Look at the Snowden leaks, these people are not magical space wizards.
Use your imagination. Having a scrap of inside knowledge is a great asset for recruitment. You establish yourself as an insider and the target is more likely to spill some beans.
“Yeah, getting all those Foo widgets to that secret storage place was a real pain, I know! It was bunker X9, I think.. that’s the worst, am I right?"
More importantly, it's a bit harder to find (or operate) a reliable fully secure US owned communication system in Germany. Especially when compared to reliability and scale of the civilian GSM system.
The same way people believe that crypto-exchanges holding hundred of millions of dollars in coins must have James Bond movie kind of security, when in fact many times they just store the coins online on a computer connected to the internet.
There's people who are smart enough to design TEMPEST standards and a private global network, you'd think they could design something sufficiently idiot-proof to send military orders with ease. For fuck's sake, a basic messaging app hosted on military servers would do the trick, and it would be no different for users (rather than the Messages app, use the military app).
I respectfully disagree. For most troops, deploying with your personal device is a huge morale boost. Blocking GPS on these devices is not practical, and might actually help when it comes to innovation in the field (helicopter pilots using iPads to innovate routing, for example) - not to mention just basic morale (movies / music / what have you).
These tools also go a long way toward operational readiness / fitness. They incentivize these things and are used for a reason. There are trade-offs with all these things, not to mention the practical issues of blocking them.
I would expect, however, that identifying this as a huge security problem is relatively easy. "HEY DO NOT UPLOAD YOUR RUN WHILE DEPLOYED OR YOU MAY GET MORTARED" is likely a better option here, just below "MAKE SURE YOU WEAR YOUR NEON BELT" on every sign.
> "HEY DO NOT UPLOAD YOUR RUN WHILE DEPLOYED OR YOU MAY GET MORTARED" is likely a better option here, just below "MAKE SURE YOU WEAR YOUR NEON BELT" on every sign.
I take the whole lesson here to be: information can leak in unexpected ways. So solving this particular issue does nothing to help the larger problem. I'd imagine there are countless similar side channel leaks that already exist... and then even more that don't exist yet but will retroactively exist with a future phone or app update. The fox is in henhouse.
Agreed, but many times you need to be super explicit about the main channels, otherwise people just...forget and/or can't keep it all in their brain because some folks are bad with checklists.
It's stupid easy to leave an Apple Watch or FitBit on your wrist walking around a secure location (as evidence suggests). Big signs required to avoid these kinds of risks.
The signage required just to get people to leave their bloody phones outside a room is incredible - and they still err. Social Network training is already provided as well to avoid these kinds of social engineering risks, and yet... well, just search LinkedIn I'd imagine.
Communication with family and friends would be my first thought.
Many historical accounts put a lot of emphasise on the mail delivery and what the news from home was. It must be/have been a significant problem dealing with the mail when you had a lot of troops in the field.
Totally Agree. I was not assuming broadband capability / cell service for my hypothetical (also traditional comms may be limited in remote / classified environments) but that's definitely another reason to have a personal device. Comms with family would be critical if they are possible.
By now we all should have realized that all but a tiny fraction of people is illiterate about computers, the internet and their possibilities and dangers.
Because there are only so few people who have factually so much power, I urge every hacker, everybody who understands the digital world, to act in the best faith of everybody. This technological revolution is too important to serve only a few.
Luckily, many hackers do the right thing and don't do everything they could to maximize their immediate benefit. I sincerely hope for humanity, for the people of poor countries, for people suffering from corrupted governments, for people who weren't as fortunate as we were, that we provide them with the technology they need. But we must not maintain control over it to have control over them. Free and just software and hardware must prevail.
If you look at GPS watches like Garmin tactix Bravo. It has a feature set, where some of the features, really only makes sense in a military/hunting setting. Although I wonder what kind of animal you are hunting if you start your hunting trip by doing a HALO parachute jump.
Garmin is not the only one making those kind of GPS watches either. I believe that Suunto has similar watches as well.
Obviously the soldiers should not be uploading their GPS tracks to Strava. But banning your non special forces soldiers from buying the same "civilian" watches that your special forces soldiers use. Sounds like a morale killer.
If you look deeper into the security issues of USB and it’s less surprising: beyond the risk of basic malware, the devices are usually hackable which makes really hard to be certain about anything. Cutting out whole classes of attack makes sense when you know you have highly-skilled, well-funded adversaries and the budget to simply write off the extra overhead. Remember that their threat model doesn’t end at “my dirty picture collection leaked” but “we lost a war” or “we have to ask Congress for 10e9+ dollars for repairs/replacements”.
Around here a lot of places don't allow USB drives, but .. I think that's mostly a "Do Not Steal Our Data" policy.
Not, my real question is: Does that make sense? People talk about USB HID things, but .. I would expect that most keyboards and mice these days are using USB. So if you find a way to block USB drives for mass storage aka "Do Not Steal Data" uses, are you still open for all the "I type in exploits because I'm not really a USB drive, I can be a keyboard too" things?
At least 15 years ago I was told that the standard fix was epoxy: they’d pay a tech to chisel it off if the keyboard needed replacing rather than take the risk of unknown devices being plugged in.
> I can easily unplug them and insert my own, if you don't glue them in place.
Correct. If you're doing it right, you've blocked all unused ports, and you've glued in all used ports. Ideally having testing that the devices you're plugging in aren't already compromised first.
USB device fails and needs replacing? One place I worked disposed of the whole unit and bought a new computer to replace it, rather than dealing with glue removal. It's difficult to distinguish between legit and illegit tampering, so better to have no signs of tampering.
>I can easily unplug them and insert my own [keyboard/mouse]
Can you see where the problem lies? For you to be able to insert your own kb/mouse, you'd need to bring it from home in the first place. And while it might work if you're at an Internet cafe which isn't super strictly controlled, in an office with more stringent security requirements and checks you'd at least raise some eyebrows.
I was talking about the risks of having a USB device (not a keyboard, nor a mouse) being able to _act_ as one, delivering payloads. It can look like a normal usb drive or be tiny like a yubico key.
My subthread started as a reply to "Want to transfer files between computers? Can't use a thumb drive" and I wondered if that on its own - disallowing data transfers by say blocking USB mass storage device drivers or something - is useful or enough, when anything I can connect via USB can _act_ as a keyboard for example.
At no point did I talk about bringing an actual keyboard or mouse anywhere.
Could this be taken care of at the computer end instead, having the computer not automatically run things from a drive? It seems to me like the natural way to resolve the problem.
The drive might not be a drive but actually a program presenting as a keyboard that waits for a sufficient period of inactivity before performing a series of keypresses that runs arbitrary code and exfiltrates data off the back of that.
Not to mention lower level exploits that exist for USB.
There's WiFi enabled SD cards[0]. I had one of those and it was running Linux, you could SSH into it. Maybe the attack-surface to the host computer is smaller (I'm not sure about that either). But there's certainly enough bad stuff an SD card could do.
I imagine it has something to do with sparse tracking. The final ascent / decent is I think the better part of an entire day. You can't have full high accuracy GPS on for that long and have the battery last. So you may put the device away for a while, and get it back out when you finally summit to track that you were there. And lower on the mountain you might have extra ridges in the way, like in a city with lots of tall buildings, where you just can't get the best signal. And on Everest there is no WiFi or cell signal to cheat with. I would also think that personal device GPS may get a bit confused at that altitude. That is not really the expected working conditions.
In my experience, GPS doesn't work well when the device is in a pack or even a thick jacket. Also, batteries don't work well in the cold. Combine those two things, it's hard to get continuous GPS tracking in cold environments.
'battery saving" location mode uses cellular signals to triangulate your position. I've seen this happen before on the map in gFit app I guess when gps wouldn't lock
They don't. There seems to be some confusion about how Strava works in this thread. People turn it on to track physical activity (i.e. exercise). Nobody is tracking their "military activity." They're turning Strava on when they go for a jog around the base. And then they stop it when their run is finished. If enough people on the base do this, then common routes will stand out on the aggregate map.
Nobody on a smuggling operation would have Strava turned on. That makes no sense.
that was my assumption as well, but examining the heat map data leads me to believe that certain always on devices are contributing data, are fit-bits constantly supplying coordinates? for instance, zoom in on the white house lawn. also look at the tracks between ascension island and Saint Helena in the Atlantic, it sure looks like cruising sailors are leaving tracks as they transit ports. I found others that clearly looked like people in tropical harbors near resorts zooming back and forth on what maybe are jet skis. that type of activity doesn't mesh with how I understand and use Strava, when I switch it on just for a run or cycle and then off after being done. I think there's some source of always on data being placed onto the heat map.
The most interesting thing I stumbled across so far is Detroit, where people don't run in huge swaths of the neighborhoods. I'm familiar with the city so I expected dead zones, but nothing like this.
More accurately it's where people don't send their tracking data. Plausible to also say that it's where people don't own this tracking software/device at all. However it seems like a gigantic stretch to derive that there's no running going on.
In the US, it's almost entirely rich, white people that upload data to strava. You can easily see racial/economic divisions in any major united states city. Baltimore is a great example[1]; white people live in the center but not on the east or west sides (Canton excepted).
I'm not sure it is that simple. May be college/university education is a better predictor for Strava usage. But given that education in the US correlates with both race and income it is hard to say without controlling other variables.
You can find out certain routes Pine Gap(NSA spy base) employees take. You can even pinpoint which buildings in their spy base have higher security clearances. You can even see them patroling and exploring their land, and someone randomly running in a circle.
At Apple Park (AC 2), the spaceship footprint is still invisible as of the date of this data. Next year it should be clearly visible. (Sorry, off topic with respect to the "military base" in title, just having fun browsing the data).
Some other fun (but not so secret) things to look at: research stations in Antarctica, tourism in North Korea (as well as some officials traveling it seems; some tracks cross the DMZ), your own garden if you have one. There's even a track at the Area 51.
Moving between North and South Korea is restricted but not completely eliminated. There are people who legiimately work in one and live in the other (not just officials).
How did no one working at Strava think about the implications of releasing this data? Zero scrutiny? I am sure there are some very interesting locations on there... reading through the twitter thread it would seem so
You know what else is public , insecure information? Maps. Pictures. Roads. Physically going to a location and seeing a driveway.
Yes, there is a bright line on Strava that leads from a spiderweb of trails in the park right to the door of my private, personal house! My neighbors don't run often, but I post on Strava 5 days a week, so my driveway stands out like a yellow arrow. You could learn, from the Strava dataset, that someone (me) lives in my house. Gasp! /s.
Of course someone lives in my house. It is not news to anyone local. My address is on the map, and it's pretty obvious that someone lives here if you drive by and see it.
What damage has Strava done by releasing this data? Humans that post on Strava are not hermits, trying to remain secret in their underground hideouts in the middle of nowhere. We live in houses, or on giant military bases...we're not exactly hidden.
"I live in a [Blue/Red] state and it's no secret that I'm a [Democrat/Republican] - as is the majority of my state. It wouldn't bother me in the slightest if the voting records of everyone were published. You could get the same information just by asking - which is exactly what exit polls do. Don't see the issue."
There is something (seriously) wrong with the above thinking. I don't think I need to spell it out.
I agree that voting records should be kept secret, but information like the location of a house at the end of my line on the Strava heatmap is not analogous to voting records.
Thanks for your polite response and query. I see you are a longstanding user here and you were quite specific in your question.
- The answer is: it's the attitude itself which I consider equivalent.
Here again is the poster (direct unmodified and representative quote):
>Of course someone lives in my house. It is not news to anyone local. My address is on the map, and it's pretty obvious that someone lives here if you drive by and see it.
Here is my pretend quote for comparison:
>It's no secret that I'm a [Democrat/Republican] - You could get the same information just by asking.
If you don't see how this is literally the exact same attitude then you kind of need me to come up with scenarios.
Since you politely asked me to spell it out, what is your guess - what do I mean, why is it the same attitude exactly?
I appreciate your tone with me and if you will do me the courtesy of guessing what I mean then I can correct you if that is not what I meant. What's your most charitable guess, why did I mean that it is the same attitude?
Voter rolls and (registered) party membership literally are published (some states charge for it) so in your example the actual vote is really the only thing on the line.
ok you didn't guess what I mean. OP is also voting with their feet: now that this is published they can't lie and say they also run laps around their house, if they're known to wear a fitbit and claim they wear it while running - but there's:
>"Yes, there is a bright line on Strava that leads from a spiderweb of trails in the park right to the door of my private, personal house! "
... and not to laps around it, ever. So their voting with their feet is recorded plainly for everyone to see. Doubt they checked "Share my personal steps (location) history with entire world" in any agreement - nobody would check that box any more than anyone would check a Gmail box "Allow Google to publish all contents of my Google account, including all chats and emails, with entire world."
But their attitude is "so what - people could see that information anyway". It's exactly the same attitude as "so what - if anyone asked me I'd be happy to tell them I'm a [Democrat/Republican]". Please judge their sentiment here (attitude) as that is what I am comparing.
I don't see how it's Strava's fault. Surely if it's sensitive information then it's the military personnel who are at fault for uploading the data to a public website.
eh maybe send a newsletter to everyone registered to the service announcing it, then if people have complaints like "Hey I totally forgot I should have not done this..." / valid reason they can email and you can take their device id out of the megadump?
To be honest I'm more concerned personal devices were allowed at these locations. That and somebody posting it on Twitter instead of disclosing it responsibly to the parties involved. Sure it's not his fault, but he doesn't need to make it worse.
It would be scary if someone found a flaw in their API or data that exposed who went where from where everyday. It may not be stored that way but people who work at secure locations aren't allowed to bring in cell phones or workout watches but they still bring them to the parking lot showing who works where. If a flaw like this is discovered it would obviously be bad.
Would be good to read what steps Strava uses to anonymize this data prior or shortly following upload.
I'm also hoping they put some logic to prevent a single device trace from showing up on the heatmap regardless of frequency, and that 2 devices would need to converge within a radius for there to be a trace, but that might be wishful thinking.
Just how much useful military information can soldiers haemorrhage from their cellphones? Imagine somebody being convicted of war crimes in an international tribunal because some recruit forgot to turn off their automatic geo-locating Candy Crush notifications. This is quite the brave new world we are entering.
Websites are like salespeople and the police: they can and will use your data against you.
The first time I was told about Strava, I immediately dismissed it as useless. (After all, what service could they possibly provide when I'm unwilling to tell them precisely where I go to work out?) I almost gave a quizzical look to my conversation partner, but that would have given him more insight into my thoughts than I cared to share, so I surpressed the expression.
It's pretty easy to find Al-Udeid Air Base, which was secret until the mid 2000s. Some of the other details like patrols, convoy routes, and missile battery locations may not be classified, but are probably things the US military would rather not see online
All I see are people looking at places they already know about and seeing that people have used Strava there. If these people already know the locations, so does anyone else who matters.
Not secret in the sense that the enemies of respective nations already knew them, but secret in the sense that only the militaries knew them, now the whole world does.
I think the patrol routes are more important(fun) than locations.
Yet people think I'm paranoid for not wanting whatever the latest health tracking gadget is. I would love to have an FOSS fitbit equivalent that doesn't share my information with anyone but me, preferably a manual download or a manual bluetooth switch (so it can be off when out and about).
It's like these companies valuations aren't off the product, but more off how much data they are getting off consumers. I bet they are selling this to advertisers.
> Metro anonymizes and aggregates this data and then partners with departments of transportation and city planning groups to improve infrastructure for bicyclists and pedestrians.
I'm not sure if you're being pedantic in that most 'satellite' photos are actually aerial or not.
The more obvious sources would be Bing Maps and Google Maps/Google Earth, and they likely aggregate multiple sources. I know I've seen Digital Globe[2], USGS[4], and Pictometry[5] cited as sources.
A quick Google search[1] brings up Digital Globe[2] and a list[3] as the first two non-sponsored results.
Aggregate data about private zones would give the company these some interesting data, especially combined with other customer data. Knowing which people don't want you tracking their location, and where, and how these zones line up between different groups of people, would give you a lot of information about what areas each group considers sensitive.
(e.g. Say you could cross-reference some of your customers with military ranks, and a bunch of people above rank X had a certain area blocked out. You could then infer that (a) there's something there that only people with that level of clearance would know about, and (b) then infer that anyone else who blocked it out had at least that level of clearance.)
A well-established military base, even in a combat zone, has access to wifi and cellphone network.
We are constantly training physically, and we like to keep track of ourselves. We were one of the first adopters of fitness trackers, and I used a couple of them myself also.
I have knowledge of a handful of tiny uhh "State Department" facilities that rely on their obscurity for security (a fairly common practice that works in the military for the most part, since fog of war on the ground is a very real thing). Those facilities are visible even from the global view with max zoom.
The most fascinating spots are located near the equator, in the middle of the ocean, or the desert of North Africa.
There are many seemingly "uninhabited" places in these remote equatorial areas that light up with clear tracks or circles, in areas that are obscured by clouds, blurred or look like brown dirt.
My email is in my profile, downloading this would be very fun. It would just need a tonne of bandwidth and even more diskspace, and I don't have much of either myself.
We already asked you to please start posting substantively, so we've banned the account. We're happy to unban accounts if you email us at hn@ycombinator.com and we believe you'll post civilly and substantively in the future.
As others have noted, this goes beyond just "there's something here". For military bases, you can sometimes get a good idea of the patrol routes. For sparsely populated areas, you can get a good idea of what routes a particular home owner exercises on.
I just created an overlay of Google Maps and Strava Heatmap of the forward operating base I was at in Afghanistan. The heatmap clearly shows the layout of the base.
That base has been in operation for at least 6-8 years, and it is well-developed. The up-to-date satellite imagery of the area is not available on Google Maps for a good reason, and Strava just released it.
I imagine that this heatmap has been thoroughly scraped already.
* I was deployed to Afghanistan from 2011-2012.
edit: initially mis-typed '2011-2102' =D
edit2: A well-established military base, even in a combat zone, has access to wifi and cellphone network. We are constantly training physically, and we like to keep track of ourselves. We were early adopters of fitness trackers, and I used a couple of them myself also.