Strava, a social networking app for tracking one's workouts, serves a great purpose in tracking activity and comparing it to friends, but the platform revealed a major security issue over the weekend when it released a heatmap of a billion 2017 user workouts, and in the process revealed several classified military bases that users had jogged around. These bases, in Turkey, Syria, and Yemen weren't the only sensitive locations shown - other installations from Russia, China, and Taiwan popped up too. However, the demographics of the app lean heavily western, young, and active, which means it's in the hands of many US soldiers, and our large military presence around the world creates an ongoing security issue. Many of the installations found exist in countries with virtually no other Strava activity, making them clearly visible.
Strava pulls its data from Fitbits and smartphones, and the further concern is that if users aren't closing the app after excersise it could track their day to day routines. This could be especially concerning because it reveals supply routes or puts users at risk should they leave the installation. And, if user information is ever hacked there is concern that hackers could dig into a specific user's past routes on other installations, or even compromise undercover agents. This kind of information can inform other states or even terrorists about where to attack, especially if that installation was previously secret and in vulnerable territory.
But funny enough, no Strava data shows up over the Pentagon. No official statement from the US military has been released, but this event will likely trigger increased security procedures in an era where the cloud is always watching you.
This article was based on a January 29, 2018 Business Insider article by Alex Lockie.