23:21 GMT28 October 2020
Listen Live
    Tech
    Get short URL
    by
    3128
    Subscribe

    This is not the first time the fitness app has been mined for personal data. In 2018, Strava published a global heatmap of user training sessions and heat anomalies located in various warzones led some experts to the conclusion that they corresponded with the location of secret military bases.

    Nick Waters, a researcher for Bellingcat, claims to have found a way to reveal the secret identities of UK's elite SAS unit members by using the Strava fitness application, he said in an interview with the Daily Mail.

    Waters abused Strava's feature allowing users to see personal information, such as full names, of those who ran the same route as you. So, if the app sees that a user ran a lap, say, inside the SAS base in Hereford, it would easily reveal the data on all of those anonymous SAS soldiers using the same app.

    There only problem would be to get inside the elite military base as it is locked to ordinary civilians. But Waters found a workaround this problem, since feeding Strava fake data would make it believe you actually had a training session inside that base.

    "I made up my own training session and convinced Strava that I had run a certain distance in a certain time inside the base. The app then started giving me the names and Facebook profiles of people who had actually run the same route", he detailed.

    Using this method, Waters got his hands on the names of 14 SAS servicemen in a mere five minutes, adding that he "freaked out" over how easy it was to have access to information he is obviously not supposed to know.

    "It shows how social media is an incredibly powerful monitoring tool and it can be used by anyone to access personal information", the researcher noted.

    The Strava fitness app has recently become notably effective in revealing military secrets. In 2018, the authors of the app published a global heatmap for training activities, featuring several anomalies – small hotspots located in war zones surrounded by "dark" cities. At the time, several researchers, including from Bellingcat, suggested that the hotspots indicated the presence of secret military bases where troops used Strava for training sessions, oblivious to having their location be outed.

    Following the incident, The Pentagon banned the use of fitness apps and trackers on its military bases worldwide, to prevent further exposure of sensitive military data.

    Related:

    Best-Kept Nazi Secret Revealed? Man Claims He Knows Location of Amber Room
    Google Accidentally Reveals Locations of Secret Taiwan Missile Sites (PHOTOS)
    Secret Location of British GCHQ Spy Hub During 2012 Olympics Revealed
    Atomic Error: IAF F-35 Accidentally Reveals Location Over Secret Israeli Nuclear Facility
    Tags:
    classified, secret, Strava app, SAS, UK
    Community standardsDiscussion