It resurfaced over the weekend after it was discovered the map could not only reveal the most popular jogging paths in New York City, but the location of USA service members overseas who often operate in precarious security environments.
The location of military bases is generally known by other factors, including local knowledge of an area and pre-existing satellite imaging tools such as Google Earth.
Multiple running routes were flagged by Ruser with others subsequently finding further military bases through the heatmap.
It’s unlikely the vulnerabilities are limited to just USA military bases, although fortunately, you can shut off data sharing in the app, something the company quickly recommended military personnel do.
Twenty-year-old university student Nathan Ruser stumbled across the map on a blog and was inspired to look more closely after his dad reportedly offered that the map gave a snapshot of “where rich white people are” in the world. But this morning the map appears to have been taken offline.
Ruser goes on to point out that it not just USA military bases which are revealed online by Strava’s heat map. This has raised security concerns about personnel at USA military bases around the world. A few Russian bases also surfaced. Sounds unusual, that’s what could be sourced from the global heatmap released by Strava Labs in November 2017. On top of precise locations, the data Strava plotted provides insights into how people are moving around different places, including army bases. He said that private locations had already been removed from the map.
The company said in a statement: “Our global heatmap represents an aggregated and anonymised view of over a billion activities uploaded to our platform”. And this can’t really be put on Strava, as the app is upfront with the data it collects.
A user who visits one secret military base, say a missile base, and then visits another location, may indicate that there’s another, previously secure, site of interest.
The military believes this software could be a major potential security threat. Anyone who gains access to Strava’s data, legally or otherwise, can then track that soldier’s movement, .
Strava, meanwhile, has not done anything wrong, as its app does offer users a way to opt-out of location tracking.