Login required to started new threads

Login required to post replies

Prev Next
Re: Strava & The Military [Bob Loblaw] [ In reply to ]
Quote | Reply
Bob Loblaw wrote:
so that none of that information is easily available to someone who just clicks on my profile. (our house is one of 1400 apartments in our complex, so i don't bother w/one there).


Enhanced Privacy Mode on Strave prevents anyone who doesn't follow you from seeing that info. And you have to "approve" people who want to follow you.

Of course the zones are still useful because there's a class of people who you may want to allow follow you, but don't want to show the path to your doorstep.

After looking at the privacy settings, the mechanisms are all there for military people to be safe without stopping all use of Strava. You can even turn off uploading your data to heat maps.

I smell a new mandatory online training module! Yay!
Last edited by: trail: Jan 30, 18 6:31
Quote Reply
Re: Strava & The Military [Bob Loblaw] [ In reply to ]
Quote | Reply
Bob Loblaw wrote:
dAsh. wrote:


On a similar note, I make a point of never making an activity public if I started or finished it within a certain radius of my house. My husband, however, used to share workouts that literally started at our front door. That extra level of security had just never occurred to him, because he is a man and doesn't naturally think about safety precautions the same way women have to. (That said, he cringed when he saw this report, so at least he gets it when it comes to national security, ha.)


1) I set up 'privacy zones' around a few spots - my parents' houses, the kid's school - so that none of that information is easily available to someone who just clicks on my profile. (our house is one of 1400 apartments in our complex, so i don't bother w/one there).

2) I assume that those privacy zones don't really do that much. They just make it so that if someone is after me, they'll need to do modicum of legwork to figure out my more precise locations.

3) But: i'm just a guy. I've got zero security clearances or anything like that.

I still don't get how people didn't realize that a location tracking ap was tracking their location....

Other activity tracking apps like RunKeeper are private by default and you have to specifically seek out friends to share activities with if you are so inclined. Some people assume that Strava is the same way -- a basic activity tracker. The public and social media aspects don't cross their minds.

To your first points, I was simply giving an example of how something Strava-related was obvious to me but not my husband. Similarly, something like public Strava heatmaps showing workout locations is obvious to us but not others. We are triathletes who care about performance, so it makes sense that we're more aware of Strava's capabilities. Others are simply logging their required workout times and making sure they can pass a physical fitness test, so it's not a stretch to assume that they don't think about the app beyond start/stop/time/pace.

(To delve a little deeper in response to your 1-3: The privacy zones are great. I wasn't saying that men don't take safety precautions; just that they don't have to think about those things at the same level as women unfortunately do. For example, even though you're one of 1400 apartments, if you workout at similar times from day to day, it wouldn't be too difficult for someone to track you down. One of my college roommates was attacked outside of our apartment building due to a sick person simply knowing our apartment complex -- our apt was one of hundreds -- and observing her work patterns. Since you're a man, odds are you don't have to worry about that and therefore your brain doesn't *automatically* go there.)
Quote Reply
Re: Strava & The Military [RandMart] [ In reply to ]
Quote | Reply
I mentioned this exact thing to some FBI friends and my brother (retired Army Special Forces) a few years ago when the heat map was introduced. I said this very thing that it was a potential security issue because you'd have a lot of military folks and government spooks uploading shit to Strava from undisclosed and secret locations. I'm surprised it took this long to become newsworthy.

As someone said, with a little bit of sleuthing someone could cross reference Strava activity from certain places around Ft. Bragg, Virginia Beach, Langley, Williamsburg, etc. with remote locations in world hotspots and come to the conclusion that certain SF groups, or SEAL teams, or CIA operatives are operating there.

It's just terrible operational and situational awareness.

Favorite Gear: Dimond | Cadex | Desoto Sport | Hoka One One
Quote Reply
Re: Strava & The Military [spudone] [ In reply to ]
Quote | Reply
spudone wrote:
.....also consider nowadays most Garmin devices allow you to connect both to GPS and GLONASS. If you're talking about strict operational security, I think you have to prevent connecting to Russian satellites.
Why does it matter if you use Russian satellites? Surely your GPS watch or bike computer is just a time receiver. What's the risk?
Quote Reply
Re: Strava & The Military [Ai_1] [ In reply to ]
Quote | Reply
Ai_1 wrote:
spudone wrote:
.....also consider nowadays most Garmin devices allow you to connect both to GPS and GLONASS. If you're talking about strict operational security, I think you have to prevent connecting to Russian satellites.

Why does it matter if you use Russian satellites? Surely your GPS watch or bike computer is just a time receiver. What's the risk?

You're absolutely right; GPS devices are only receivers; they don't broadcast anything. A GPS or GLONASS satellite, on the other hand, only broadcasts a very precise time along with other data to the device. There is no "connection" between the two. There is no risk to using a GLONASS satellite.

___________________________________________________
Taco cat spelled backwards is....taco cat.
Quote Reply
Re: Strava & The Military [spot] [ In reply to ]
Quote | Reply
Precisely
Quote Reply
Re: Strava & The Military [spudone] [ In reply to ]
Quote | Reply
I disagree; this is not for technology companies to mitigate for. This is poor OpSec on an individuals' part. How many of these people post what they're up to on Facebook for example - none I'll bet.

Engage brain before hitting the 'send' key.

29 years and counting
Quote Reply
Re: Strava & The Military [The GMAN] [ In reply to ]
Quote | Reply
Easy to fix, though. Strava already has all the options needed. It just takes 2-3 steps and a little thought right now. I think it would be super easy for Strava to add a "military personnel" checkbox that combines those into one step.

Or they could just stop using Strava while deployed.
Quote Reply
Re: Strava & The Military [trail] [ In reply to ]
Quote | Reply
trail wrote:
Easy to fix, though. Strava already has all the options needed. It just takes 2-3 steps and a little thought right now. I think it would be super easy for Strava to add a "military personnel" checkbox that combines those into one step.

Or they could just stop using Strava while deployed.


They need to stop uploading stuff. Period. This is a failure of military leadership to not put an end to this. It’s one thing for the everyday rank and file to do it from well known bases. It’s another thing for spec ops guys to do it from hush-hush locations.

It’s not Strava’s job to police this.

Favorite Gear: Dimond | Cadex | Desoto Sport | Hoka One One
Last edited by: The GMAN: Jan 31, 18 7:58
Quote Reply
Re: Strava & The Military [trail] [ In reply to ]
Quote | Reply
trail wrote:
Easy to fix, though. Strava already has all the options needed. It just takes 2-3 steps and a little thought right now. I think it would be super easy for Strava to add a "military personnel" checkbox that combines those into one step.

That's actually worse from a security standpoint than the situation at present. It immediately makes Strava a more valuable asset to target, since they'd have a handy-dandy list of military members.


-
My tiny little slice of the internets: dcrainmaker.com
Quote Reply
Re: Strava & The Military [dcrainmaker] [ In reply to ]
Quote | Reply
dcrainmaker wrote:
trail wrote:
Easy to fix, though. Strava already has all the options needed. It just takes 2-3 steps and a little thought right now. I think it would be super easy for Strava to add a "military personnel" checkbox that combines those into one step.


That's actually worse from a security standpoint than the situation at present. It immediately makes Strava a more valuable asset to target, since they'd have a handy-dandy list of military members.

Yeah, that's a valid point, so add the feature of not participating in data aggregation (heatmap) to the "Enhanced Privacy Mode." And I think there may be one more step I'm forgetting (see how complicated!). That's all I really meant. Really no need for a new button or specific catering to the "military."

But since this really isn't unique to Strava at all - there are hundreds of apps and sites with similar potential - I think these guys really need special modes on their phones (I assume this is largely a smartphone problem) that just disables a bunch of services on the operating system level. So they don't have to worry about 50 different settings in 12 apps. Taking away smartphones from *all* of them would probably have signfiicant morale consequences.
Quote Reply
Re: Strava & The Military [trail] [ In reply to ]
Quote | Reply
trail wrote:
dcrainmaker wrote:
trail wrote:
Easy to fix, though. Strava already has all the options needed. It just takes 2-3 steps and a little thought right now. I think it would be super easy for Strava to add a "military personnel" checkbox that combines those into one step.


That's actually worse from a security standpoint than the situation at present. It immediately makes Strava a more valuable asset to target, since they'd have a handy-dandy list of military members.


Yeah, that's a valid point, so add the feature of not participating in data aggregation (heatmap) to the "Enhanced Privacy Mode." And I think there may be one more step I'm forgetting (see how complicated!). That's all I really meant. Really no need for a new button or specific catering to the "military."

But since this really isn't unique to Strava at all - there are hundreds of apps and sites with similar potential - I think these guys really need special modes on their phones (I assume this is largely a smartphone problem) that just disables a bunch of services on the operating system level. So they don't have to worry about 50 different settings in 12 apps. Taking away smartphones from *all* of them would probably have signfiicant morale consequences.

Or someone who is deployed to a secret military base can turn off their moron gene and know that recording a run and posting it on a public website while deployed is a stupid idea and take responsibility for themselves.
Quote Reply
Re: Strava & The Military [marklemcd] [ In reply to ]
Quote | Reply
marklemcd wrote:

Or someone who is deployed to a secret military base can turn off their moron gene and know that recording a run and posting it on a public website while deployed is a stupid idea and take responsibility for themselves.

These are often kids, often not properly privacy-savvy despite the umpteenth online training courses they're forced to take. It's just a reality.
Quote Reply
Re: Strava & The Military [spudone] [ In reply to ]
Quote | Reply
I was in Iraq in 2007 and I remember one morning Gen O came on during his morning brief and said he was going to shut down the bleeping internet if someone didn't stop fixing google maps. I don't know the whole story, but supposedly someone had gone onto google maps and made a bunch of corrections to it for Camp Victory which was were all of the command posts were.
Quote Reply
Re: Strava & The Military [trail] [ In reply to ]
Quote | Reply
Amen brother. Hell, the saying is it doesn't count if it's not on Strava. A lot of young soldiers probably want to capture their workouts just like the rest of us.
Quote Reply
Re: Strava & The Military [TriathlonJoe] [ In reply to ]
Quote | Reply
A contractor in Iraq was posting his workouts on fB. Was riding his bike OFF the FOB even. This was fairly recent. Never heard if he ended up on Al Jazeera in one of the ISIS videos. I certainly hope not. However, the old axiom of “if you’re going to be stupid, you got to be tough” still rings true.
Quote Reply
Re: Strava & The Military [trail] [ In reply to ]
Quote | Reply
trail wrote:
marklemcd wrote:


Or someone who is deployed to a secret military base can turn off their moron gene and know that recording a run and posting it on a public website while deployed is a stupid idea and take responsibility for themselves.


These are often kids, often not properly privacy-savvy despite the umpteenth online training courses they're forced to take. It's just a reality.

They are not kids. They are adults, do not infantilize them.
Quote Reply
Re: Strava & The Military [Ai_1] [ In reply to ]
Quote | Reply
Ai_1 wrote:
spudone wrote:
.....also consider nowadays most Garmin devices allow you to connect both to GPS and GLONASS. If you're talking about strict operational security, I think you have to prevent connecting to Russian satellites.

Why does it matter if you use Russian satellites? Surely your GPS watch or bike computer is just a time receiver. What's the risk?

I was thinking of accuracy, but after writing that I was wrong. The U.S. used to have something - selective availability(?) that downgraded accuracy for civilian devices but they discontinued that years ago.
Last edited by: spudone: Jan 31, 18 12:56
Quote Reply
Re: Strava & The Military [marklemcd] [ In reply to ]
Quote | Reply
Quote:

They are not kids. They are adults, do not infantilize them.

I work with young Marines on a regular basis. Love 'em to death. Just out of boot camp, they're often just kids. Not a pejorative or infantilizing. Just reality.
Quote Reply
Re: Strava & The Military [trail] [ In reply to ]
Quote | Reply
trail wrote:
Quote:
They are not kids. They are adults, do not infantilize them.


I work with young Marines on a regular basis. Love 'em to death. Just out of boot camp, they're often just kids. Not a pejorative or infantilizing. Just reality.
[/quote]
No. They are adults. They are inexperienced. But they are adults.They are fully 100% responsible for their own actions.
Quote Reply
Re: Strava & The Military [marklemcd] [ In reply to ]
Quote | Reply
[quote marklemcd
No. They are adults. They are inexperienced. But they are adults.They are fully 100% responsible for their own actions.[/quote]

They're often kids. And no one is harder on young Marines in this respect than "old Marines." Of course they'll be held responsible. But they already go through hours of mandatory training on smartphones, apps, social media, etc. And yet look where we are. It sometimes helps to meet them halfway. Give them simple, easy-to-use tools so they can focus on Marine things and not being an expert on locking down iOS or Android. Operational security is a job that needs to account for the real world, not the world of an idealogue. You'd be a good guy to give the tough-guy speech where the next guy who leaves his phone's location service on is cleaning latrines for a month. But there also need to be people who teach them how to do it, and provide easy ways to do it. Because 30 guys you just gave the speech to have no idea what a "location service" is or how to turn it off or tell of it's on. Even seasoned guys occasionally screw it up.
Quote Reply
Re: Strava & The Military [trail] [ In reply to ]
Quote | Reply
trail wrote:
marklemcd wrote:


Or someone who is deployed to a secret military base can turn off their moron gene and know that recording a run and posting it on a public website while deployed is a stupid idea and take responsibility for themselves.


These are often kids, often not properly privacy-savvy despite the umpteenth online training courses they're forced to take. It's just a reality.

The spec ops guys and government operatives are certainly not kids. Much of the hidden bases and undisclosed locales are not going to be made up of fresh faced 18 year olds just out of basic.

Favorite Gear: Dimond | Cadex | Desoto Sport | Hoka One One
Quote Reply
Re: Strava & The Military [The GMAN] [ In reply to ]
Quote | Reply
The GMAN wrote:
trail wrote:
marklemcd wrote:


Or someone who is deployed to a secret military base can turn off their moron gene and know that recording a run and posting it on a public website while deployed is a stupid idea and take responsibility for themselves.


These are often kids, often not properly privacy-savvy despite the umpteenth online training courses they're forced to take. It's just a reality.


The spec ops guys and government operatives are certainly not kids. Much of the hidden bases and undisclosed locales are not going to be made up of fresh faced 18 year olds just out of basic.

Sure, but it's a spectrum. There are your truly secret places. Then there are more mundane FOBs that aren't officially "secret" but neither do you really want their location really public, nor patterns of movement public.

And there's a range of experience within any base too. Sometimes it's just a young, relatively inexperienced kid who's performing physical security (manning the gate), or driving suppies to the base in a HMMWV, etc. And then there's civilians too....
Quote Reply

Prev Next