Fitness App Strava Gives Away Location of Foreign Leaders, Report Finds
- Reference: 0175340515
- News link: https://yro.slashdot.org/story/24/10/28/2239220/fitness-app-strava-gives-away-location-of-foreign-leaders-report-finds
- Source link:
> Le Monde found that some U.S. Secret Service agents use the Strava fitness app, including in recent weeks after two assassination attempts on Trump, in a video investigation released in French and in English. Strava is a fitness tracking app primarily used by runners and cyclists to record their activities and share their workouts with a community. Le Monde also found Strava users among the security staff for French President Emmanuel Macron and Russian President Vladimir Putin. In one example, Le Monde traced the Strava movements of Macron's bodyguards to determine that the French leader spent a weekend in the Normandy seaside resort of Honfleur in 2021. The trip was meant to be private and wasn't listed on the president's official agenda.
>
> Le Monde said the whereabouts of Melania Trump and Jill Biden could also be pinpointed by tracking their bodyguards' Strava profiles. In a statement to Le Monde, the U.S. Secret Service said its staff aren't allowed to use personal electronic devices while on duty during protective assignments but "we do not prohibit an employee's personal use of social media off-duty." "Affected personnel has been notified," it said. "We will review this information to determine if any additional training or guidance is required." "We do not assess that there were any impacts to protective operations or threats to any protectees," it added. Locations "are regularly disclosed as part of public schedule releases."
>
> In another example, Le Monde reported that a U.S. Secret Service agent's Strava profile revealed the location of a hotel where Biden subsequently stayed in San Francisco for high-stakes talks with Chinese President Xi Jinping in 2023. A few hours before Biden's arrival, the agent went jogging from the hotel, using Strava which traced his route, the newspaper found. The newspaper's journalists say they identified 26 U.S. agents, 12 members of the French GSPR, the Security Group of the Presidency of the Republic, and six members of the Russian FSO, or Federal Protection Service, all of them in charge of presidential security, who had public accounts on Strava and were therefore communicating their movements online, including during professional trips. Le Monde did not identify the bodyguards by name for security reasons.
[1] https://www.lemonde.fr/en/pixels/article/2024/10/27/strava-the-exercise-app-filled-with-security-holes_6730709_13.html
[2] https://www.independent.co.uk/news/world/americas/strava-ap-le-monde-joe-biden-emmanuel-macron-b2637057.html
Phones track you (Score:3)
If you have a job that requires any degree of secrecy leave your phone at home. You can actually live with out it. How many military personnel give away their movements? How many government workers with security clearance routinely talk about secrets on their cell phone with the only authenticating feature of the person they are talking to being the phone number?
No Shit (Score:3)
This came up years ago with military members having their location outed. Especially with Stava being a "social" app designed for sharing your location. If Secret Service agents are using this when location is sensitive they are just incompetent.
Re: (Score:3)
Only 6 years ago. Probably still waiting for the memo. [1]https://tech.slashdot.org/stor... [slashdot.org]
[1] https://tech.slashdot.org/story/18/01/29/0032252/fitness-tracking-app-reveals-locations-of-secret-army-bases
I use Strava (Score:3)
The workout analysis is cool but it's obviously a privacy problem just like the other social workout apps. The first thing I did to my fake name account with throwaway email is set all my activities to private.
is it really the app's fault? (Score:5, Insightful)
It's just doing its job tracing your workout route. Seems to me the real issue is Secret Service people carrying personal devices while on the job, or using work phones that are not managed properly when it comes to restricting app installs.
Physical security (Score:3)
No compromisable devices allowed past the security checkpoint. In this case, no non-government issued clean phones allowed in or around any government leader, their car, their airplane, their summer home, ...
Re:Physical security (Score:4, Insightful)
If you can get access to the cell towers near where you expect a VIP, it wouldn't take long to link particular signals to particular people. Once you've tagged a phone in your database, you can follow that person as long as the phone is on and able to be seen by the local towers. Even with location services off, you can triangulate well enough to follow a motorcade or tell when someone is stepping outside a building.
And (engaging Evil Genius mode), you could theoretically rig a drone carrying a small explosive to target the signal of your choice much like a missile can follow an IR designator. There are already drones out there that look like birds - multiple companies make them for surveillance. Do you think protection details are looking for suspicious seagulls 500 feet above them?
Re: (Score:2)
Not "while on the job," but off hours while on travel for a job.