Last November, Strava Labs launched a Global Heat Map for its fitness tracking app, which works in conjunction with fitness devices such as the Fitbit. It is billed as being the "largest, riches, and most beautiful dataset of its kind," but it's also proving a little too revealing for some military personnel. In can be deemed a security oversight, the heatmap is inadvertently revealing location data of soldiers at U.S. military bases.
Strava's heatmap uses GPS tracking and satellite information to pinpoint a subscriber's location and movements. It is not a live map, but an accumulation of activity recorded between 2015 and September 2017. In maps of densely populated places like the United States where there are millions of users, practically the entire map is lit up to reflect the recorded data. But in war zones and desert countries such as Iraq, it's a different story.
Places like Iraq an Syria have mostly dark maps, save for bits of scattered dots. When zoomed in, those lighted areas show the locations and outlines of U.S. military bases, including ones that have not been made public. The assumption is that there are soldiers in those areas who own fitness bands and are using Strava's app.
Obviously this is not what Strava had in mind. Nevertheless, it's happening, and the U.S.-led coalition against the Islamic State is now in the process of revising its guidelines on the use of all wireless devices at military locations.
"The rapid development of new and innovative information technologies enhances the quality of our lives but also poses potential challenges to operational security and force protection," the Coalition told The Washington Post. "The Coalition is in the process of implementing refined guidance on privacy settings for wireless technologies and applications, and such technologies are forbidden at certain Coalition sites and during certain activities."
Though the heatmap was posted a few months ago, it was only made public over the weekend after Nathan Ruser, an Australian student studying international security and the Middle East, discovered it. Upon closer examination, Ruser found that the heatmap could reveal sensitive information on the location of military bases, and posted his discovery to Twitter.