davidbgk
/
larlet-fr-david-cache
Watch 1
Star 0
Fork 0
Code Releases 0 Activity
A place to cache linked articles (think custom and personal wayback machine)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
42 Commits
1 Branch
Tree: 2e4d51a7b7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2e4d51a7b7'
${ noResults }
larlet-fr-david-cache/cache/bbe65584db1ae537b0020054aae.../index.md

index.md 6.0KB
Raw Normal View History

Add cache data
4 years ago
 1234567891011121314151617181920212223242526 
  1. title: How we found the identity of military personnel using Strava

  2. url: https://nrkbeta.no/2018/01/31/how-we-found-the-identity-of-military-personnel-using-strava/

  3. hash_url: bbe65584db1ae537b0020054aaec042b

  4. 

  5. <p><strong>Strava allowed us to «run» along with military personnel on foreign deployment.</strong></p>

  6. <p>In November, Strava published an updated <a href="https://labs.strava.com/heatmap">heatmap</a> showing training activity around the world. Several people and media institutions have <a href="https://www.theguardian.com/world/2018/jan/28/fitness-tracking-app-gives-away-location-of-secret-us-army-bases">revealed military bases</a> around the world using the heatmap.</p>

  7. <p>When we first heard about this, we figured the map might be able to reveal even more sensitive information: <strong>What if we could find the <a href="https://www.nrk.no/urix/norwegian-soldiers-disclose-where-they-are-in-war-zones-1.13892695">identity of the soldiers</a> as well?</strong></p>

  8. <p>We had an idea that some of the features built into Strava might let us brute force that information.</p>

  9. <h2>Strava Flyby</h2>

  10. <p>Our editor is an avid user of Strava, and told us about a feature called <a href="https://labs.strava.com/flyby/">Flyby</a>.</p>

  11. <p>In simple terms, Flyby lets you see other users who had been training in the same area at the same time.</p>

  12. <figure id="attachment_51876"  class="wp-caption alignnone"><img src="https://nrkbeta.no/wp-content/uploads/2018/01/flyby-950x690.jpg" alt="" width="950" height="690" class="size-large wp-image-51876" srcset="https://nrkbeta.no/wp-content/uploads/2018/01/flyby-950x690.jpg 950w, https://nrkbeta.no/wp-content/uploads/2018/01/flyby-620x450.jpg 620w, https://nrkbeta.no/wp-content/uploads/2018/01/flyby-768x558.jpg 768w, https://nrkbeta.no/wp-content/uploads/2018/01/flyby-250x182.jpg 250w, https://nrkbeta.no/wp-content/uploads/2018/01/flyby-550x400.jpg 550w, https://nrkbeta.no/wp-content/uploads/2018/01/flyby-800x581.jpg 800w, https://nrkbeta.no/wp-content/uploads/2018/01/flyby-248x180.jpg 248w, https://nrkbeta.no/wp-content/uploads/2018/01/flyby-413x300.jpg 413w, https://nrkbeta.no/wp-content/uploads/2018/01/flyby-688x500.jpg 688w, https://nrkbeta.no/wp-content/uploads/2018/01/flyby-1450x1053.jpg 1450w" sizes="(max-width: 1450px) 1450vw, 1450px" /><figcaption class="wp-caption-text">Promotional image of Flyby from Strava&#8217;s website. Screendump: Strava</figcaption></figure>

  13. <p>We quickly realized this might be possible to exploit: <strong>What if we create fake GPS routes in areas where we know NATO soldiers have been on missions?</strong> </p>

  14. <h2>Fake running</h2>

  15. <p>By using the heatmap, we found active rural sites in Syria, Iraq and Afghanistan where we assumed the local population weren&#8217;t active Strava users.</p>

  16. <p>First, we talked about setting up a <a href="https://nrkbeta.no/2017/09/18/gps-freaking-out-maybe-youre-too-close-to-putin/">GPS spoofing device</a> inside of a Faraday cage, and thereby tricking Strava into thinking our device was actually at the relevant spots in Syria, Iraq and Afghanistan. We ditched this plan pretty quickly because the maximum spoofing time our device supported was five minutes, which is a bit too short for reliably being able to find other joggers.</p>

  17. <p><strong>Instead, we took the relevant areas into a GPS editing tool, and created a fake running track corresponding to the heated areas from Strava&#8217;s heatmap.</strong></p>

  18. <p>After generating the tracks, we exported them to GPX files. The GPX files were put through a Python script which created hundreds of different versions of the file, varying in date, time and running speed. We also added a bit of randomness in how the track was generated on each iteration.</p>

  19. <figure id="attachment_51874"  class="wp-caption alignnone"><img src="https://nrkbeta.no/wp-content/uploads/2018/01/pyscript-950x389.gif" alt="" width="950" height="389" class="size-large wp-image-51874" srcset="https://nrkbeta.no/wp-content/uploads/2018/01/pyscript-950x389.gif 950w, https://nrkbeta.no/wp-content/uploads/2018/01/pyscript-620x254.gif 620w, https://nrkbeta.no/wp-content/uploads/2018/01/pyscript-768x315.gif 768w, https://nrkbeta.no/wp-content/uploads/2018/01/pyscript-250x102.gif 250w, https://nrkbeta.no/wp-content/uploads/2018/01/pyscript-550x225.gif 550w, https://nrkbeta.no/wp-content/uploads/2018/01/pyscript-800x328.gif 800w, https://nrkbeta.no/wp-content/uploads/2018/01/pyscript-439x180.gif 439w, https://nrkbeta.no/wp-content/uploads/2018/01/pyscript-732x300.gif 732w, https://nrkbeta.no/wp-content/uploads/2018/01/pyscript-1220x500.gif 1220w, https://nrkbeta.no/wp-content/uploads/2018/01/pyscript-1450x594.gif 1450w" sizes="(max-width: 1450px) 1450vw, 1450px" /><figcaption class="wp-caption-text">Part of the Python script responsible for creating the daily versions of the track.</figcaption></figure>

  20. <p>We made some simple assumptions, like the fact that most people don&#8217;t go out jogging mid-day in areas where the temperature easily reaches 40 Celcius. Most of our fake trips occurred during dusk or dawn.</p>

  21. <p>We ended up at just below 1000 fake trips, which we batch uploaded to our Strava account.</p>

  22. <p>After the trips were uploaded, we manually went through each of the routes in Strava Flyby to check for other users in the same area. This was the boring and time consuming part of the process.</p>

  23. <p>But it proved effective:</p>

  24. <p><strong>Within a couple of hours, we <a href="https://www.nrk.no/urix/norwegian-soldiers-disclose-where-they-are-in-war-zones-1.13892695">were able to map the identity of 18 people</a> from Norway, Denmark, USA, France, Netherland, Italy and England.</strong></p>

  25. <p>This is not a critique of Strava&#8217;s security: For it&#8217;s actual purpose, Flyby has real value. The problem is human: Understanding the implications of recording and broadcasting location data, when your current situation might make it a matter of life and death.  </p>

  26. <p><em><a href="https://www.nrk.no/urix/norwegian-soldiers-disclose-where-they-are-in-war-zones-1.13892695">Read the news story here.</a></em>  </p>