Strava app data leaks reveal security flaw for world leaders
Tracking activity in fitness apps can be misleading, even with the highest privacy and security precautions. This issue includes Vladimir Putin's staff, who, as revealed by Le Monde, shared their location information online via the Strava app.
6:06 PM EDT, October 30, 2024
According to Le Monde, unauthorized individuals could, through analysis, accurately determine the locations of FSB officers and consequently pinpoint Vladimir Putin's location. This problem also impacts other protective officers of important figures like Emmanuel Macron and U.S. presidents. Lack of awareness or insufficient configuration care in the personal use of the Strava app on phones can, as in these situations, expose highly sensitive information about these leaders.
This is just one example demonstrating the type of information that can be accessed from the seemingly safe, statistical analysis of publicly shared location data in fitness-tracking apps. Several years ago, it was discovered that such data allowed unauthorized individuals to reconstruct the paths taken by soldiers who inadvertently "drew" routes on a map while moving in a set pattern over an area.
The service unian.ua highlights that these oversights enabled tracking the professional activities of FSB officers online without their knowledge. This led to further revelations, such as confirming Putin's presence in strictly confidential locations or a palace he previously denied owning.
Naturally, these cases do not suggest that a private user of a fitness app should completely avoid such conveniences. However, it might be advisable to do so for complete privacy.
It's worth noting that the data collected by these apps is anonymous. As long as it doesn't involve a large group of people moving in a specific pattern, drawing definitive conclusions and identifying a particular user is challenging. This example highlights the alarming oversights among high-level services, where such lapses should not occur.
