Nathan Ruser, a 20-year-old Australian National University student who is majoring in international security with a keen interest in cartography, discovered a fitness app had revealed the locations of secret military sites in Syria and elsewhere. He posted on Twitter about this, did not expect much response.
But the news ricocheted across the internet. Security experts said the Strave app’s “heat map” could be used by hostile entities glean valuable intelligence. The Pentagon said it was reviewing the situation.
How he found the news?
“Whoever thought that operational security could be wrecked by a Fitbit?” Mr. Ruser, said in an interview with New York Times from Thailand, where he is spending part of the Australian summer break.
When he looked over Syria on Strava’s map — which is based on location data from millions of users, including military personnel, who share their exercise activity — the area “lit up with those U.S. bases,” he said.
Before publicly sharing his findings over the weekend, he discussed them in a private chat group on Twitter, made up of people interested in intelligence and security issues. “I know about two-thirds of what I know about the world from the group chats,” he said.
What did he do exactly?
This is the very Twitter ricocheted on the internet:
Strava released their global heatmap. 13 trillion GPS points from their users (turning off data sharing is an option). https://t.co/hA6jcxfBQI … It looks very pretty, but not amazing for Op-Sec. US Bases are clearly identifiable and mappable pic.twitter.com/rBgGnOzasq
— Nathan Ruser (@Nrg8000) January 27, 2018
On January 27th, earlier that day, we can see he was active about GIS analysis: but not very much people noticed according to the number of “retweets” and “likes”.
He continued, and the reaction is stronger:
And some peers, who have more followers, have responded:
Then the media:
And that’s assumably how he evoked people’s attention.
Why this finding is important to him?
From an interview with NYT, Mr. Ruser said he hopes to spend a semester abroad in Myanmar before graduating next year. He said he has written 7,000 words of an article about a pro-government militia in northern Myanmar, which he plans to send to Bellingcat, an open-source citizen journalism site when it’s finished.
Like many 20-year-olds, he is not sure what he wants to do after graduation.
“He’s obviously got some seriously great skills,” Ms. Cave, a senior analyst at the Australian Strategic Policy Institute, said. “It would be crazy for groups in this space not to nab somebody like that.” In fact, she said, she was thinking of asking him if he would be interested in an internship.
What is Strava’s heat map?
It is a data visualization showing activities of its users around the world. And Strava has been built its database from one billion activities – some three trillion points of data.
How does Strava work?
Strava is a social media mobile app for sports-lovers that uses GPS to track a subscriber’s exercise activity. It now has 27 million users around the world.
What can we spot?
In Afghanistan, two of the largest coalition bases in the country — Bagram Airfield, north of Kabul; and Kandahar Airfield, in southern Afghanistan — can easily be picked out.
RAF Mount Pleasant in the Falkland Islands is lit up, reflecting the exercise regimes of the thousand British personnel there – as are nearby Lake Macphee and Gull Island Pond, apparently popular swimming spots.
The headquarters of GCHQ, in Cheltenham, England, is just one of the sensitive sites to be crisscrossed with GPS activity, suggesting that spies and intelligence analysts are recording and uploading their commutes or lunchtime runs:
Similar activity can be seen around the CIA headquarters in Langley, Virginia:
Why is this significant?
Our modern electronic age means that we all move around with a number of “signatures”; we send and receive a variety of signals, all of which can be tracked.
Each piece of evidence is a fragment, but when added together it could pose a significant risk to security – in this case highlighting the location of formerly secret bases or undisclosed patterns of military activity.
— By Jonathan Marcus, defense and diplomatic correspondent
Big OPSEC [operations security] and PERSEC [personal security] fail, Patrol routes, isolated patrol bases, lots of stuff that could be turned into actionable intelligence.
— tweeted Nick Waters, a former British army officer who pinpointed the location of his former base in Afghanistan using the map.
Where can you start?
Here’s some heat map for your reference:
Another example about heatmap is the report from New York Times, How a Police Chief, a Governor and a Sociologist Would Spend $100 Billion to Solve the Opioid Crisis, which asks 30 experts to think about solutions to the opioid crisis after it is defined as a public health emergency in October by American president Trump.
Purple, red, blue and green stand for four major areas relatively: treatment, harm reduction, demand and supply. Different transparency of these four colors means specific solutions. The more experts the solution is supported by, the deeper the color is. The fewer experts the solution is supported by, the lighter the color is.
Take treatment as an example, 18% of the experts are for medication-assisted treatment, which is the most favorable one, and it is the darkest grape. On the contrary, 4% of the experts are for pre-trial diversion, which is the least favorable one, and it is the lightest grape.
The distribution of the panelists’ personal color table can tell main focus and stance of them. Because every rectangle inside the table stands for one solution the expert support, and the bigger it is, the more important the expert think it is.
Bogle, A. (2018, January 29). Strava has published details about secret military bases, and an Australian was the first to know. Retrieved February 21, 2018, from http://www.abc.net.au/news/science/2018-01-29/strava-heat-map-shows-military-bases-and-supply-routes/9369490
Fitness app Strava lights up staff at military bases. (2018, January 29). Retrieved February 21, 2018, from http://www.bbc.com/news/technology-42853072
Hern, A. (2018, January 28). Fitness tracking app Strava gives away the location of secret US army bases. Retrieved February 21, 2018, from https://www.theguardian.com/world/2018/jan/28/fitness-tracking-app-gives-away-location-of-secret-us-army-bases?CMP=fb_gu
Hern, A. (2018, January 29). Strava suggests military users ‘opt out’ of heatmap as row deepens. Retrieved February 21, 2018, from https://www.theguardian.com/technology/2018/jan/29/strava-secret-army-base-locations-heatmap-public-users-military-ban
Kwai, I. (2018, January 30). What He Did on His Summer Break: Exposed a Global Security Flaw. Retrieved February 21, 2018, from https://www.nytimes.com/2018/01/30/world/australia/strava-heat-map-student.html
Katz, J. (2018, February 14). How a Police Chief, a Governor and a Sociologist Would Spend $100 Billion to Solve the Opioid Crisis. Retrieved February 21, 2018, from https://www.nytimes.com/interactive/2018/02/14/upshot/opioid-crisis-solutions.html
(2018, January 29). Pentagon to review security after Strava reveals sensitive information. Retrieved February 21, 2018, from https://www.theguardian.com/us-news/2018/jan/29/pentagon-strava-fitness-security-us-military
Robb, D. (2017, November 01). The Global Heatmap, Now 6x Hotter – strava-engineering – Medium. Retrieved February 21, 2018, from https://medium.com/strava-engineering/the-global-heatmap-now-6x-hotter-23fc01d301de?_branch_match_id=494832556960728198
Russell, J. (2018, January 28). Fitness app Strava exposes the location of military bases. Retrieved February 21, 2018, from https://techcrunch.com/2018/01/28/strava-exposes-military-bases/
Sly, L. (2018, January 29). U.S. soldiers are revealing sensitive and dangerous information by jogging. Retrieved February 21, 2018, from https://www.washingtonpost.com/world/a-map-showing-the-users-of-fitness-devices-lets-the-world-see-where-us-soldiers-are-and-what-they-are-doing/2018/01/28/86915662-0441-11e8-aa61-f3391373867e_story.html?utm_term=.1d2acf6d7132
Sly, L., Lamothe, D., & Timberg, C. (2018, January 29). U.S. military reviewing its rules after fitness trackers exposed sensitive data. Retrieved February 21, 2018, from https://www.washingtonpost.com/world/the-us-military-reviews-its-rules-as-new-details-of-us-soldiers-and-bases-emerge/2018/01/29/6310d518-050f-11e8-aa61-f3391373867e_story.html?utm_term=.29ae10524fa6
Strava Global Heatmap. (n.d.). Retrieved February 21, 2018, from https://labs.strava.com/heatmap/#7.00/-120.90000/38.36000/hot/all
Triebert, C., Koettl, C., & TiefenthÄler, A. (2018, January 30). How Strava’s Heat Map Uncovers Military Bases. Retrieved February 21, 2018, from https://www.nytimes.com/video/world/middleeast/100000005705502/big-data-big-problems-how-stravas-heat-map-uncovers-military-bases.html?action=click&contentCollection=world&module=lede®ion=caption&pgtype=article
Whyte, S. (2018, January 29). ANU student reveals location of US military bases. Retrieved February 21, 2018, from http://www.smh.com.au/national/anu-student-reveals-location-of-us-military-bases-20180129-h0pxxe.html
Author/ Zhao Shuang and WANG Ziwei ( JOUR2106 Data Visualisation (2018) – Group 3 )
Editor/ Jessie Pang
Data News of the Week (DNW) is a weekly issue of news summaries hand picked by our editors. It features a GLOCAL (global+local) perspective for the topic of concern. It tracks the latest developments from the industry and academics for methodology, tools, datasets and news agenda.