A MOBILE app that allows its users to track their jogging or cycling routes has highlighted activity in and around military locations, such as the Clyde naval base at Faslane.
The heatmap of GPS data showing the location of such bases and personal around the world, was inadvertently published by the app’s developer Strava.
People who create a free account can find other users who regularly use certain routes, potentially alerting terrorists or foreign powers to service personnel who may be on active duty.
HMNB Clyde – where the navy stores its nuclear weapons – is listed as one of the potentially sensitive locations around the UK, along with Sandhurst military academy and the government listening centre GCHQ.
A Strava spokesman said the heatmap “excludes activities that have been marked as private and user-defined privacy zones”.
“We are committed to helping people better understand our settings to give them control over what they share,” he added.
This is Strava fitness tracker data at HMNB Clyde, a military base where Britain's nuclear weapons are stored. How are the security checks so bad in these places, that employees are allowed to bring arbitrary electronic devices in close proximity to nukes? https://t.co/5BtgiZ4NNK pic.twitter.com/e9mQpPbGD4
— Mustafa Al-Bassam (@musalbas) 29 January 2018
Anyone can create an account for free and find routes, or “segments” around military bases.
The app also shows users who have publicly recorded their times on certain routes and many people on social media have pointed out that anyone could use such information to find other social media profiles for soldiers, sailors or air force personnel.
Nathan Ruser, a student from Canberra in Australia, identified what he believed was a regular jogging route for soldiers in Afghanistan.
He told the Sydney Morning Herald: “Hopefully it’s a learning experience for the different military communities and they can toe that line between convenience and security.”
Others identified a US base in Nigeria and app users at Bagram air base in Iraq.
International security expert Jeffrey Lewis illustrated on the Daily Beast website how anyone could identify users at a military base in Taiwan and potentially find other bases as a result.
“If our user casually jogging by Taiwanese missiles day after day suddenly appears deployed to a new location, well that’s very interesting if you are targeting missiles for China’s Rocket Force,” he wrote.
Users can to make their data private, but Lewis also raised concerns about whether data which has been set to private could be hacked.
Strava published a major update to the heatmap in November last year, including “six times more data than before”, but investigators only spotted the security breach at the weekend.
An MoD spokesman said: “The MoD takes the security of its personnel and establishments very seriously and keeps them under constant review.
“However, for obvious reasons we do not comment on our specific security arrangements or procedures.”
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereLast Updated:
Report this comment Cancel