benignintervention@lemmy.world
on 28 Oct 20:32
nextcollapse
I used this exact thing as a teaching aid when I taught the ROTC opsec lesson. Also scared a couple kids pale when I told them Snapchat keeps a 6-month record of everything you send
granolabar@kbin.melroy.org
on 28 Oct 20:36
nextcollapse
Also scared a couple kids pale when I told them Snapchat keeps a 6-month record of everything you send
Trump is such an incompetent clown that he has a comedian thrash on US citizens in a US territory as a bigoted racist warm up act for his rallies. What do you think.
sugar_in_your_tea@sh.itjust.works
on 28 Oct 20:36
nextcollapse
What does that have to do with the French newspaper Le Monde?
fibojoly@sh.itjust.works
on 29 Oct 11:53
nextcollapse
You think the rest of the world doesn’t follow the news when a lunatic is in the run with an actual chance of getting elected?
Turns out we have journalists, in France!
raynethackery@lemmy.world
on 29 Oct 17:50
collapse
Trump is not responsible for his security though, secret service is. Would think that those guys would know to not wear random trackers with them
Bridger@sh.itjust.works
on 28 Oct 21:20
nextcollapse
Pretty sure the secret service is responsible for protecting Trump. The rest of his campaign security is the job of the campaign, which is famously cheap.
sugar_in_your_tea@sh.itjust.works
on 31 Oct 14:56
collapse
And it’s in the Secret Service’s interest to have certain rules for any additional security operating an an event they’re responsible for protecting. That’s literally their job…
Yes but thr farther they get from the protected the less oversight.
sugar_in_your_tea@sh.itjust.works
on 01 Nov 15:23
collapse
I guess that depends on the reason they’re further from the VIP. If it’s because they’re prepping for a visit, it should have just as much oversight as if they’re with the individual. If they’re merely doing mundane work (say, cleaning up after a visit), then sure, allow some leeway. But in general, if they’re on the clock, they shouldn’t have any trackers outside of ones issued for the purposes of their job.
Sweetpeaches69@lemmy.world
on 29 Oct 05:12
nextcollapse
I’m not sure if it’s still valid, but there was that whole debacle where he fired every secret service agent except for ones that backed him politically.
ChickenLadyLovesLife@lemmy.world
on 29 Oct 13:23
collapse
Would you think those guys would know to do something about a dude on a roof with a rifle?
The article noted that the agents can’t use their personal devices while on duty but of course they can while they are off duty. It mentioned that one of the guards took a jog while off duty, but that jog was from the hotel the President was staying at.
curbstickle@lemmy.dbzer0.com
on 28 Oct 22:24
collapse
Still the agents mistake.
They could set the start/finish area to be masked, they could set their run info as private, they could have just the run stats (but no GPS) shared, etc.
This isn’t a strava issue, just Secret Service Agents being bad about Secrets when doing their Service.
They should definitely know better, especially as a few years ago it was in the news how you could map some US bases by the runs that soldiers were doing
It goes both ways. Companies are able to track way more data than they should be able to and users are bad at avoiding or even being aware of it, including many who should have security concerns at the top of their mind.
sugar_in_your_tea@sh.itjust.works
on 31 Oct 14:55
collapse
It makes sense for an app like Strava to track location, because that’s literally its purpose. It doesn’t make sense for a bodyguard to be using an app like Strava.
I’d prefer if that information was stored locally and wasn’t usable by anyone at Strava to just look up where someone is and/or has been.
sugar_in_your_tea@sh.itjust.works
on 31 Oct 15:27
collapse
Same, but Strava is literally a social media app where you’re comparing your routes to other peoples’ routes. I used to use it because I liked tracking personal progress, but ended up bailing after a few months because I really don’t want any of the social nonsense.
That said, Strava isn’t the one that should be punished/regulated here, they’re just offering a service people find value in. The real ones at fault are the bodyguards, who should absolutely know better and be much more careful about electronic equipment they and anyone involved carries.
Ah, I haven’t used it so didn’t realize there was a social aspect to it, that makes sense, though I don’t think the social nonsense is worth giving that kind of data to the parent company. Though I suppose the leaks in this case were just from people looking up the bodyguards on the service? Is there an option to set your profile to private?
But yeah, I’d agree that anyone who doesn’t want their location to be shared shouldn’t be using that, especially when there’s security concerns.
Though just carrying a cell phone at all gives some people access to your full location information, if they care to track it.
sugar_in_your_tea@sh.itjust.works
on 31 Oct 16:50
collapse
From the article:
Le Monde found that some U.S. Secret Service agents use the Strava fitness app.
…
Le Monde also found Strava users among the security staff for French President Emmanuel Macron and Russian President Vladimir Putin. In one example, Le Monde traced the Strava movements of Macron’s bodyguards to determine that the French leader spent a weekend in the Normandy seaside resort of Honfleur in 2021. The trip was meant to be private and wasn’t listed on the president’s official agenda.
So yes, they basically did a bit of journalism to figure out who the bodyguards were, and looked them up on the app.
Is there an option to set your profile to private?
You must approve or deny Strava community members before they can follow you. You can find out more about managing your follow requests in our previous tip: How to approve or deny Strava follower requests.
Non-Followers who are logged in to Strava will be unable to see your full profile.
A logged out version of your profile won’t be available on the internet.
I’m not sure what “full profile” vs “partial profile” means in this case, but there is a setting for it. I set mine to private when I used it some years ago, but I bailed because I honestly didn’t find much value in it. I mostly used it for route planning, but eventually found a better app for it when they changed what features are part of the free vs paid tiers (and that impacted route planning IIRC).
Regardless, a bodyguard to an important individual like a head of state/government shouldn’t be using anything that tracks location, regardless of what the policies of the app are. Keep that on personal devices, and leave those behind when doing a job w/ an important person.
Though just carrying a cell phone at all gives some people access to your full location information, if they care to track it.
Sure, network operators certainly have access, and there’s a good argument that only short-range radios should be used by security professionals when on an assignment. If they must carry a phone, it should probably have the radios disabled, or they should have some tech in place to change where they appear to be located (e.g. repeaters).
And I agree that maybe they should be using something else. Though one risk with using something that few others are using is that it can also be used for targeting and tracking. Like if someone knows the bodyguards use shortwave communicators and that there’s an event at some location, they could have drones set up to just target those frequencies when they see them.
It’ll always be an arms race, at least if the players realize they are in an arms race and don’t just willingly carry tracking devices.
sugar_in_your_tea@sh.itjust.works
on 31 Oct 18:13
collapse
They’d probably just use whatever bands the local police use, and those communications are encrypted as well. So to an outside observer, they could see that someone is chatting on the police bands, but they wouldn’t know if it’s the local police or something more interesting.
And these types of events typically establish a no-fly zone large enough that an attacker wouldn’t know where they’re coming from, even if they knew the exact location of the event (i.e. a campaign rally). It’s still possible, but there’s a lot that the Secret Service can and does do to mitigate tracking risks.
Imgonnatrythis@sh.itjust.works
on 28 Oct 21:03
collapse
Hmm, so he’s not a fitness buff… Maybe we could track him by looking at state library databases and seeing when and where he has most recently checked out library books??
granolabar@kbin.melroy.org
on 28 Oct 20:06
nextcollapse
Secret service lets them use normie phones loaded with normie apps?
I’ve intuited, maybe correctly, the service has become changed over the years and is not what it once was. Stuff like this makes me think that maybe my armchair analysis is correct
roofuskit@lemmy.world
on 28 Oct 22:55
nextcollapse
Considering Trump almost got his head blown off because they let a guy sit on a roof with a rifle at a political rally for 5 minutes… that’s not a stretch.
I find this to be a breakdown of training, because the training was pretty clear years ago when I had clearance with the navy that we were never to use apps like this that could disclose location, not just while on-duty or on base, but at any time that our location could be given away. We were specifically not allowed to have Fitbits or other smart watches (Fitbit was the big one at the time) that could share location and any apps that wanted to know our location (yes, on our personal phones) needed to be cleared by IT because we were people that had been granted clearance and therefore could not give away critical location information.
The big scandal that got a lot of people into trouble was Pokemon Go, because not only did it use location, but I guess it used camera too? I didn't know, I didn't play it, but using cameras on base was a HUGE no-no, so using an app that shared location AND picture during your lunch break broke the brains of the COs.
It seems so weird to me that this is something that is so widespread right now. I didn't work for the navy anymore and haven't in a while, but I still follow the basic safety protocols about not sharing sensitive information.
yeahiknow3@lemmings.world
on 29 Oct 01:53
nextcollapse
And hopefully does something about. Disciplinary for the poor OPSEC and/or better resources to avoid it and/or better laws to stop this unfettered data collection and/or better training to avoid it in the future. Here’s hoping.
Holds breath
mannycalavera@feddit.uk
on 29 Oct 07:43
nextcollapse
You won’t need Strava to know Joe’s at the ice cream parlour. Pffffff.
BlackEco@lemmy.blackeco.com
on 29 Oct 07:42
nextcollapse
I still don’t get why Strava activities are public by default and why they do not make their users aware of it. I remember having to rummage through the settings to make activities private by default.
SaharaMaleikuhm@feddit.org
on 29 Oct 14:27
nextcollapse
Crazy. What’s next? Can they track us with our phones too? 🤯
Just like Angela Merkel’s upset remark “you don’t spy on your friends”.
Well yes, dear Angela, they spy on everyone. And it’s telling that the outrage came only because she was personally affected. The peasants’ data and personal lives are fair game.
flop_leash_973@lemmy.world
on 29 Oct 17:52
nextcollapse
I am less surprised that the information is out there than I am that the bodyguards of such people are allowed to either bring along their personal devices or install random crap from the public app stores on their work devices.
I have a sports watch and the corresponding fitness app. I can confirm. “Sitting on one’s ass at the restaurant” is not a fitness activity. HOWEVER. Some of my activities (e.g. walks) do terminate near fast food jonts. …I dread what that kind of data analysis would yield on a major political figure.
threaded - newest
The military had a similar problem with fitness apps for a while.
wired.com/…/strava-heat-map-military-bases-fitnes…
I used this exact thing as a teaching aid when I taught the ROTC opsec lesson. Also scared a couple kids pale when I told them Snapchat keeps a 6-month record of everything you send
Dick pics never get wiped 🐸
That app probably
Only 6 months? Honestly I’m surprised it’s so short of time frame.
I guess to be more specific, you can request 6 months of your data
Ah that makes more sense
They probably horde that data like a Dragon hordes gold
The NSA has entire datacenters just to store your data.
Never know what might come in handy.
Some science magazines guessed something big was going on when many of their subscribers changed the delivery address to New Mexico.
They were working on the Manhattan Project.
Unlike this, fitness apps don’t require external connectivity or computing resources not satisfied by today’s handheld devices.
What! There’s no way Trump uses Strava.
reads article
Oh, the bodyguards… that makes sense and is kinda smart to investigate.
Why would they let bodyguards use tracking apps? Are we really that bad at opsec?
Trump is such an incompetent clown that he has a comedian thrash on US citizens in a US territory as a bigoted racist warm up act for his rallies. What do you think.
What does that have to do with the French newspaper Le Monde?
You think the rest of the world doesn’t follow the news when a lunatic is in the run with an actual chance of getting elected?
Turns out we have journalists, in France!
I don’t know. I don’t read Le Monde.
Trump is not responsible for his security though, secret service is. Would think that those guys would know to not wear random trackers with them
Pretty sure the secret service is responsible for protecting Trump. The rest of his campaign security is the job of the campaign, which is famously cheap.
And it’s in the Secret Service’s interest to have certain rules for any additional security operating an an event they’re responsible for protecting. That’s literally their job…
Yes but thr farther they get from the protected the less oversight.
I guess that depends on the reason they’re further from the VIP. If it’s because they’re prepping for a visit, it should have just as much oversight as if they’re with the individual. If they’re merely doing mundane work (say, cleaning up after a visit), then sure, allow some leeway. But in general, if they’re on the clock, they shouldn’t have any trackers outside of ones issued for the purposes of their job.
I’m not sure if it’s still valid, but there was that whole debacle where he fired every secret service agent except for ones that backed him politically.
Would you think those guys would know to do something about a dude on a roof with a rifle?
Maybe, having worked closely enough with Trump to have an even better idea of who he is than most, it was a choice rather than incompetence.
The article noted that the agents can’t use their personal devices while on duty but of course they can while they are off duty. It mentioned that one of the guards took a jog while off duty, but that jog was from the hotel the President was staying at.
Still the agents mistake.
They could set the start/finish area to be masked, they could set their run info as private, they could have just the run stats (but no GPS) shared, etc.
This isn’t a strava issue, just Secret Service Agents being bad about Secrets when doing their Service.
They should definitely know better, especially as a few years ago it was in the news how you could map some US bases by the runs that soldiers were doing
Yup
Wrong question LOL. Better ask:
Are we really that bad at allowing tracking?
Yes you are. And once the data is collected, people are going to do things with the data.
It goes both ways. Companies are able to track way more data than they should be able to and users are bad at avoiding or even being aware of it, including many who should have security concerns at the top of their mind.
It makes sense for an app like Strava to track location, because that’s literally its purpose. It doesn’t make sense for a bodyguard to be using an app like Strava.
I’d prefer if that information was stored locally and wasn’t usable by anyone at Strava to just look up where someone is and/or has been.
Same, but Strava is literally a social media app where you’re comparing your routes to other peoples’ routes. I used to use it because I liked tracking personal progress, but ended up bailing after a few months because I really don’t want any of the social nonsense.
That said, Strava isn’t the one that should be punished/regulated here, they’re just offering a service people find value in. The real ones at fault are the bodyguards, who should absolutely know better and be much more careful about electronic equipment they and anyone involved carries.
Ah, I haven’t used it so didn’t realize there was a social aspect to it, that makes sense, though I don’t think the social nonsense is worth giving that kind of data to the parent company. Though I suppose the leaks in this case were just from people looking up the bodyguards on the service? Is there an option to set your profile to private?
But yeah, I’d agree that anyone who doesn’t want their location to be shared shouldn’t be using that, especially when there’s security concerns.
Though just carrying a cell phone at all gives some people access to your full location information, if they care to track it.
From the article:
So yes, they basically did a bit of journalism to figure out who the bodyguards were, and looked them up on the app.
Yes, but I’m not sure what workarounds exist to view private data. Here’s a forum post about it:
I’m not sure what “full profile” vs “partial profile” means in this case, but there is a setting for it. I set mine to private when I used it some years ago, but I bailed because I honestly didn’t find much value in it. I mostly used it for route planning, but eventually found a better app for it when they changed what features are part of the free vs paid tiers (and that impacted route planning IIRC).
Regardless, a bodyguard to an important individual like a head of state/government shouldn’t be using anything that tracks location, regardless of what the policies of the app are. Keep that on personal devices, and leave those behind when doing a job w/ an important person.
Sure, network operators certainly have access, and there’s a good argument that only short-range radios should be used by security professionals when on an assignment. If they must carry a phone, it should probably have the radios disabled, or they should have some tech in place to change where they appear to be located (e.g. repeaters).
Thanks for the detail!
And I agree that maybe they should be using something else. Though one risk with using something that few others are using is that it can also be used for targeting and tracking. Like if someone knows the bodyguards use shortwave communicators and that there’s an event at some location, they could have drones set up to just target those frequencies when they see them.
It’ll always be an arms race, at least if the players realize they are in an arms race and don’t just willingly carry tracking devices.
They’d probably just use whatever bands the local police use, and those communications are encrypted as well. So to an outside observer, they could see that someone is chatting on the police bands, but they wouldn’t know if it’s the local police or something more interesting.
And these types of events typically establish a no-fly zone large enough that an attacker wouldn’t know where they’re coming from, even if they knew the exact location of the event (i.e. a campaign rally). It’s still possible, but there’s a lot that the Secret Service can and does do to mitigate tracking risks.
Yes, and we’re in denial about it.
Hmm, so he’s not a fitness buff… Maybe we could track him by looking at state library databases and seeing when and where he has most recently checked out library books??
Secret service lets them use normie phones loaded with normie apps?
No. At least not while they were on duty.
But they used their device while off-duty, but at the same hotel they were at.
You’d think the secret service were better at opsec than random soldiers getting their helicopters blown up.
I’ve intuited, maybe correctly, the service has become changed over the years and is not what it once was. Stuff like this makes me think that maybe my armchair analysis is correct
Considering Trump almost got his head blown off because they let a guy sit on a roof with a rifle at a political rally for 5 minutes… that’s not a stretch.
No, people have always been shit at stuff like this.
I find this to be a breakdown of training, because the training was pretty clear years ago when I had clearance with the navy that we were never to use apps like this that could disclose location, not just while on-duty or on base, but at any time that our location could be given away. We were specifically not allowed to have Fitbits or other smart watches (Fitbit was the big one at the time) that could share location and any apps that wanted to know our location (yes, on our personal phones) needed to be cleared by IT because we were people that had been granted clearance and therefore could not give away critical location information.
The big scandal that got a lot of people into trouble was Pokemon Go, because not only did it use location, but I guess it used camera too? I didn't know, I didn't play it, but using cameras on base was a HUGE no-no, so using an app that shared location AND picture during your lunch break broke the brains of the COs.
It seems so weird to me that this is something that is so widespread right now. I didn't work for the navy anymore and haven't in a while, but I still follow the basic safety protocols about not sharing sensitive information.
Oh my god who cares.
I can imagine the secret service will.
And hopefully does something about. Disciplinary for the poor OPSEC and/or better resources to avoid it and/or better laws to stop this unfettered data collection and/or better training to avoid it in the future. Here’s hoping. Holds breath
You won’t need Strava to know Joe’s at the ice cream parlour. Pffffff.
I still don’t get why Strava activities are public by default and why they do not make their users aware of it. I remember having to rummage through the settings to make activities private by default.
Crazy. What’s next? Can they track us with our phones too? 🤯
Politicians when they realize the commercialized espionage they’ve allowed also applies to them:
Just like Angela Merkel’s upset remark “you don’t spy on your friends”.
Well yes, dear Angela, they spy on everyone. And it’s telling that the outrage came only because she was personally affected. The peasants’ data and personal lives are fair game.
.
Don’t be coy, tell us what you think we should be using it for.
So I can get close enough to airdrop photos of my penis to the president of the United States. What did you think I was going to use it for?
For saying hi of course c:
I am less surprised that the information is out there than I am that the bodyguards of such people are allowed to either bring along their personal devices or install random crap from the public app stores on their work devices.
Trump’s tracking: Golf, golf, McDs, court, golf, golf, court, Mcds, McDs, McDs, golf…
There’s no way Trump’s usual McDs is in person
He has staff procure it for him
I have a sports watch and the corresponding fitness app. I can confirm. “Sitting on one’s ass at the restaurant” is not a fitness activity. HOWEVER. Some of my activities (e.g. walks) do terminate near fast food jonts. …I dread what that kind of data analysis would yield on a major political figure.
The article said that they track the movements of bodyguards. I doubt Trump or Biden use anything remotely related to fitness. Obama might have.
What is this “fitness” they speak of? It seems to be from overseas. Could someone explain this to an American like me?