How a 20-year-old Australian student discovered U.S. military's secret sites

Twenty-year-old college student Nathan Ruser has an interest in the Syrian conflict and an affinity for maps.I...

Posted: Jan. 30, 2018 7:28 AM
Updated: Jan. 30, 2018 7:28 AM

Twenty-year-old college student Nathan Ruser has an interest in the Syrian conflict and an affinity for maps.

It's this combination that led him to discover the potential security risks posed by fitness app Strava.

On Friday night, the Australian came across a tweet of Strava's global heatmap, which was originally published in November 2017. Ruser noticed lit up in areas in regions of Syria and the Sahara, often not occupied by civilians, that indicated the presence of security forces working out near military bases and other sensitive locations.

His findings went viral over the weekend, exposing remote areas and conflict zones where military personnel and government officials are seemingly present. This sensitive information could be used to track the running routes and identify locations where personnel are deployed.

Strava, which allows users to share their running routes, tracks location data using GPS from Fitbit devices, smartphones, and other health tracking devices.

Ruser, who is studying international security and Middle Eastern studies at Australian National University, said he noticed the fitness activity "pretty much the second I scrolled over Syria."

"It is a bit surprising that it sort of sat there [for months]," Ruser said. "[The map] had that incredible amount of data that is quite sensitive."

Although Strava users can disable activity sharing, it appears those users did not.

The heatmap included a total of one billion global activity data points made public by Strava user's through September 2017. The company said it has tens of millions of users.

Ruser, who became interested in Syria's state of affairs in 2014 as a distraction from high school studies, initially hesitated about tweeting the findings. He even deleted his first tweet and later decided to repost it.

Related: US military reviewing security practices after fitness app reveals sensitive info

"If soldiers use the app like normal people do by turning it on tracking when they go to do exercise, it could be especially dangerous. This particular track looks like it logs a regular jogging route. I shouldn't be able to establish any Pattern of life info from this far away," read one of Ruser's tweets.

His tweets captured the attention of journalists.

"It got a lot more traction than I would have expected," said Ruser, who expected interest among data analysts, not mainstream media. "But I hoped that someone who has the power to address it could fix it in some way."

Ruser said he has not been contacted by Strava or military officials.

In a statement to CNN, Strava said the company is "committed to helping people better understand" its privacy settings.

"Our global heatmap represents an aggregated and anonymized view of over a billion activities uploaded to our platform. It excludes activities that have been marked as private and user-defined privacy zones," the statement said.

Article Comments

Mason City
Scattered Clouds
69° wxIcon
Hi: 73° Lo: 64°
Feels Like: 69°
Albert Lea
Scattered Clouds
68° wxIcon
Hi: 70° Lo: 63°
Feels Like: 68°
Austin
Broken Clouds
72° wxIcon
Hi: 72° Lo: 63°
Feels Like: 72°
Charles City
Overcast
68° wxIcon
Hi: 76° Lo: 65°
Feels Like: 68°
Rochester
Broken Clouds
70° wxIcon
Hi: 74° Lo: 63°
Feels Like: 70°
We're tracking additional showers and storms for tonight, but clearing will return for Friday.
KIMT Radar
KIMT Eye in the sky

Latest Video

Image

Donut Shop Reopens After Break-In

Image

Mohawks Eager to Start Season

Image

School Supplies Giveaway

Image

Protecting places of worship

Image

US Rep. Steve King discusses primary results

Image

Virgils to move to make room for new hotel

Image

Mayo Clinic announces expansion

Image

KIMT StormTeam 3 Weather Forecast (8-16-18)

Image

'Over the edge' event happening today

Image

KIMT StormTeam 3 Weather Forecast 8-16-18

Community Events