• @Buddahriffic
    link
    English
    19 hours ago

    Ah, I haven’t used it so didn’t realize there was a social aspect to it, that makes sense, though I don’t think the social nonsense is worth giving that kind of data to the parent company. Though I suppose the leaks in this case were just from people looking up the bodyguards on the service? Is there an option to set your profile to private?

    But yeah, I’d agree that anyone who doesn’t want their location to be shared shouldn’t be using that, especially when there’s security concerns.

    Though just carrying a cell phone at all gives some people access to your full location information, if they care to track it.

    • @[email protected]
      link
      fedilink
      English
      28 hours ago

      From the article:

      Le Monde found that some U.S. Secret Service agents use the Strava fitness app.

      Le Monde also found Strava users among the security staff for French President Emmanuel Macron and Russian President Vladimir Putin. In one example, Le Monde traced the Strava movements of Macron’s bodyguards to determine that the French leader spent a weekend in the Normandy seaside resort of Honfleur in 2021. The trip was meant to be private and wasn’t listed on the president’s official agenda.

      So yes, they basically did a bit of journalism to figure out who the bodyguards were, and looked them up on the app.

      Is there an option to set your profile to private?

      Yes, but I’m not sure what workarounds exist to view private data. Here’s a forum post about it:

      Profile set to “Followers”

      • You must approve or deny Strava community members before they can follow you. You can find out more about managing your follow requests in our previous tip: How to approve or deny Strava follower requests.
      • Non-Followers who are logged in to Strava will be unable to see your full profile.
      • A logged out version of your profile won’t be available on the internet.

      I’m not sure what “full profile” vs “partial profile” means in this case, but there is a setting for it. I set mine to private when I used it some years ago, but I bailed because I honestly didn’t find much value in it. I mostly used it for route planning, but eventually found a better app for it when they changed what features are part of the free vs paid tiers (and that impacted route planning IIRC).

      Regardless, a bodyguard to an important individual like a head of state/government shouldn’t be using anything that tracks location, regardless of what the policies of the app are. Keep that on personal devices, and leave those behind when doing a job w/ an important person.

      Though just carrying a cell phone at all gives some people access to your full location information, if they care to track it.

      Sure, network operators certainly have access, and there’s a good argument that only short-range radios should be used by security professionals when on an assignment. If they must carry a phone, it should probably have the radios disabled, or they should have some tech in place to change where they appear to be located (e.g. repeaters).

      • @Buddahriffic
        link
        English
        27 hours ago

        Thanks for the detail!

        And I agree that maybe they should be using something else. Though one risk with using something that few others are using is that it can also be used for targeting and tracking. Like if someone knows the bodyguards use shortwave communicators and that there’s an event at some location, they could have drones set up to just target those frequencies when they see them.

        It’ll always be an arms race, at least if the players realize they are in an arms race and don’t just willingly carry tracking devices.

        • @[email protected]
          link
          fedilink
          English
          27 hours ago

          They’d probably just use whatever bands the local police use, and those communications are encrypted as well. So to an outside observer, they could see that someone is chatting on the police bands, but they wouldn’t know if it’s the local police or something more interesting.

          And these types of events typically establish a no-fly zone large enough that an attacker wouldn’t know where they’re coming from, even if they knew the exact location of the event (i.e. a campaign rally). It’s still possible, but there’s a lot that the Secret Service can and does do to mitigate tracking risks.