Putin's security details exposed through fitness app flaw

According to Le Monde, through analysis, unauthorised individuals could deduce the locations of FSB officers and, consequently, Vladimir Putin's whereabouts. The issue also affects other bodyguards of high-profile figures, including Emmanuel Macron and US presidents. A lack of awareness or insufficient caution when configuring the privately used Strava app on phones can, as in these cases, expose crucial guarded information for these leaders.

This is just one example highlighting the information that can be extracted from seemingly harmless, statistical analysis of publicly shared location data in apps that track sports progress. Several years ago, we discovered that such information enabled unauthorised individuals to recreate movement paths of soldiers who inadvertently "drew" the route on a map while moving systematically over a designated area.

The service unian.ua notes that these oversights made it possible to track the professional activity of FSB officers on the internet without their knowledge. This further allowed for conclusions to be drawn, including confirming Putin's presence in highly confidential locations or in a palace, whose ownership he had previously denied.

Of course, the cases described do not imply that a private user of a fitness app should stop using such conveniences (although this might be advisable for complete privacy).

It's important to emphasise that the data collected by apps is anonymous. As long as it does not involve a large group of people moving in a coordinated manner, it's challenging to draw definitive conclusions from it and identify a specific user. The example thus illustrates in practice the significant oversights related to top-tier services, wherein such oversights should be impermissible.