TechPutin's security details exposed through fitness app flaw

Putin's security details exposed through fitness app flaw

Tracking activity in fitness apps can be misleading, even with the highest levels of privacy and security. This is no exception for Vladimir Putin's employees, who—as revealed by the newspaper Le Monde—shared their location information online through the Strava app.

Putin's bodyguards shared data on activity.
Putin's bodyguards shared data on activity.
Images source: © Getty Images | Contributor
Oskar Ziomek

30 October 2024 16:11

According to Le Monde, through analysis, unauthorised individuals could deduce the locations of FSB officers and, consequently, Vladimir Putin's whereabouts. The issue also affects other bodyguards of high-profile figures, including Emmanuel Macron and US presidents. A lack of awareness or insufficient caution when configuring the privately used Strava app on phones can, as in these cases, expose crucial guarded information for these leaders.

This is just one example highlighting the information that can be extracted from seemingly harmless, statistical analysis of publicly shared location data in apps that track sports progress. Several years ago, we discovered that such information enabled unauthorised individuals to recreate movement paths of soldiers who inadvertently "drew" the route on a map while moving systematically over a designated area.

The service unian.ua notes that these oversights made it possible to track the professional activity of FSB officers on the internet without their knowledge. This further allowed for conclusions to be drawn, including confirming Putin's presence in highly confidential locations or in a palace, whose ownership he had previously denied.

Of course, the cases described do not imply that a private user of a fitness app should stop using such conveniences (although this might be advisable for complete privacy).

It's important to emphasise that the data collected by apps is anonymous. As long as it does not involve a large group of people moving in a coordinated manner, it's challenging to draw definitive conclusions from it and identify a specific user. The example thus illustrates in practice the significant oversights related to top-tier services, wherein such oversights should be impermissible.

© Daily Wrap
·

Downloading, reproduction, storage, or any other use of content available on this website—regardless of its nature and form of expression (in particular, but not limited to verbal, verbal-musical, musical, audiovisual, audio, textual, graphic, and the data and information contained therein, databases and the data contained therein) and its form (e.g., literary, journalistic, scientific, cartographic, computer programs, visual arts, photographic)—requires prior and explicit consent from Wirtualna Polska Media Spółka Akcyjna, headquartered in Warsaw, the owner of this website, regardless of the method of exploration and the technique used (manual or automated, including the use of machine learning or artificial intelligence programs). The above restriction does not apply solely to facilitate their search by internet search engines and uses within contractual relations or permitted use as specified by applicable law.Detailed information regarding this notice can be found  here.