Fitness app inadvertently unveils secret military base layouts to all

Hey guess what, if you have a smartphone you’re probably being tracked. Although at this point, it seems like fairly common knowledge, a fitness app may now cause security problems for the U.S. military.

Fitness app Strava could pose a threat to military security since it tracks users’ locations. That in itself could be an issue, but then, Strava released a heat map of all its users with public profiles.

Strava uses data from smartphones and wearable fitness trackers, like Fitbit, which the military has been issuing domestically by the thousands since 2013.

The now notorious heat map shows detailed trails of jogging and cycling paths using trillions of data points.

Strong concentrations in Syria, Russia, and the Middle East correlate to military bases so like, oops. Although the map featured data on over a billion exercise routines globally, the military is concerned.

Since the app tracks running routes and times, military members with public profiles may have inadvertently exposed base layouts. In remote areas like Afghanistan, the running routes stand out in stark contrast to surrounding areas, clearly denoting bases.

Based on the maps, many bases are clearly identifiable. So now, the Department of Defense is looking into this.

Geotracking is incredibly common, and apps centered on transportation like Lyft and Google Maps rely on user location to function. Social apps like Twitter, Instagram, and Snapchat, have location sharing and heatmap features. There are even entire apps built specifically around user tracking, like Find My Friends. And sorry mom, still not downloading that.

While some apps make it pretty clear how to opt-out of being tracked, or at least having their whereabouts shared publicly, Strava apparently made it quite difficult for their users.

On the mobile app, privacy settings may not be all inclusive, and to explicitly opt-out of the Heatmap, users have to access the mobile website.

For its part, the U.S. military is now reviewing its GPS tracking policies to determine if additional protocols are needed. But you know, also maybe don’t install and regularly use an app that’s whole point is tracking your movements when you’re supposed to be in a secure location?

Pentagon spokesperson Major Audricia Harris stated, “DoD takes matters like these very seriously and is reviewing the situation to determine if any additional training or guidance is required, and if any additional policy must be developed to ensure the continued safety of DoD personnel at home and abroad.”

Strava noted they are committed to working with government and military officials to address security concerns, especially “sensitive areas.” Today, the company appears to have disabled the tracking feature, but whether it is temporarily offline or permanently disallowed is unclear.

Now go take a five minute break and evaluate the privacy settings for all your apps and pat yourself on the back for not accidentally revealing military bases in your quest for fitness.