Stuff

    Subscribe to our newsletter

    What's Hot
    Oppo

    Oppo has three new devices on the market – the A77 5G, A57 and A57s

    August 16, 2022
    Spotify

    Still don’t have Spotify Premium? You can have three months for free right now

    August 16, 2022
    features

    HUAWEI to launch a new lineup of products at Xperience HUAWEI 2022

    August 16, 2022
    Facebook Twitter Instagram YouTube SoundCloud
    Trending
    • Oppo has three new devices on the market – the A77 5G, A57 and A57s
    • Still don’t have Spotify Premium? You can have three months for free right now
    • HUAWEI to launch a new lineup of products at Xperience HUAWEI 2022
    • Farmers can save water with wireless technologies, but there are challenges – like transmitting data through mud
    • Mid-month CEF indicators suggest South Africa’s September petrol price headed to saner levels
    • Xiaomi hopes to challenge Tesla by releasing a fully self-driving EV
    • Light Start: Fuel cell BMWs, iPhone ads, LG’s 20in OLEDs, and Hogwarts Legacy’s delay
    • Behold, the Taycan-compatible TAG Heuer Connected Calibre E4 Porsche Edition
    Facebook Twitter Instagram YouTube
    StuffStuff
    • News
      • App News
      • Business News
      • Camera News
      • Gaming News
      • Headphone News
      • Industry News
      • Internet News
      • Laptops News
      • Motoring News
      • Other Tech News
      • Phone News
      • Tablet News
      • Technology News
      • TV News
      • Wearables News
    • Reviews
      • Camera Reviews
      • Car Reviews
      • Featured Reviews
      • Game Reviews
      • Headphone Reviews
      • Laptop Reviews
      • Other Tech Reviews
      • Phone Reviews
      • Tablet Reviews
      • Wearables Reviews
    • Columns
    • Stuff Guides
    • Podcasts & Videos
      • Videos
      • Stuffed
      • Stuffing Around
      • Tech Byte
      • T2S2
    • Win
    • Subscribe
      • Print
      • Digital
        • Google Play
        • iTunes
        • Download
        • Zinio
    • Stuff Shop
      • Shop Now
      • My Account
      • Downloads
    • Contact Us
      • Get In Touch
      • Advertise
    0 Shopping Cart
    Stuff
    Home » News » Internet News » Strava storm: why everyone should check their smart gear security settings before going for a jog
    Internet News

    Strava storm: why everyone should check their smart gear security settings before going for a jog

    The ConversationBy The ConversationJanuary 31, 2018Updated:October 1, 2021No Comments4 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Fitness tracking app Strava recently kicked off a privacy and security storm after it was revealed that its software had potentially exposed the location of secret military bases, courtesy of a data visualisation tool called a “heatmap”.

    The heatmap was created to depict the activities of Strava users across the globe. But while it’s a great idea in general (and quite a nice heatmap), a closer inspection of the user data generated by the tool highlights some worrying developments.

    It’s also a reality check for consumers of wearable gadgets – be they a National Security Agency operative or a retired librarian going for a gentle jog – who are lax with the privacy and security settings on apps that monitor location and other personal data.

    Nathan Ruser, a 20-year-old student based in Australia, pored over Strava’s heatmap and tweeted his findings, saying that the “pretty” data visualisation tool – which mapped 13 trillion GPS points from the app’s users – wasn’t “amazing for op-sec [operations security]. US bases are clearly identifiable and mappable.”

    By publishing the heatmap of Strava users’ activities and their locations, the San Francisco-based company had seemingly leaked the location of secret bases and routes service personnel use for exercise.

    Don’t be dumb about smart tech

    The Internet of Things (IoT) represents a new advancement in technology that harnesses data to help streamline our lives. The simplest way to think of the IoT is as a network of devices and objects with embedded electronics – deemed “smart” – that communicate to perform various tasks.

    IoT technologies enable voice commands to control appliances such as lights, TVs and even door locks. At work, smart office buildings offer significant promise for handling controls such as energy saving options and may soon become ubiquitous. And, on the move, wearable technologies such as fitness trackers and smart watches allow people to track and monitor their exercise regimes.

    But there are clear security and privacy concerns associated with using these different forms of new technology. And there’s a danger that consumers – egged on by digital companies whose income heavily relies on data sharing – jump too quickly at the convenience of new personal tech without understanding the risks.

    In research circles, the risks accompanying IoT technology – including data leakage via consumer wearables – have been known for some time now. One of the earliest comprehensive reports on the topic – from cyber security firm Symantec – linked wearables and other tracking devices to risks including identity theft, profiling and stalking users.

    If a criminal accesses someone’s real-time online fitness tracker data (be it from Strava, FitBit or a smart watch) they could determine that person’s whereabouts – in and out of work and home. Oversharing on social media has been a problem for many years as it can lead to crime online and in the physical world.

    It gets worse. Recently, we conducted research on this topic, to investigate the potential dangers facing users when they share data from fitness trackers and social media.

    We found that if a criminal or an organisation were able to combine data fragments gathered from a tracker and a social media profile, then users faced significant privacy risks.

    These include financial loss (home burglary based on the knowledge of user location and address) and targeted profiling by marketing companies or even potential employers, who habitually screen candidates based on their online profiles.

    Chairman of the bored

    When speaking to users about these risks, we discovered their general awareness was quite low. The study confirmed other research that we have recently conducted where – to some users – “privacy is the boring bit” of using smart technologies.

    While organisations are largely prepared for this type of risk if it originates from a personal laptop, it’s a different issue with wearable devices – which are now being heavily targeted by malware miscreants.The Strava incident, while important, is the tip of the iceberg when it comes to risks associated with the use of personal IoT technology in the workplace. For instance, an employee with a malware-infected smart device could then connect it to their employer’s network.

    The discrete nature of wearables presents another problem: they are typically paired with a secondary device and are more likely for that reason to avoid security measures, where checks are only conducted if a device is directly connected to the corporate network. Another real problem is that malicious employees seeking to harm their organisation may use IoT technology for nefarious means, such as stealing intellectual property, or using hidden devices to inconspicuously record private office conversations.

    The Strava episode is a stark reminder that as technology becomes smarter, it poses significant risks to people’s home, work and social lives if not properly considered, discussed and addressed. Privacy and security settings are there for a reason: use them.

    • Jason R. C. Nurse is Senior Researcher in Cyber Security, University of Oxford
    • This article first appeared on The Conversation

    Fitbit privacy security Strava The Conversation
    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Tumblr Email
    The Conversation

    Related Posts

    Oppo

    Oppo has three new devices on the market – the A77 5G, A57 and A57s

    August 16, 2022
    Spotify

    Still don’t have Spotify Premium? You can have three months for free right now

    August 16, 2022
    features

    HUAWEI to launch a new lineup of products at Xperience HUAWEI 2022

    August 16, 2022

    Leave A Reply Cancel Reply

    In The Mag
    Stuff August-September 2022 Latest Issue

    In This Issue – The Women in Tech (August-September 2022) Issue

    By Brett VenterAugust 1, 20220

    August is a pretty special month. It’s the host of International Women’s Day and is…

    2021 Wish List
    wish list Stuff Wish List 2021

    Stuff Wish List: for the tech impaired

    By Duncan PikeDecember 22, 20210

    Are you from the time before being glued to a smartphone was considered normal? Here’s…

    Wishlist DIY Stuff tech

    Stuff Wish List: for the DIY Diehard

    December 21, 2021
    Wish List Gearhead

    Stuff Wish List: For the petrol-soaked gearhead

    December 20, 2021
    outsiders

    Stuff Wish List: for the Outsiders

    December 17, 2021

    Latest Video

    Sonos

    SONOS Roam SL unboxing by Toby Shapshak

    Mini Cooper

    The Mini Cooper SE Electric with Toby Shapshak

    MSI Crosshair 15 Rainbox Six Extraction Edition unboxing

    MSI Crosshair 15 Rainbox Six Extraction Edition unboxing

    Samsung Galaxy S22 Ultra Unboxing

    Samsung Galaxy S22 Ultra unboxing with Toby Shapshak

    Contact

    South Africa's Consumer Tech News Hub

    General: stuff@stuff.co.za
    Subscriptions: stuff@onthedot.co.za or 087 353 1291
    Editorial: 072 735 2614
    Sales: 083 375 2418

    Facebook Twitter Instagram YouTube SoundCloud

    Subscribe to Updates

    • Terms and Conditions
    • Privacy & POPI
    • My account
    © 2022 Stuff Group. Designed by Chronon.

    Type above and press Enter to search. Press Esc to cancel.