Iain Thomson, The Register:
In a presentation at Usenix’s Enigma 2018 security conference in California, Google software engineer Grzegorz Milka today revealed that, right now, less than 10 per cent of active Google accounts use two-step authentication to lock down their services. He also said only about 12 per cent of Americans have a password manager to protect their accounts, according to a 2016 Pew study.
The fitness app Strava published a heat map showing outlines of popular running routes around the world. Since US soldiers often wear these when they go for a run, the map shows the outlines of a bunch of US military bases, including ones that aren’t necessarily public.
Advice: Ban the use of all tracking apps and devices, including smartphones, on sensitive installations. Frankly, I’m surprised this is not already policy.
Fitness app Strava exposes the location of military bases – Jon Russell, TechCrunch
The service does offer a private mode which doesn’t share information outside of the app. The company said its heatmap is based on public data only. It would appear, then, that military personnel are sharing their information publicly, perhaps without knowing it or realizing the implication.
The heatmap doesn’t include user information, but, as others on Twitter demonstrated, it is possible to visit the service and look up users based on the routes they have run publicly. That could potentially expose the identification of servicemen and women.
Alex Hern, writing for The Guardian:
Sensitive information about the location and staffing of military bases and spy outposts around the world has been revealed by a fitness tracking company.
The details were released by Strava in a data visualisation map that shows all the activity tracked by users of its app, which allows people to record their exercise and share it with others.
The map, released in November 2017, shows every single activity ever uploaded to Strava – more than 3 trillion individual GPS data points, according to the company. The app can be used on various devices including smartphones and fitness trackers like Fitbit to see popular running routes in major cities, or spot individuals in more remote areas who have unusual exercise patterns.
Another article about this breach: Strava’s fitness tracker heat map reveals the location of military bases – Andrew Liptak, The Verge
We are launching our new site today, January 28, 2018, as it coincides with Data Privacy Day.
Data Privacy Day, known as Data Protection Day in Europe, marks the 1981 signing of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, the first legally binding international treaty dealing with privacy and data protection. Also known as Convention 108, it protects the right to privacy of individuals, taking account of the increasing flow across frontiers of personal data undergoing automatic processing.
The purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices. It is currently observed in the Canada, United States, India and 47 member states of the Council of Europe.
We live in an increasing interconnected world, and as the number and severity of computer hacks continues to grow, Data Privacy Day is reminder of the importance of protecting your personal data, today and every day. The day is focused on raising awareness among businesses, as well as users about the importance of protecting the privacy of their personal information online.
We need to think about our personal privacy every day. Everything we do online has privacy implications. Our Facebook posts are analyzed, What we ask Alexa is recorded. As are our Google searches, everywhere we take our smartphones, and every time we use our credit cards.