• Strava heat map. (Strava heat map)Source: Strava heat map
A data visualisation map showing paths taken by users of popular exercise tracking app Strava has been identified as revealing potentially sensitive information about US and allied military personnel in places including Afghanistan, Iraq and Syria.
Cycling Central

29 Jan 2018 - 2:15 PM  UPDATED 29 Jan 2018 - 2:16 PM

heat map from fitness tracking company Strava Labs has revealed the movements of US military personnel, potentially unmasking the locations of secret facilities and outposts. 

The Strava app collects and presents data from mobile phones and fitness tracking devices like Fitbit and Apple Watches.

While some bases are well known to groups that want to attack them, the map also shows what appear to be routes taken by forces moving outside of bases, information that could be used in planning bombings or ambushes.

The map shows the movements of its app users around the world, indicating the intensity of travel along a given path - a "direct visualization of Strava's global network of athletes," it says.

Routes are highlighted over large parts of some countries, but in others, specific locations stand out.

The heat map shows Europe and the US with significant activity but leaves the vast majority of the Middle East in darkness.

However, an Australian-based conflict analyst has pointed out small heat lines potentially reveal US military personnel using the app for exercise and revealing their location in Middle East outposts and elsewhere.

These include Taji, north of Baghdad, Qayyarah south of Mosul, Speicher near Tikrit and Al-Asad in Anbar Province.

While the heat map doesn't show any base that isn't already public knowledge, it does track how personnel are moving along routes and how frequently.

Sydney based Institute for United Conflict Analyst Nathan Ruser, who monitors conflicts through data, tweeted his discovery.

"Strava released their global heatmap. 3 trillion [correction] GPS points from their users...It looks very pretty, but not amazing for Op-Sec. US Bases are clearly identifiable and mappable," he wrote on the weekend, sharing a heat map.

He added: "If soldiers use the app like normal people do, by turning it on tracking when they go to do exercise, it could be especially dangerous. This particular track looks like it logs a regular jogging route. I shouldn't be able to establish any Pattern of life info from this far away."

Security Analyst Tobias Schneider also tweeted about the activity around potential military bases.

"Somebody forgot to turn off their Fitbit. Markers trace known military outposts, supply and patrol routes," he wrote.

In Afghanistan, Bagram Air Field north of Kabul is a hive of activity, as are several locations in the country's south. And in Syria, Qamishli in the northwest, a stronghold of US-allied Kurdish forces, is clearly visible.

The Strava app can be turned off so your information can be private, according to a statement released to The Washington Post.

“Our global heatmap represents an aggregated and anonymized view of over a billion activities uploaded to our platform,” it read.

“It excludes activities that have been marked as private and user-defined privacy zones. We are committed to helping people better understand our settings to give them control over what they share.”

In 2016, the US army banned troops from downloading Pokemon Go to their official military phones amid security fears over the GPS location.