Running App Revealed World Leaders' Location

John Lister's picture

Running app Strava made it possible to track the locations of world leaders and high-profile political candidates according to a newspaper investigation. Security services say the vulnerability did not put people at risk but are reviewing their guidelines on using the app.

Le Monde investigated the movements of bodyguards for politicians including Joe Biden, Kamala Harris, Emannuel Macron and Vladimir Putin, Donald Trump plus partners Jill Biden and Melania Trump. (Source: lemonde.fr)

Secret Trip Revealed

The newspaper was able to discover the names of the presidential bodyguards and find their accounts on Strava. That's a fitness tool that lets user track and optionally share details of their fitness activities, including location and movement.

They were then able to figure out movements including Biden's hotel when staying in San Francisco for a visit by the Chinese president. They also discovered Macron's location while traveling to a seaside resort on a trip that had not been publicly disclosed.

The US Secret Service said that staff are not allowed to use personal devices while on active protection duty but can use them when off-duty. It will now review that guidance. Meanwhile Macron's chief of staff has asked agents not to use Strava.

In both cases, officials say there was no impact on operations and no threats to the public figures. They also argued the location of public officials was often known to sources including local authorities and that the locations were fully secured against threats.

Bodyguards Exposed

Le Monde also said the process could be reversed. Having identified the routes of some bodyguards, an organization assisting the investigation was able to identify other individuals who matched the movements and in turn identify them as part of the security team.

In turn it was able to use information from their security accounts to track down personal information about them which would theoretically make it easier to put pressure on them to breach security. (Source: semafor.com)

What's Your Opinion?

Is this a serious security issue or a fuss over nothing? Should security agencies control what apps staff use on their personal devices? Do tech companies make it easy enough to understand and control location tracking settings?

Rate this article: 
Average: 5 (4 votes)

Comments

Dennis Faas's picture

Just imagine what TikTok can do!

From Google:

Keylogging - TikTok's in-app browser may track users' keyboard entries, which could allow TikTok to collect sensitive data like passwords and credit card information.

TikTok Pixel - This tracking tool may log users' web history and personal information without their consent.

Microphone access - TikTok may be able to spy on users' device microphones.

Other app activity - TikTok may be able to determine what users are doing on other apps.