See the entire conversation

OSINT can literally get you killed
Fitness and social media company Strava releases activity heat map. Excellent for locating military bases (h/t to @Nrg8000).…
65 replies and sub-replies as of Jan 29 2018

"I wonder if I can find US drone bases in Djibouti" *Literally 30 seconds later*
"I wonder who's running around this apparently abandoned airfield in Somalia"
The next most noticeable feature in Djibouti is this several mile long track on a random dry lake bed
I have no idea what's going on on Jarvis Island
Didn't expect this thread to get picked up like it did. Some clarifications: 1. Ghost Somalian airbase is a known UNMAS base:… 2. The drone base isn't much of a secret. Strava, however, highlights Western military bases in the Middle East.
Deputy UN envoy to Somalia visits Baidoa
News and Press Release from United Nations Assistance Mission in Somalia, published 26 Mar 2015
Reminds me of when Internet Heroes tracked down a terrorist training camp and showed off because spies "couldn't". Or, y'know, they were watching it and you clowns just gave the game away.
How can you tell the military bases are Western?
right up your Street Ray
Looks like a priest. #vaticantrackclub? Or maybe a squid.
Jarvis island is a location used by a virtual cycling app named @zwift.
also uses Teanu Island in the Solomon Islands
That zwift track is known to get under the water, so it matches perfectly
Wonder if anybody is running at Area 51 😂
Area 51 aka Groom Lake. Clearly they've been letting the aliens get some outdoor exercise.
Artificial ‘GPS’ tracks for a virtual cycle race called Zwift. They use a bunch of remote islands to plot competitors’ tracks.
Per Strava, Zwift is excluded.
OK, I guess there must be dozens of people riding bikes over these mountainous, forested, uninhabited, remote Pacific islands and the waters between them.
Nah, obviously it is the local fauna using activity trackers. Specifically, on Jarvis Island, the feral cat population.
However, it is actually Zwift. Point is, it proves that the data is subject to manipulation. I simply shown what Strava said. Their methods of preventing the introduction of fake GPS data are obviously not effective.
Zwift pre-dated the introduction of the “Virtual Ride” activity type, any new Zwift (and several other virtual riding apps) rides/runs default to Virtual Ride/Run. With BKool/Kinomap it would be almost impossible to know if ride was real or virtual.
It may very well be legacy data from Zwift which had inadvertently been pulled into other data sets. Jarvis was one of the first islands they used.
They used to mine mountains of bird poop there. (Serious)
It’s zwift island
Snapchat logo, obvs.
Long shot, but maybe car racing? A lot of disused air fields get turned into race tracks.
And I wonder I wah-wah-wah-wah-wonder Why Why, why, why, why, why She ran away And I wonder Where she will stay-ay My little runway A-run, run, run, run, runway
have a location in Baidoa. @UNDSS_Kenya @UNSomalia
Wonder if the BHAA know about this @Relaxyourface
Not a local Somali I'd wager....
Chineese border cities with North Korea are interesting too.
And you can see the paths of the guided tours trough pyong yang
Where is it or what are the coordinates of the airfield?
This is historic date as well right? Saw quite a lot of activity in new map in one base abandoned in 2015
does . . . does the pentagon know this is accessible publically? seems like #opsecfail
This is fucking bonkers.
Any idea what's at 5.75233/30.98038?
(No comment)
The fact that there’s a landuse polygon and roads present makes me think that Strava traces aren’t how this site got discovered and mapped in the first place
Besides which MS uses NAIP imagery as their image classifier hello world. Is it plausible that these sites couldn’t already be found via Landsat?
So, exercise can get you killed.
"We kill based on metadata."
It's called "target threat matrix"
Forgive the ignorance, but how is this OSINT? Does the app/tech not keep user's detail's private?
The “intelligence” is the activity heat map (which is public).
This is why when a company tells you they anonymize location data, tell them to F’off.
Doesn't matter if the data is "anonymous," the metadata gives away 1. Base locations, 2. Perimeters and patrol routes, 3. Common convoy routes. And it's free online for anyone to look at. Some of the stuff I'm Syria and Iraq is far more sensitive, i.e. FOBs in civilian compounds
Jesus. Fucking. Christ.
Maps causing problems
(No comment)
here’s some examples...