this post was submitted on 28 Oct 2024
536 points (98.0% liked)
Technology
58999 readers
5577 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Why would they let bodyguards use tracking apps? Are we really that bad at opsec?
Yes, and we’re in denial about it.
Wrong question LOL. Better ask:
Are we really that bad at allowing tracking?
Yes you are. And once the data is collected, people are going to do things with the data.
It goes both ways. Companies are able to track way more data than they should be able to and users are bad at avoiding or even being aware of it, including many who should have security concerns at the top of their mind.
It makes sense for an app like Strava to track location, because that's literally its purpose. It doesn't make sense for a bodyguard to be using an app like Strava.
I'd prefer if that information was stored locally and wasn't usable by anyone at Strava to just look up where someone is and/or has been.
Same, but Strava is literally a social media app where you're comparing your routes to other peoples' routes. I used to use it because I liked tracking personal progress, but ended up bailing after a few months because I really don't want any of the social nonsense.
That said, Strava isn't the one that should be punished/regulated here, they're just offering a service people find value in. The real ones at fault are the bodyguards, who should absolutely know better and be much more careful about electronic equipment they and anyone involved carries.
Ah, I haven't used it so didn't realize there was a social aspect to it, that makes sense, though I don't think the social nonsense is worth giving that kind of data to the parent company. Though I suppose the leaks in this case were just from people looking up the bodyguards on the service? Is there an option to set your profile to private?
But yeah, I'd agree that anyone who doesn't want their location to be shared shouldn't be using that, especially when there's security concerns.
Though just carrying a cell phone at all gives some people access to your full location information, if they care to track it.
From the article:
So yes, they basically did a bit of journalism to figure out who the bodyguards were, and looked them up on the app.
Yes, but I'm not sure what workarounds exist to view private data. Here's a forum post about it:
I'm not sure what "full profile" vs "partial profile" means in this case, but there is a setting for it. I set mine to private when I used it some years ago, but I bailed because I honestly didn't find much value in it. I mostly used it for route planning, but eventually found a better app for it when they changed what features are part of the free vs paid tiers (and that impacted route planning IIRC).
Regardless, a bodyguard to an important individual like a head of state/government shouldn't be using anything that tracks location, regardless of what the policies of the app are. Keep that on personal devices, and leave those behind when doing a job w/ an important person.
Sure, network operators certainly have access, and there's a good argument that only short-range radios should be used by security professionals when on an assignment. If they must carry a phone, it should probably have the radios disabled, or they should have some tech in place to change where they appear to be located (e.g. repeaters).
Thanks for the detail!
And I agree that maybe they should be using something else. Though one risk with using something that few others are using is that it can also be used for targeting and tracking. Like if someone knows the bodyguards use shortwave communicators and that there's an event at some location, they could have drones set up to just target those frequencies when they see them.
It'll always be an arms race, at least if the players realize they are in an arms race and don't just willingly carry tracking devices.
They'd probably just use whatever bands the local police use, and those communications are encrypted as well. So to an outside observer, they could see that someone is chatting on the police bands, but they wouldn't know if it's the local police or something more interesting.
And these types of events typically establish a no-fly zone large enough that an attacker wouldn't know where they're coming from, even if they knew the exact location of the event (i.e. a campaign rally). It's still possible, but there's a lot that the Secret Service can and does do to mitigate tracking risks.
Trump is such an incompetent clown that he has a comedian thrash on US citizens in a US territory as a bigoted racist warm up act for his rallies. What do you think.
Trump is not responsible for his security though, secret service is. Would think that those guys would know to not wear random trackers with them
Pretty sure the secret service is responsible for protecting Trump. The rest of his campaign security is the job of the campaign, which is famously cheap.
And it's in the Secret Service's interest to have certain rules for any additional security operating an an event they're responsible for protecting. That's literally their job...
I'm not sure if it's still valid, but there was that whole debacle where he fired every secret service agent except for ones that backed him politically.
Would you think those guys would know to do something about a dude on a roof with a rifle?
Maybe, having worked closely enough with Trump to have an even better idea of who he is than most, it was a choice rather than incompetence.
What does that have to do with the French newspaper Le Monde?
You think the rest of the world doesn't follow the news when a lunatic is in the run with an actual chance of getting elected?
Turns out we have journalists, in France!
I don't know. I don't read Le Monde.
The article noted that the agents can't use their personal devices while on duty but of course they can while they are off duty. It mentioned that one of the guards took a jog while off duty, but that jog was from the hotel the President was staying at.
Still the agents mistake.
They could set the start/finish area to be masked, they could set their run info as private, they could have just the run stats (but no GPS) shared, etc.
This isn't a strava issue, just Secret Service Agents being bad about Secrets when doing their Service.
They should definitely know better, especially as a few years ago it was in the news how you could map some US bases by the runs that soldiers were doing
Yup