Opt-Out Fitness Data Sharing Leads to Massive Military Locations Leak

People who exercise with fitness trackers have a digital record of their workouts. They do it for a wide range of reasons, from gathering serious medical data to simply satisfying curiosity. When fitness data includes GPS coordinates, it raises personal privacy concerns. But even with individual data removed, such data was still informative enough to spill the beans on secretive facilities around the world.

Strava is a fitness tracking service that gathers data from several different brands of fitness tracker — think Fitbit. It gives athletes a social media experience built around their fitness data: track progress against personal goals and challenge friends to keep each other fit. As expected of companies with personal data, their privacy policy promised to keep personal data secret. In the same privacy policy, they also reserved the right to use the data shared by users in an “aggregated and de-identified” form, a common practice for social media companies. One such use was to plot the GPS data of all their users in a global heatmap. These visualizations use over 6 trillion data points and can be compiled into a fascinating gallery, but there’s a downside.

This past weekend, [Nathan Ruser] announced on Twitter that Strava’s heatmap also managed to highlight exercise activity by military/intelligence personnel around the world, including some suspected but unannounced facilities. More worryingly, some of the mapped paths imply patrol and supply routes, knowledge security officers would prefer not to be shared with the entire world.

This is an extraordinary blunder which very succinctly illustrates a folly of Internet of Things. Strava’s anonymized data sharing obsfucated individuals, but didn’t manage to do the same for groups of individuals… like the fitness-minded active duty military personnel whose workout habits are clearly defined on these heat maps. The biggest contributor (besides wearing a tracking device in general) to this situation is that the data sharing is enabled by default and must be opted-out:

“You can opt-out of contributing your anonymized public activity data to Strava Metro and the Heatmap by unchecking the box in this section.” —Strava Blog, July 2017

We’ve seen individual fitness trackers hacked and we’ve seen people tracked through controlled domains before, but the global scope of [Nathan]’s discovery puts it in an entirely different class.

[via Washington Post]

Auto-Tracking Sentry Gun Gives Deer a Super Soaking

Things rarely go well when humans mix with wildlife. The problems are exacerbated in the suburbs, where bears dine on bird feeders and garbage cans, raccoons take up residence in attics, and coyotes make off with the family cat. And in the suburbs, nuisance wildlife can be an intractable problem because the options for dealing with it are so limited.

Not to be dissuaded in the battle to protect his roses, [dlf.myyta] built this motion-activated sentry gun to apply some watery aversion therapy to marauding deer. Shown in action below against a bipedal co-conspirator, the sentry gun has pretty much what you’d expect under the hood — Raspberry Pi, NoIR camera, a servo for aiming and a solenoid valve to control the water. OpenCV takes care of locating the intruders and swiveling the nozzle to center mass; since the deer are somewhat constrained by a fence, there’s no need to control the nozzle’s elevation. Everything is housed nicely in a plastic ammo can for portability and waterproofing. Any target that stands still for more than three seconds gets a hosing; we assume this is effective, but alas, no snuff films were provided.

We’re not sure if [dlf.myyta]’s code can discern friend from foe, and in this litigious world, hosing the neighbor’s kid could be a catastrophe. Perhaps version 2.0 can include image recognition for target verification.

Continue reading “Auto-Tracking Sentry Gun Gives Deer a Super Soaking”

Satellite Tracking With Friends

If you’re in the mood to track satellites, it’s a relatively simple task to look up one of a multitude of websites that can give you a list of satellites visible from your location. However, if you’re interested in using satellites to communicate with far-flung friends, you might be interested in this multi-point satellite tracker.

[Stephen Downward VA1QLE] developed the tracker to make it easier to figure out which satellites would be simultaneously visible to people at different locations on the Earth’s surface. This is useful for amateur radio, as signals can be passed through satellites with ham gear onboard (such as NO-44), or users can even chat over defunct military satellites.

[Stephen] claims the algorithm is inefficient, but calculations are made in a matter of a few seconds, so we’re not complaining. While it was originally designed for just two stations, it works with a near-infinite number of points. [Stephen] recommends verifying the tracks with another tool once calculated to ensure accuracy. The tool is accessible here, and the code is up on GitHub for your perusal.

Perhaps now you need a cost-effective satellite-tracking antenna? [Paul] has you covered.

Drone Takes Off With a Flick of the Wrist

One of the companion technologies in the developing field of augmented reality is gesture tracking. It’s one thing to put someone in a virtual or augmented world, but without a natural way to interact inside of it the user experience is likely to be limited. Of course, gestures can be used to control things in the real world as well, and to that end [Sarah]’s latest project uses this interesting human interface device to control a drone.

The project uses a Leap Motion sensor to detect and gather the gesture data, and feeds all of that information into LabVIEW. A Parrot AR Drone was chosen for this project because of a robust API that works well with this particular software suite. It seems as though a lot of the grunt work of recognizing gestures and sending commands to the drone are taken care of behind-the-scenes in software, so if you’re looking to do this on your own there’s likely to be quite a bit more work involved. That being said, it’s no small feat to get this to work in the first place and the video below is worth a view.

To some, gestures might seem like a novelty technology with no real applications, but they do have real-world uses for people with disabilities or others with unusual workflow that require a hands-free approach. So far we’ve seen hand gesture technologies that drive cars, help people get around in the physical world, and even play tetris.

Continue reading “Drone Takes Off With a Flick of the Wrist”

Ultrasonic Tracking Beacons Rising

An ultrasonic beacon is an inaudible sound with encoded data that can be used by a listening device to receive information on just about anything. Beacons can be used, for example, inside a shop to highlight a particular promotion or on a museum for guided tours where the ultrasonic beacons can encode the location. Or they can be used to track people consumers. Imagine if Google find outs… oh, wait… they already did, some years ago. As with almost any technology, it can be used to ‘do no harm’ or to serve other purposes.

Researchers from the Technische Universitat Braunschweig in Germany presented a paper about Ultrasonic Side Channels on Mobile Devices and how can they be abused in a variety of scenarios , ranging from simple consumer tracking to deanonymization. These types of ultrasonic beacons work in the 18 kHz – 20 kHz range, which the human being doesn’t have the ability to hear, unless you are under twenty years old, due to presbycusis. Yes, presbycusis. This frequency range can played via almost any speaker and can be picked up easily by most mobile device microphones, so no special hardware is needed. Speakers and mics are almost ubiquitous nowadays, so there is a real appeal to the technology.

Continue reading “Ultrasonic Tracking Beacons Rising”

Want Gesture-Tracking? All You Have To Do Is Lift Your Finger.

Watching Tony Stark wave his hands to manipulate projected constructs is an ever-approaching reality — at least in terms of gesture-tracking. Lift — a prototype built by a team from UC Irvine and FX Palo Alto Laboratory — is able to track up to ten fingers with 1.7 mm accuracy!

Lift’s gesture-tracking is achieved by using a DLP projector, two Arduino MKR1000s, and a light sensor for each digit. Lift’s design allows it to work on virtually any flat surface; the projected image acts as a grid and work area for the user. As their fingers move across the projected surface, the light sensors feed the information from the image to the Arduinos, which infers the location of each finger and translate it into a digital workspace. Sensors may also be mounted on other objects to add functionality.

So far, the team has used Lift as an input device for drawing, as well as using it to feign gesture controls on a standard laptop screen. The next step would be two or more projectors which would allow Lift to function fully and efficiently in three dimensions and directly interacting with projected media content. Can it also operate wirelessly? Yes. Yes, it can.

While we don’t have Tony Stark’s hologram workstation quite yet, we can still play Tetris, fly drones, and mess around with surgical robots.

Manhattan Marauder’s Map

If you solemnly swear that you are up to no good, and you happen to spend most of your time in Manhattan below the mid-90s, then you will appreciate this Raspberry Pi-based Manhattan Marauder’s Map.

Not that a Harry Potter-themed map was necessarily [GawkyFuse]’s intention when creating this interesting build; it’s just that the old-time print of Manhattan — it shows Welfare Island in the East River, which was renamed Roosevelt Island in 1971 — lends a nice vintage feel to the build. Printed on plain paper, the map overlays a 64×32-LED matrix, which is driven by a matrix HAT riding atop the Pi 3.

[GawkyFuse] uses the OwnTracks app on his and his wife’s iPhone to report their locations back to CloudMQTT. The Pi subscribes to the broker and updates his location in red and her location in blue as they move about the city; a romantic touch is showing a single purple dot when they’re together. There’s no word on what’s displayed when either leaves the map area, but the 2048-pixel display offers a lot of possibilities.

We’ve seen a Weasley clock or two around these parts before, but strangely no Marauder’s Maps like this one. Although this Austrian tram-tracking map comes pretty close to [GawkyFuse]’s nice design.

[via r/raspberry_pi]