[ by Charles Cameron — gift horse, Trojan horse, back door — take your pick ]
Liz Sly, reporting from Beirut:
An interactive map posted on the Internet that shows the whereabouts of people who use fitness devices such as Fitbit also reveals highly sensitive information about the locations and activities of soldiers at U.S. military bases, in what appears to be a major security oversight.
The Global Heat Map, published by the GPS tracking company Strava, uses satellite information to map the locations and movements of subscribers to the company’s fitness service over a two-year period, by illuminating areas of activity.
Strava says it has 27 million users around the world, including people who own widely available fitness devices such as Fitbit and Jawbone, as well as people who directly subscribe to its mobile app. [..]
In war zones and deserts in countries such as Iraq and Syria, the heat map becomes almost entirely dark — except for scattered pinpricks of activity. Zooming in on those areas brings into focus the locations and outlines of known U.S. military bases, as well as of other unknown and potentially sensitive sites — presumably because American soldiers and other personnel are using fitness trackers as they move around. [..]
The Pentagon has encouraged the use of Fitbits among military personnel and in 2013 distributed 2,500 of them as part of a pilot program to battle obesity.
Amira El Masait, from Rabat:
In 2012, the Chinese government “graciously offered” African States a gift and constructed the African Union’s headquarters in Addis Ababa. The act of soft diplomacy proved to be a rather self-serving maneuver to spy on the activities and discussions being conducted by leaders of the exclusive continental group.
In Addis Ababa, ministers and heads of states meet twice a year to discuss major continental issues. While strict security measures give the impression that that building is closely monitored and secured, an unseen security threat was present from 2012 until 2017. The threat was from none other than those who built the headquarters: the Chinese. An investigation conducted by “Le Monde Afrique” exposed Chinese espionage efforts.
According to the report, for five years, between midnight and 2 a.m., computer servers were reaching a peak in data transfer activity. A computer scientist noticed the oddity of the situation. The organization’s technical staff later discovered that the AU servers were all connected to servers located in Shanghai.
Every night, the secrets of the AU were being stored more than 8,000 km away by what was thought to be a diplomatic ally of Africa.
The glass tower $200 million complex was gifted to the African Union in 2012. The computer systems were fully equipped by the Chinese, allowing them to open an undocumented portal that gives Chinese administrators access to the AU’s computing system. This “backdoor” is an intentional fault put into code to allow hackers and intelligence agencies to gain illicit access to information.
Shoulda looked that gift horse in the mouth..
“Following this discovery, we have taken some steps to strengthen our cybersecurity,” a AU official told Le Monde.
But at least, “The Chinese have nothing to listen to. They have never colonized us. They have supported the struggles of independence on the continent and help us economically today,” an AU official told Le Monde anonymously.
Another official believes that, “They are not alone.” In fact, the US National Security Agency (NSA) and the British intelligence agencies (GCHQ) have had their share of surveillance on the AU building, according to documents which were extracted by Le Monde, in collaboration with The Intercept.