Geotagging poses security risks
March 7, 2012
http://www.army.mil/article/75165/Geotagging_poses_security_risks/
By Cheryl Rodewig
Photos from smartphones are geotagged even when the user is unaware.
Smartphone users can adjust their privacy settings to limit who can view
their geotagged locations.
FORT BENNING, Ga. (March 7, 2012) -- "Is a badge on Foursquare worth your
life?"
The question was posed by Brittany Brown, social media manager of the Online
and Social Media Division at the Office of the Chief of Public Affairs. It
may sound outlandish, but in the age of social geotagging, it can be a
reality.
There are a number of location-based social media applications and
platforms, including Foursquare, Gowalla, SCVNGR, Shopkick, Loopt and Whrrl,
currently on the market. They use GPS features, typically in the user's
phone, to publish the person's location and offer rewards in the form of
discounts, badges or points to encourage frequent check-ins.
Security risks for the military:
A deployed service member's situational awareness includes the world of
social media. If a Soldier uploads a photo taken on his or her smartphone to
Facebook, they could broadcast the exact location of their unit, said Steve
Warren, deputy G2 for the Maneuver Center of Excellence, or MCoE.
"Today, in pretty much every single smartphone, there is built-in GPS,"
Warren said. "For every picture you take with that phone, it will
automatically embed the latitude and longitude within the photograph."
Someone with the right software and the wrong motivation could download the
photo and extract the coordinates from the metadata.
Warren cited a real-world example from 2007. When a new fleet of helicopters
arrived with an aviation unit at a base in Iraq, some Soldiers took pictures
on the flightline, he said. From the photos that were uploaded to the
Internet, the enemy was able to determine the exact location of the
helicopters inside the compound and conduct a mortar attack, destroying four
of the AH-64 Apaches.
Staff Sgt. Dale Sweetnam, of the Online and Social Media Division, said
geotagging is of particular concern for deployed Soldiers and those in
transit to a mission.
"Ideally, Soldiers should always be aware of the dangers associated with
geotagging regardless of where they are," he explained.
General hazards for family members:
While especially relevant for those in the military, cautions about
geotagging extend to anyone who uses that feature.
Facebook is in the process of rolling out Timeline, a new layout that
includes a map tab of all the locations a user has tagged.
"Timeline presents some unique security challenges for users who tag
location to posts," Sweetnam said.
"Some of those individuals have hundreds of 'friends' they may never have
actually met in person, he explained. "By looking at someone's map tab on
Facebook, you can see everywhere they've tagged a location. You can see the
restaurants they frequent, the gym they go to everyday, even the street they
live on if they're tagging photos of their home. Honestly, it's pretty scary
how much an acquaintance that becomes a Facebook 'friend' can find out about
your routines and habits if you're always tagging location to your posts."
Most of the applications let people limit who can see their check-ins to
friends or friends of friends.
"A good rule of thumb when using location-based social networking
applications is do not become friends with someone if you haven't met them
in person," Sweetnam said. "Make sure you're careful about who you let into
your social media circle."
Even if there is nothing classified about an individual's location, a series
of locations posted online over the course of a month can create a pattern
that criminals can use.
"We live in a different world now," Warren said.
"If someone were going to get a hold of your phone, they could figure out a
lot about who you are. It's like a beacon that's always out there
communicating with towers and plotting your moves on a computer somewhere.
Literally, if you don't turn off that feature on your phone people are going
to be able to recreate your whole day."
Ways to stay safe:
"In operations security, we talk about the adversary," said Kent Grosshans,
MCoE OPSEC officer. "The adversary could be a hacker, could be terrorists,
could be criminals; someone who has an intent to cause harm. The adversary
picks up on pieces of information to put the whole puzzle together."
Grosshans suggests disabling the geotagging feature on your phone and
checking your security settings to see who you're sharing check-ins with.
"If your husband's deployed and you go ahead and start posting all these
pictures that are geotagged, now not only does an individual know your
husband's deployed and he's not at home, but they know where your house is,"
he said.
Ultimately, it's about weighing the risks.
"Do you really want everyone to know the exact location of your home or your
children's school?" Sweetnam said. "Before adding a location to a photo,
Soldiers really need to step back and ask themselves, 'Who really needs to
know this location information?'"
Grosshans said it's as important to Soldiers as to family members.
"Be conscious of what information you're putting out there," he said. "Don't
share information with strangers. Once it's out there, it's out there.
There's no pulling it back."
==========================================
(F)AIR USE NOTICE: All original content and/or articles and graphics in this
message are copyrighted, unless specifically noted otherwise. All rights to
these copyrighted items are reserved. Articles and graphics have been placed
within for educational and discussion purposes only, in compliance with
"Fair Use" criteria established in Section 107 of the Copyright Act of 1976.
The principle of "Fair Use" was established as law by Section 107 of The
Copyright Act of 1976. "Fair Use" legally eliminates the need to obtain
permission or pay royalties for the use of previously copyrighted materials
if the purposes of display include "criticism, comment, news reporting,
teaching, scholarship, and research." Section 107 establishes four criteria
for determining whether the use of a work in any particular case qualifies
as a "fair use". A work used does not necessarily have to satisfy all four
criteria to qualify as an instance of "fair use". Rather, "fair use" is
determined by the overall extent to which the cited work does or does not
substantially satisfy the criteria in their totality. If you wish to use
copyrighted material for purposes of your own that go beyond 'fair use,' you
must obtain permission from the copyright owner. For more information go to:
http://www.law.cornell.edu/uscode/17/107.shtml
THIS DOCUMENT MAY CONTAIN COPYRIGHTED MATERIAL. COPYING AND DISSEMINATION IS
PROHIBITED WITHOUT PERMISSION OF THE COPYRIGHT OWNERS.
--
Thanks for being part of "PoliticalForum" at Google Groups.
For options & help see http://groups.google.com/group/PoliticalForum
* Visit our other community at http://www.PoliticalForum.com/
* It's active and moderated. Register and vote in our polls.
* Read the latest breaking news, and more.
No comments:
Post a Comment