Le Monde newspaper has once again exposed a critical security breach in the French Navy. By tracking a sailor's public data on Strava, it located the aircraft carrier Charles de Gaulle in real time in the Mediterranean. The naval group was heading toward the Middle East. Despite previous alerts, this vulnerability persists, showing how everyday applications can compromise strategic military operations.
The technical problem: aggregated data and geolocated metadata 🕵️
The flaw lies in the privacy settings and the nature of aggregated data. Strava generates heat maps with its users' routes. If a military member activates GPS during their exercise on board, the app records the ship's trajectory as a path. By uploading that activity to a public profile, the location and time metadata reveal the exact position and course of a unit that should maintain operational discretion.
Operation 'Fit & Found': when your PR is a national security risk 🏃♂️⚠️
It seems that the new naval doctrine includes getting the virtual medal for the best time on the flight deck. While intelligence services invest in satellites, a simple jogging log solves the location problem. Perhaps the next generation of ships will have a mandatory airplane mode, not for the phone, but for sailors too enthusiastic about their personal records.