Remember how in January the mobile fitness app Strava was found to reveal the training routes and user data of military and security personnel? It wasn’t just Strava. A joint investigation by Bellingcat and De Correspondent found that the data for users of the Polar Flow app is even more exposed: even the names and home addresses of military and intelligence personnel working at embassies, bases, intelligence agencies and other sensitive locations could be figured out from the user data. De Correspondent shows how.
Polar, the Finnish company behind the app and service, announced that they were suspending the Explore feature that made the data accessible. They also note, and it’s worth remembering, that Polar data is private by default. If you’re military or intelligence and using a fitness app, what the hell are you doing exposing your location data—especially if you’re in a sensitive location?
The report also contains one hell of a buried lede. They tested other apps, namely Strava, Endomondo and Runkeeper, and, well: “Though it’s harder to identify people and find their home addresses than it is through Polar, we were ultimately able to do so using these apps. In contrast to Polar’s app, there is no indication that people whose profiles are set to private can also be identified in these apps. We informed them of our findings last week.” In other words, this is an industry-wide problem, not just a problem with one or two services. [The Verge]
TechCrunch’s Matthew Panzarino reported last week on major changes coming to Apple Maps in iOS 12. The underlying data, which has come in for criticism since the service launched, is being redone. Rather than relying on “a patchwork of data partners,” Apple is growing its own map data.
It’s doing this by using first-party data gathered by iPhones with a privacy-first methodology and its own fleet of cars packed with sensors and cameras. The new product will launch in San Francisco and the Bay Area with the next iOS 12 beta and will cover Northern California by fall.
Every version of iOS will get the updated maps eventually, and they will be more responsive to changes in roadways and construction, more visually rich depending on the specific context they’re viewed in and feature more detailed ground cover, foliage, pools, pedestrian pathways and more.
This is nothing less than a full re-set of Maps and it’s been four years in the making, which is when Apple began to develop its new data-gathering systems. Eventually, Apple will no longer rely on third-party data to provide the basis for its maps, which has been one of its major pitfalls from the beginning.
Well worth a read if you’re interested in mobile maps: Panzarino’s article digs down into how Apple will collect and process its mapping data. how it plans to dramatically speed up changes and updates to the map, and how (it says) it’s taking privacy seriously at every step of the process.
As of iOS 12, coming later this year, CarPlay will support third-party map applications like Google Maps and Waze, Apple announced during its WWDC keynote earlier today: AppleInsider, Engadget, The Verge. Up until now the only maps available via CarPlay were Apple’s own; drivers who would rather use something else—and I know lots of them are out there—will soon have that option.
Google unveiled its future plans for Google Maps at its I/O conference yesterday. They include an augmented reality mode that combines Google’s Street View and map data with the view through your phone’s camera and “assistive and personal” features that add some artificial intelligence to recommendations and reviews. The social and recommendation features are coming this summer; no word on when or if we’ll see the AR mode. AppleInsider, Google Blog, Engadget, The Verge.
Leonia, New Jersey’s decision to close its residential streets to non-residents (previously)—an attempt to deal with the traffic being routed that way by navigation apps like Waze—has also, like the apps that created the problem in the first place, resulted in some unintended consequences. On, for example, visiting relatives and local businesses.
The David Rumsey Map Collection has a number of virtual globes, but its AR Globe app may be the most unusual way to view them. Released last December for the iPhone and iPad, it uses augmented reality to superimpose one of seven celestial or terrestrial globes from the 15th through 19th centuries. The globes can be manipulated—spun, zoomed in and out—or observed from the inside (which is a good thing with celestial globes).
To be honest I’m not sold on using augmented reality to view virtual globes. It’s one thing to use AR to superimpose IKEA furniture in your living room: that makes sense, because it helps you visualize where the furniture would go and what it would look like. But it’s hard to see the utility of plunking a virtual globe in your living room: what’s the point of adding your surroundings as a backdrop? Case in point:
It’s neat but not particularly useful, is what I’m saying.
Now seems an odd time to be launching a line of standalone, single-purpose GPS devices, but the Ordnance Survey has gone and done so: they’ve announced a total of four devices, ranging in size from the cycling-friendly Velo to the robust Aventura and in price from £370 to £500. The OS has been offering third-party devices from the likes of Garmin and Satmap through its online store; it’ll be interesting to see how people see these as measuring up against those devices—or against an app on the smartphone they may already own. More at Road.cc.
There have been numerous complaints that mobile map apps have been dumping traffic from freeways onto nearby residential streets (previously). But a team of researchers, including Berkeley’s Alexandre Bayen, have been looking at the problem from the perspective of game theory (see papers here and here). Basically, the apps operate selfishly, and lead to results for all drivers that are less good than if they had been working cooperatively. It’s an example of the Nash equilibrium. More at Boing Boing and CityLab.
We’re almost at the end of the week of Mario on Google Maps. Announced for March 10 (“MAR10” Day), the temporary feature changed the navigator arrow into Mario driving his cart. Announced for both Android and iOS, but for some reason it never turned up in Google Maps on either my iPhone or my iPad, so I didn’t rush to post. [Business Insider]
Public transit navigation now includes wheelchair accessible routes, as of yesterday: “this feature is rolling out in major metropolitan transit centers around the world, starting with London, New York, Tokyo, Mexico City, Boston, and Sydney. We’re looking forward to working with additional transit agencies in the coming months to bring more wheelchair accessible routes to Google Maps.”
Slashgear looks at the new Google Maps APIs for gaming, which, I guess, enable developers to build real-world games on top of Google Maps. Note that Pokémon Go is not built on Google Maps: I suspect this outcome means that Google has noticed that.
Artur Grabowski spent most of 2017 testing three mapping apps—Apple Maps, Google Maps and Waze—to see which app was the most accurate in terms of travel time to destination. His questions: which app estimated the shortest travel times, which app actually got him to his destination in the least amount of time, and how much did each app over- or underestimate travel times? In the end, based on 120 trips in the Bay Area, roughly 40 using each service, Artur found that Apple’s estimates were the most reliable (indeed, Apple underpromised and overdelivered), but while Waze promised the shortest travel times, those promises were usually overly optimistic; it was Google Maps that provided the shortest travel times.
Why does Apple underpromise and overdeliver, while Waze does the opposite? Artur suspects it’s because Waze needs to monetize its app with ads, and Apple doesn’t:
For Apple, Maps is a basic solution for its average user who wants a maps solution out of the box. Apple Maps does not directly drive ad or subscription revenue for Apple so there is less reason for Apple to incentivize iOS users to use Apple Maps over other solutions. However, Apple does care about user experience, and sandbagging trip time estimates so that users arrive at their destination on time results in a great user experience. Hence, I believe that Apple is intentionally conservative with estimated arrival times.
At the other extreme, Waze (Alphabet) makes money through ads when you use their app. What better way to get people to use your navigation app than by over-promising short trip times when no one takes the time to record data and realize that you under-deliver? If an unsuspecting user opens Apple Maps and sees a 34-minute route and compares that to 30 minutes in Waze, the deed is done. Now Waze has a life-long customer who doesn’t realize they’ve been hoodwinked and Waze can throw at them stupidly annoying ads.
Strava has reportedly disabled certain features in the wake of the privacy and security issues raised last month, with users reporting that they can no longer create workout segments. In a statement given to The Verge, Strava said: “We are reviewing features that were originally designed for athlete motivation and inspiration to ensure they cannot be compromised by people with bad intent.” [Canadian Cycling Magazine]
By uploading an altered GPS file, it’s possible to de-anonymise the company’s data and show exactly who was exercising inside the walls of some of the world’s most top-secret facilities. Once someone makes a data request for a specific geographic location—a nuclear weapons facility, for example—it’s possible to view the names, running speeds, running routes and heart rates of anyone who shared their fitness data within that area.
The leaderboard for an area, the Guardian reports, can be extremely revealing. “The leaderboard for one 600m stretch outside an airbase in Afghanistan, for instance, reveals the full names of more than 50 service members who were stationed there, and the date they ran that stretch. One of the runners set his personal best on 20 January this year, meaning he is almost certainly still stationed there.”
Which makes the security issue regarding military personnel using fitness trackers even worse than simply the anonymous aggregate of the routes they take. Yes, this is very much an unintended and unforseen consequence of relatively innocuous social sharing bumping up against operational and personal security protocols; and it’s as much on military personnel to, you know, not use GPS-enabled devices that upload your location to a third-party server as it is on companies to have clear and effective privacy controls. This is very much the result of a whole lot of people not thinking things through.
Strava is a mobile fitness tracking app that uses GPS data from phones and watches. It has access to a lot of data, and has been using that data to create a global heat map showing the paths taken by its cycling and running customers. The map’s most recent update, last November, aggregates user data through September 2017. But analyst Nathan Ruser noticed a problem: in places where local Strava use is low, the map can reveal the paths of people from wealthy western countries—for example, soldiers at U.S. military bases overseas, whether they’re patrolling or simply exercising. (U.S. troops are encouraged to use fitness trackers.) Which is to say, suddenly Strava is a security problem. Details at BBC News and the Washington Post.
When your navigation app (e.g. Waze) suggests an alternate route to avoid congestion, that has knock-on effects on the communities you’re routed through, particularly when a lot of traffic gets pushed onto quiet residential streets. That’s the situation in Leonia, New Jersey, the New York Times reports, where later this month the police will be closing some 60 streets to non-local traffic in hopes of routing all that Wazer traffic somewhere else. Some of the somewhere elses aren’t happy with this move, naturally. [Engadget]
Justin O’Beirne’s lengthy analyses of Google Maps and Apple Maps are always worth reading,1 and his latest is no exception. Looking at the rapid proliferation of buildings, areas of interest and other examples of Google’s Ground Truthing program, Justin discovers that Google’s buildings data are a product of its satellite imagery, its places of interest are a product of its Street View data, and its areas of interest (the orange-shaded areas that indicate business districts) are the result of combining those stores of data.
…so this makes AOIs a byproduct of byproducts[.]
This is bonkers, isn’t it?
Google is creating data out of data.
This is slightly more than Google’s competitors are able to match. As always, Justin’s analysis is worth reading in full, and comes complete with before/after animations that make his point visually clear.