An anonymous reader quotes an excerpt from the Wired article. In 2019, a government contractor and engineer named Mike Eagly began making the rounds in Washington, DC. He issued a blunt warning to any country's national security officials willing to listen. “The U.S. government has a Grindr problem.'' His Grindr, a popular dating and dating app, leveraged his GPS capabilities on modern smartphones to connect with potential partners in the same city, neighborhood, and even building. This app can show you in real time how far your potential partner is to your feet. But for Eagly, Grindr was something else. His was one of tens of thousands of carelessly designed mobile phone apps that leaked vast amounts of data into the opaque world of online advertisers. Eagly knew that that data could be easily accessed by anyone with a little technical know-how. So Mr. Yagley, then a technology consultant in his late 40s who had worked in and around government projects for most of his career, created a PowerPoint presentation explaining how the data posed a significant national security risk. I tried to prove exactly that.
As he explained in a series of bland government conference rooms, Mr. Eagly has a hidden but ubiquitous entry point: through the digital ad exchanges that offer small digital banner ads along the top of Grindr. We were able to access Grindr users' geolocation data. Just about every other ad-supported mobile app and website. This is made possible by a method of selling online advertising space through near-instantaneous auctions in a process called real-time bidding. These auctions were rife with surveillance possibilities. Are you aware of those ads that are following you around the internet? They track you in multiple ways. In some cases, precise location information will be available in near real-time not only to advertisers, but also to people like Mike Eagly, who specializes in acquiring proprietary datasets for government agencies.
Using Grindr data, Yeagley began creating virtual boundaries in geographic data sets by drawing geofences around buildings belonging to government agencies that perform national security operations. This allowed Mr. Eagly to know what calls were in a particular building at a particular time and where he went afterwards. He was looking for the cell phone of his Grindr user, who spends his days in a government building. For example, if a device spends most of its workday at the Pentagon, FBI headquarters, or the National Geospatial-Intelligence Agency building at Fort Belvoir, there's a good chance its owner works for one of those agencies. It is located in He then began looking into the movements of those phones through Grindr data. Where did they go when they weren't at the office? A few of them were staying close to other Grindr users, at the same time at highway rest stops in the Washington, D.C. area, sometimes on the job, and sometimes between government facilities. I was staying there while on the move. For other of his Grindr users, he was able to guess where they lived, see where they had traveled, and even guess who they were dating.
The intelligence community has a long and unfortunate history of trying to exclude LGBTQ Americans from the workforce, but this was not Eagly's intention. He didn't want anyone to get into trouble. No disciplinary action was taken against federal employees based on Mr. Eagly's presentation. His aim was to show that there are rich stories buried within the seemingly innocuous technical data transmitted by every cell phone in the world – stories that people might prefer to keep silent. At least, you can't broadcast it to the whole world. And employees in each of these intelligence and national security agencies who were recklessly, even unwittingly, broadcasting intimate details of their lives to anyone who knew where to look. It means that there was. As Yeagley showed, all that information was being sold cheaply. And it wasn't just Grindr, he was talking about other dating apps, weather apps, games, and any other app that had access to a user's precise location. Yeagley chose his Grindr because it happens to generate a particularly rich dataset, and its user base may have unique vulnerabilities. The report details how intelligence and data analysis techniques, specifically a program developed by Planet Risk called Lokomotiv, enabled the tracking of mobile devices associated with Russian President Vladimir Putin's inner circle. There is. By analyzing commercial ad tech data, including precise geolocation data collected from mobile ad bid requests, analysts are able to monitor the movements of the cell phones that frequently accompany Putin, allowing him to It was possible to show the location and movement of security personnel, aides, and support staff.
This feature highlights the potential for commercially available data surveillance, providing insight into celebrities' activities and security posture without directly compromising their personal devices.