Strava slammed for thefts

[hozn]

Or turn on full privacy mode and only approve followers you know.

Removing privacy zone should be really easy with basic math/geometry. I was gonna build a proof-of-concept app to do that, but it probably would be actually used for evil (instead of just serving as a PSA that privacy zones may not be that private). As others have noted you can find addresses from real estate records too (assuming people use real names in Strava; most do).

[Steve O]

@hozn 130312 wrote:

Removing privacy zone should be really easy with basic math/geometry.

You can always set your privacy zone centered on your annoying neighbor’s house instead of your own.

[peterw_diy]

This is particularly worrisome for Freezing Saddles since every mile counting encourages folks to start recording at home. Can BAFS get data on “private” rides? Looks like it should be able to if it requested “view_private” scope. I won’t be offended if you tell me to RTF code, and hope you aren’t offended that I haven’t investigated further. I could rationalize that you might’ve trashed the production code but truth is I’m lazy.

[hozn]

@Steve O 130316 wrote:

You can always set your privacy zone centered on your annoying neighbor’s house instead of your own.

Yeah, this is what I did before switching to full private mode. I decided exposing travel patterns to random strangers probably was also unnecessary.

[hozn]

@peterw_diy 130320 wrote:

Can BAFS get data on “private” rides? Looks like it should be able to if it requested “view_private” scope.

This may have changed (perms may have changed), but the bafs code as-is was able to read private activities last year.

[peterw_diy]

Thanks. BTW autocorrect decided on “trashed” — I tried to suggest you might have “tweaked” the production config.

[Author]

Posts