Fitbit, Fun, Forensics, and Foes

by | Aug 8, 2018 | Uncategorized | 0 comments

Fitbit, Fun, Forensics, and Foes

by Steve Burgess, 2018

Have you tracked your 10,000 steps today? Has anyone else tracked them?

Fitness trackers are big business, helping people get and stay fit, and helping them share their progress with friends – and sometimes with strangers.

Probably the most well-known of these devices (and apps) are the FitBit and apps paired with the Apple Watch, but also include the Moov Now, Samsung Gear Fit, Huawei Band, Tom Tom Spark, and about 350 others. The ability to map your movements is one of the more fun and attractive features about these devices.

Stephen Lund is a cyclist and artist/GPS-doodler. He creates images by using a fitness tracker to map his movements on a bicycle. Here’s one of my favorites:

GPS doodle stegosaurus

He gives a TEDx Talk about how this has helped him achieve fitness by combining rides with the fun of making these creations.

FitBit data helps to catch a potential murderer.

Fitness trackers in less light-hearted circumstances can provide evidence in the most serious of cases. At the end of 2015, Richard Dabate told Connecticut law enforcement a tale of a break-in where the robber killed his wife while he was fighting the intruder off. The problem was that subpoenaed records of her FitBit showed her active an hour after the murder was said to have taken place, and that she walked ten times further then what would have taken her into the now-fictional perp’s view. Along with other computer, FaceBook, and cellphone evidence, and the fact that Dabate had a pregnant girlfriend he was arrested for the crime. As of this writing, Mr. Dabate is still free on a million dollars bail.

FitBit data helps an innocent man go free

In May of 2016, Nicole Vander Heyder went out on the town in Green Bay, Wisconsin, but never came home. Her bloodied and naked body was found in a farm field nearby. Signs at first pointed to her boyfriend, Doug Detrie, who was arrested but nonetheless seemed shocked at the news and protested his innocence. Detrie was held on a million-dollar bond, but the apparent evidence (blood in the car, in the garage, and a suspicious spot on the sole of his shoe) didn’t hold up (blood in the car wasn’t the victim’s, blood in the garage wasn’t a human’s, and the suspicious spot wasn’t blood) so he was released. Data from Doug’s FitBit showed that he took only about a dozen steps during the time frame in which Nicole died.

DNA evidence from Nicole’s clothes pointed at another man altogether, George Burch. Burch’s Android phone had Google Dashboard data associated with his Gmail account that showed GPS location data leading right to Nicole’s house. Eventually, he was charged, found guilty of first degree murder, and sentenced to life in prison where he still insists he’s innocent.

FitBit data used to try to find a missing person

In July of 2018, Iowa student, Mollie Tibbett went for a jog and hasn’t been seen since. Police have received her FitBit data in an attempt to locate her but haven’t released what they found in that data to the public. It appears that the geolocation information therein wasn’t enough to find her. Additional data from her cell phone and social media accounts has been sifted for clues, but as of August 6, 2018, there are no reports of her being found, although there appear to be people of interest. Hopefully location data from her FitBit will eventually help lead investigators to her current location.

FitBit data banned by the military

You may have heard news stories of late that the Army has expressed concern about military movements and security being compromised by data from fitness trackers and devices like the Apple Watch. A military official was quoted as saying, “The moment a soldier puts on a device that can record high-definition audio and video, take photos, and process and transmit data, it’s very possible for him or her to be tracked or to reveal military secrets … The use of wearables with Internet access, location information, and voice-calling functions should be considered a violation of national security regulations when used by military personnel.” But did you know that this news was from May 2015? And did you know it was a Chinese military official in the Chinese Army newspaper, the Liberation Army Daily?

That’s right, some foreign governments have been banning such devices for years now.

FitBit geolocation data banned by the US Military

In 2013, the DOD distributed 2,500 FitBits to military personnel; in 2015 the Navy planned to run a pilot program to help the enlisted and their superiors keep track of fitness goals, and “allow Army leaders to track their Soldiers’ fitness in real time.”

Aside from military members, Fitbit has a user base of over 10 million people. The information is viewable online, on a mobile device, or through the desktop application. Fitbit logs movement and allows users to log other health information in the app. Fitbit then uses this information to display progress over time.

The manager of a companion app, called Strava, helps to map and display maps of subscribers’ movement using FitBit and other fitness tracking devices. In November 2017, Strava released their Global Heat Map of 3 trillion individual global GPS data points uploaded from the previous two years. Zooming in on the maps, as Australian security student Nathan Ruser did, revealed favored trails used in previously undisclosed bases by military fitness buffs. Below are trails around and in Mogadishu that could have provided potential targets of locations frequented by military personnel for Somalian dissidents.

blank

Mogadishu fitness heatmap

As one might imagine, the Army on August 7, 2018 banned use of geolocation features in iPhones, Apple Watch, FitBit and other fitness trackers with the following directive: “Effectively immediately, Defense Department personnel are prohibited from using geolocation features and functionality on government and non-government-issued devices, applications, and services while in locations designated as operational areas.” It hasn’t banned the use or possession of the devices altogether.

The (FitBit) Law of Unintended Consequences

There are three types of unintended consequences (according to Wikipedia)
An Unexpected benefit: A positive unexpected benefit – such as an accused murderer going free and shown to be innocent of charges due to his FitBit. Rather than showing the accomplishment of an athletic endeavor it instead showed inaction when the crime would have required much movement, as with Doug Detrie and Nicole Vander Heyder.
An Unexpected drawback: An unexpected detriment occurring in addition to the desired effect of the policy, such as a FitBit showing a purported victim of a crime instead being the perpetrator as with Richard Dabate and his wife.
A Perverse result: A perverse effect contrary to what was originally intended, as when military personnel using a FitBit to keep track of their fitness progress reveal themselves as potential targets to an adversary.
With any luck, none of these occasions will fall into lives of any of my readers.

Keep fit, keep track, but be aware that you may be revealing more than you intend to.

Related Posts

CSI Cases from Burgess Forensics #69 A Case of Hiphop Beef

The Stories are true; the names and places have been changed to protect the potentially guilty. It was almost closing time on Friday and my thoughts were turning to Barbequeing some of that mouth-watering Santa Maria tri-tip while my nose was turned to the scent of...

Email as a signed contract vs. fraudulent emails

Email as a signed contract vs. fraudulent emails We all send and receive email, but did you know that what you say in an email can be interpreted as a legal contract? And that sometimes, emails are fraudulent? Both are true. The Statute of Frauds Although email didn’t...

El Salvador Adopts BitCoin

El Salvador Adopts BitCoin copyright Steve Burgess, 2021 El Salvador just passed a law to make BitCoin (BTC) legal tender and is the first country to do so. It did something similar back in 2001, when it made the US Dollar the official currency, replacing the...

Keeping Your Bitcoin Safe

BitCoin. Everybody wants some. But what’s the best way to keep it safe once you’ve got it? And how to get it? First things first – you get BitCoin (and Etherium, and DogeCoin) from a cryptocurrency exchange, like you would from a “regular” currency exchange to turn...

Cyberbullying and Covid-19: 2021 Update

California defines a cyberbully as anyone who sends any online communication to deliberately frighten, embarrass, harass, or otherwise target another. The Cyberbullying Research Center defines it as “willful and repeated harm inflicted through the use of computers,...

Cybersecurity & Covid-19: Vulnerability and What to Do About It

Cybersecurity & Covid-19: Vulnerability and What to Do About It Steve Burgess, 2020 As if we didn’t have enough to worry about. With so many of us working from home (close to 90% of American corporations are encouraging or requiring employees to do so) and having...

Indian Summer Lovin’ – Tech Tips For a Warm Autumn

by Natalie Miller, 2019 With Indian Summer temperatures rising, here are some tips to help you make sure your devices are ready to conquer these warm days of Fall like you are. Check Those Pockets! Taking a dip in the pool, going for a paddle in a kayak, and jumping...

Electronic Waste and Recycling – What Your Old Devices Can Say About You

by Natalie Miller, 2019 With new models of phones and computers being released every year, wanting the latest and greatest is never a bad thing, but what about your old devices? The truth is that old devices can still hold all of the data you put on them or that they...

The Case of The Client Who Wanted … to be Wanted

The Case of The Client Who Wanted … to be Wanted copyright Steve Burgess, 2018 It was nearly Christmas, but the morning sun was pouring in through the windows of my Central Coast office, casting shoe-shaped shadows on the West side of my desk. Perhaps I should have...

Burgess Forensics Newsletter Vol. 5 Issue 1: FitBit Fun Forensics & Foes 08.08.2018

  Fitbit, Fun, Forensics, and Foes Have you tracked your 10,000 steps today? Has anyone else tracked them? Fitness trackers are big business, helping people get and stay fit, and helping them share their progress with friends – and sometimes with strangers. The...

Pin It on Pinterest

Share This