back to article Beer rating app reveals homes and identities of spies and military bods, warns Bellingcat

A beer and pub-rating app built off the back of Foursquare’s location-tracking API poses a risk to the security of military and intelligence personnel, according to legendary OSINT website Bellingcat. Untappd 'has over eight million mostly European and North American users, and its features allow researchers to uncover …

  1. BebopWeBop Silver badge
    Holmes

    Loose lips cost lives

    1. Pascal Monett Silver badge

      And that is now 70 years old . . .

      1. Maximum Delfango
        Pint

        Even worse...

        ...is that it reveals beer drinkers. Because I am a man of wealth and taste I now sup on a mixture of hand sanitiser, antifreeze and a dash of battery acid for “bite”. I have long since left beer behind, as have all gentlemen isolators.

        (Does anyone know of a good cure for severe mouth ulcers? Would beer work?)

        1. Raymond Berenger

          Re: Even worse...

          You must have kept that Blue Nun an awfully long time. It's probably corked.

          The cure for drinking inferior German Riesling is not to drink inferior German Riesling.

          Sick to the Trockenbeerenauslese. (This commercial comes to you from the German Viticulture Bruderschaft.)

        2. don't you hate it when you lose your account Bronze badge

          Re: Even worse...

          hydroxychloroquine

        3. Tom 7 Silver badge

          Re: Even worse...

          As a gentleman isolator I've returned to my old hobby of homebrewing. Seem to be getting it right and the supply normally lasts a few days whereas sending the misses out for battery acid and hand sanitizer normally comes up with just battery acid and my cooking covers that area of taste.

    2. Anonymous Coward
      Anonymous Coward

      Loose lips sink ships.

      Loose tweets destroy fleets. (Or so advised our local military installation.)

      1. Jedit Silver badge
        Pint

        "Loose lips sink ships"

        Or in this case, sink pints.

        This happens so often that I wonder if no intelligence agency in the world actually trains its operators in basic social media security.

    3. Maximum Delfango
      Paris Hilton

      Loose lips cost lives

      Paris... Because...

    4. Tom 7 Silver badge

      Loose lips seem to go " Waffle Spaff Waffle"

    5. tip pc Silver badge

      Loose lips cost lives

      thats not clear

  2. Mage Silver badge
    Devil

    For any one in a sensitive job.

    I'd say about social media:

    1: Never post photos of self, family or friends. Use email or a private channel to share to family.

    2: Never use your real name.

    3: Never talk about where you live any more detailed than a county or city.

    Unless you are famous and attention seeking, or selling on SM.

    Best to avoid it altogether. There was a similar issue with an app that used fitbit or some other fitness tracker.

    Why is Google allowed to buy fitbit?

    1. robidy Silver badge
      Coat

      Re: For any one in a sensitive job.

      Happens all the time, didn't strava identify some secret bases...well they were secret...millitary intelligence as an oxymoron is alive and kicking.

      1. JDC

        Re: For any one in a sensitive job.

        IIRC the bases themselves weren't secret, but Strava was showing the details inside them on its heat map - lots of runners uploading their runs was showing the location of base roads etc.

        1. robidy Silver badge

          Re: For any one in a sensitive job.

          I believe a number of forward positions in "conflicts" were supposed to be secret.

    2. Anonymous Coward
      Anonymous Coward

      Re: For any one in a sensitive job.

      Having an obscure name also helps as it turns out. You have to go 6 pages deep in Google before I turn up, linked to my github ironically (which is mostly empty).

      Everything else is mostly looked down, save for the odd YouTube comment (though I have been quoted on one now over tea which amuses me no end) but it's always kept nice and short save for mild interaction and never for spite.

      It always surprises me that so many people don't mind not using a pseudonym (though I know a few who intentional change name spellings for professional reasons which works for them).

      Anon.

      1. Korev Silver badge
        Boffin

        Re: For any one in a sensitive job.

        I'm the other way around... There are three with my name on the planet and this one hits the top of Google.

        It's useful when I do sciencey stuff as if you put my surname and initial into pubmed I'm the only one.

        1. Anonymous Coward
          Anonymous Coward

          Re: For any one in a sensitive job.

          Is that you Donald Korev Trump?

          1. Korev Silver badge

            Re: For any one in a sensitive job.

            >Is that you Donald Korev Trump?

            Yes and it's going to be YUGE!

        2. Anonymous Coward
          Anonymous Coward

          Re: For any one in a sensitive job.

          There's ~2,500 people in the world with my surname - for my first name, as far as I can find there's about 12 give or take. Of those, there's only 4 in the UK. The rest are in Canada (If I included my middle name, then it's just me, my daughters even more so).

          Also means that even though I work for a company with 100K+ people on the books with company email addresses, I'm the only one with my surname in the whole company. I'm just aware that we leave trails behind and have taken steps over the years to keep my head down.

          1. Anonymous Coward
            Anonymous Coward

            Re: For any one in a sensitive job.

            Whilst I had 3 people at my school (600 people) with the same first name and last name. Sometimes it pays to be Welsh (who am I kidding, it always pays to be Welsh)

            1. Anonymous Coward
              Anonymous Coward

              Re: For any one in a sensitive job.

              There are 5 living people just in my extended family with the same first name and surname, but with different middle names. I share the same nickname (based off middle name) and last name (but no relation) with a road building company manager targeted by ecoterrorists.

              It was always fun, as a kid, to have a telemarketer call our house and ask for <firstname lastname>. It was clear they wanted my dad, but he would hand the phone to one of us kids (like a 5-year-old) with the same name...

              1. Anonymous Coward
                Anonymous Coward

                Re: For any one in a sensitive job.

                On my mother's side of the family there a large numbers of Hughs an Rogers. in one generation the first son is Hugh, and the second is Roger. In then next it swaps about. Many of the women are Constance

            2. Cave-Homme

              Re: For any one in a sensitive job.

              “ Sometimes it pays to be Welsh (who am I kidding, it always pays to be Welsh) “

              It’s not unusual, Tom.

          2. Version 1.0 Silver badge
            Angel

            Re: For any one in a sensitive job.

            My family name is a common word, as a result when Facebook first appeared and I tried to sign up multiple times I was rejected each time and then received a message from them saying that I would be prosecuted if I didn't stop attempting to log in with a fake name (my real name).

            As a result I completely abandoned any attempt to create a social media profile anywhere - I'm so happy these days that I don't exist in the social media world!

            1. This post has been deleted by its author

        3. JimboSmith Silver badge

          Re: For any one in a sensitive job.

          A mate of mine has a slightly obscure name and there's somebody with exactly the same name in Canada. He doesn't come up in Google searches (which he much prefers) just this other bloke. He applied for a job and at the interview they said they didn't understand why he didn't look like the person they'd Googled. He said he had't got any internet presence and they were looking at some Canadian bloke instead.

      2. Maximum Delfango

        Re: For any one in a sensitive job.

        Not true. I googled “anonymous coward”. Literally millions of hits - and you do get around don’t you? You seem to be everywhere.

      3. Uncle Slacky Silver badge

        Re: For any one in a sensitive job.

        Or equally, having a very common name helps you to be lost in the virtual crowd.

    3. LucreLout Silver badge

      Re: For any one in a sensitive job.

      For any one in a sensitive job.

      I'd say about social media:

      1) Never use it, any of it, ever.

      FTFY.

  3. DavCrav Silver badge

    "Joe B. (bloggs123)"

    Simpsons already did it.

    "For privacy's sake let's call her Lisa S... No, that's too obvious, let's say L. Simpson."

  4. Pascal Monett Silver badge

    "this particular one used his surname as part of his username"

    It is truly astounding to realize that people who should be intelligent enough to know better still sell their lives to any app that tickles their funny bone.

    I really would like to read a psychiatrist's study on this apparently innate need to sell one's personal life in order to give one's opinion on something.

    1. Glen 1 Silver badge

      Re: "this particular one used his surname as part of his username"

      "YOU CAN'T ARREST ME!! I'M A SPY!!"

      The Tale of Michael Bettaney

    2. NATTtrash Bronze badge
      Trollface

      Re: "this particular one used his surname as part of his username"

      I would really like to read something about the beers they rated. All this social media stuff. Makes mouth go dry.

    3. SW10
      Joke

      Re: "this particular one used his surname as part of his username"

      How do we know that it wasn’t Able Seaman Jones masquerading as Rear Admiral Bloggs just for a laugh?

      1. Anonymous Coward
        Anonymous Coward

        Re: "this particular one used his surname as part of his username"

        No I am Rear Admiral Bloggs

      2. Mike 16 Silver badge

        Re: Able Seaman Jones masquerading

        Been there, done that. I suspect that corp VP still has no idea how he got on so many mailing lists for Porn (on VHS, it was a while ago)

  5. Anonymous Coward
    Anonymous Coward

    Anyone in a sensitive job: do not use social media

    If you need to be told this then you shouldn't have a sensitive job.

    1. Yet Another Anonymous coward Silver badge

      Re: Anyone in a sensitive job: do not use social media

      But how do you get the lucrative consulting contracts if LinkedIn doesn't know you are in charge of paperclip procurement for the MMB?

    2. robidy Silver badge

      Re: Anyone in a sensitive job: do not use social media

      First rule of fight club.

    3. Kane Silver badge
      Big Brother

      Re: Anyone in a sensitive job: do not use social media

      Anyone in a sensitive job: do not use social media

    4. Tom 7 Silver badge

      Re: Anyone in a sensitive job: do not use social media

      I'd be suspicious of why you didnt use it and immediately set loose some autonomous drones to track you and find out everything about you!

      1. LucreLout Silver badge
        Joke

        Re: Anyone in a sensitive job: do not use social media

        I'd be suspicious of why you didnt use it and immediately set loose some autonomous drones to track you and find out everything about you!

        FFS. Talk about overkill. Just ask your wife. -------------->

  6. Anonymous Coward
    Anonymous Coward

    and then there is this????

    https://snoop.app/

    All that lovely data about you and your family in one place just right to be hacked. Save you money? Maybe but I don't want the hackers to get my data.

    Don't even get me started on the [redacted] stupid choice of name. This is a clear magnet for the identity thieves.

    1. Hans Neeson-Bumpsadese Silver badge

      Re: and then there is this????

      I just had a look at their website, and can't make up my mind if it's a badly named real thing, or some sort of parody/spoof.

  7. Mike 137 Silver badge

    The wicked and the fools ...

    The wicked and the fools both go to hell but the fools get there first.

    1. Tom 7 Silver badge

      Re: The wicked and the fools ...

      And everyone else realises we're already there.

  8. Brad Ackerman
    Holmes

    Not using social media at all might be an even more blatant indicator than putting too much information on it.

    1. Raymond Berenger

      How is anybody going to know? There are more social media than Twitbook and Facer. This being one of them.

    2. Mike 16 Silver badge

      Not using social media at all

      I (dimly) recall when a certain U.S. State mandated that nobody be allowed to block caller-id, with the exception of undercover police officers. I hope that idea went away, along with the idea of slapping a Police Lot parking sticker on Crockett's Ferrari Daytona replica.

  9. Anonymous Coward
    Anonymous Coward

    FB location

    Totally unecessary. I turned it off when I picked my phone up one day and it said "Check in to [Redacted]?" which was a bit of a lesson I needed.

    1. Cynic_999 Silver badge

      Re: FB location

      The fact that you do not allow an application to access location information may give you a false sense of security. Any photo you take with your phone usually contains location in its exif data (the camera probably has access to location info even if the app you are using it from does not). So if you upload a photo (as the beer application wants you to do), your location as well as date & time can be easily retrieved from the photo.

      Obviously you *could* delete exif data or change it on an image of a tropical beach to set the location in the artic circle, but few people do so.

      1. Anonymous Coward
        Anonymous Coward

        Re: FB location

        Photography at [redacted] not particularly welcome :-) But of course, I realised that the recepits that I email, unencrypted, to the company's expense portal probaly contained the geotag (and even if they didn't, they've usually got the addresses of the hotels, bars and restaurants on!)

    2. bombastic bob Silver badge
      Unhappy

      Re: FB location

      And "or log in with Facebook" in their application or on their web site is ANOTHER red flag... [it's one of the big ways that FB uses to track you]. Of course, if you DO have the FB 'previously logged on' cookies and ALSO see the FB icon or the "or log in with Facebook" option, chances are they ALREADY tracked you there and just want you to confirm you actually WANTED them to.

  10. tiggity Silver badge

    Same for most social media style apps

    If you are in a sensitive job don't use social media.

    Even posting photos, without lat / long metadata is not safe, as possible to still find the location by comparing against other images and chance of some of those having location data (or even getting real people to ID the location for you using localish knowledge)

    On a more prosaic note, never mind foreign spy agencies finding military personnel, anyone at risk from burglars figuring out local targets & jumping for joy when a social media post reveals they are on holiday away from their home address

    1. Anonymous Coward
      Anonymous Coward

      Re: Same for most social media style apps

      Ohh yes. Friends and family appearing on (wife's) F-book with "Here I am on the beach at Benidorm. Tomorrow we're off to the [nearby location]. Just two more days and we'll be home in [North London Borough]"

      1. EnviableOne Silver badge

        Re: Same for most social media style apps

        Passing info to Spanish Carjackers, North London Burglary Rings et. all, based on the content of the photo and estimate of net worth....

    2. Uncle Slacky Silver badge
      Thumb Up

      Re: Same for most social media style apps

      > anyone at risk from burglars figuring out local targets & jumping for joy when a social media post reveals they are on holiday away from their home address

      Someone already automated this: http://pleaserobme.com/

  11. osakajin

    This is all academic now we are all about to be forced to use "contact tracing" apps.

    1. Cave-Homme

      Indeed. Orwell will be turning in his grave now as he sees his work of fiction become a training manual for the totalitarians.

  12. Anonymous Coward
    Anonymous Coward

    Sorry, I don't believe it.

    A pub close to the Atomic Weapons Establishment? That must be an interesting definition of "close". The closest pub according to Google maps is a mile away, the closest pub that sells beer worth drinking over two miles away.

    1. NotArghGeeCee

      Optional

      Close enough for Government work

    2. Jellied Eel Silver badge

      Re: Sorry, I don't believe it.

      The closest pub according to Google maps is a mile away, the closest pub that sells beer worth drinking over two miles away.

      That's why this app is so dangerous. For 70 years, it's cover had remained intact as a sensitive government research facility, complete with high security to keep the rabble out. Reality is the 'A' has always stood for 'Alcohol', at least since it's establishment 1/4/1950.. Which also shows the bit of HMG responsible for it had a sense of humor, along with a very large drinks budget.

      1. onemark03

        Sensitive Jobs

        Frankly I'm surprised that the entire armed forces simply don't make it a disciplinary offence for serving members in sensitive positions to use social media - or at the very least somehow censor contributions before publication.

        Such an offence should also apply to relevant civilian employees.

        Failure to comply would be subject to severe penalties.

        Disclaimer: I have never served, so happily stand to be corrected.

        1. robidy Silver badge
          Coffee/keyboard

          Re: Sensitive Jobs

          I'm not sure you've thought this through...just look at prohibition it doesn't stop service personnel using drugs even with the risk of being discharged.

          Better education would do so much better than a ban.

    3. The Basis of everything is...

      Re: Sorry, I don't believe it.

      Isn't a mile close enough for anything to do with atomic weaponry?

  13. Anonymous Coward
    Anonymous Coward

    need for tech?

    in all the 'work' done, pubs chosen were close to publicly known establishments.....so why even bother with the tech? you could just visit those places

    directly. you've just got an armchair version of the same sort of thing by using an App. another rule: don't 'Tap in' when actually drinking - unless you really want to be a target. delay the recording until you are somewhere else.

    1. Lotaresco Silver badge

      Re: need for tech?

      I would guess that most spies already know which pubs to hang around. I'd also guess even relatively inept "Four Lions" style wannabee terrorists could work out the same. it doesn't take long in London to work out which pubs are which or to overhear drunk people getting a bit loud about what they do.

      1. TimMaher Bronze badge
        Thumb Up

        Re: need for tech?

        Plus you get to spend time in a pub and you can charge it all to your department/handler.

  14. Anonymous Coward
    Anonymous Coward

    so much to say...

    suffice with...... I hope the department that cleans things up is looking at every post on Mumsnet

  15. Mr Dogshit
    Pint

    We've reached peak fuckwit

    when you have to have an app to drink beer

    1. [email protected] Silver badge
      Pint

      Re: We've reached peak fuckwit

      You don't need the app to drink the beer - it's so you can rate the beer after you have drunk it and, if you wish, rate the establishment serving it too.

      Peak fuckwittery would be using it to rate American laqer in the mistaken belief that that is beer...

      1. Tom 7 Silver badge

        Re: We've reached peak fuckwit

        Sounds like the sort of app that pub landlords can use to totally denigrate fellow landlords establishments and sados who've been chucked out to do the same. Have you never read an Amazon review. I would give it the same respect a government speech - zilch. Sod proxy drinking - I didnt spend 50 hours tearing up my car with my fingernails while my daughter( who has no interest in drinking learnt to drive) not to actually visit places if they let me out, My favourite establishment serves beer that tastes like piss occasionally but when its good (and it can be very very good) I'm not likely to let others know about it.

    2. Lotaresco Silver badge

      Re: We've reached peak fuckwit

      These days such an app is just an instrument of torture. A reminder of where you used to be able to go for a pint three months ago.

    3. I ain't Spartacus Gold badge

      Re: We've reached peak fuckwit

      We were approached on the street in Barcelona, must be 15 years ago now, by what turned out to be a perfectly legit company that organise your drinking for you. Bascially any large party of tourists will be assigned a person in a yellow t-shirt, whose job is to take you to the best bars (well the ones that hand the company the best kickbacks anyway) - and to talk to you in whatever language you can cope with and organise ordering your drinks for you.

      As I said at the time, the day I can't organise my own trip to the pub* is the day I'll ask someone to put me out of my misery. It's not like it's hard. I mean even if you can't manage a couple of very basic local words (please, thankyou, bill and names of drinks / food items) - there's always pointing. A smile and an effort, plus a willingness to look a bit silly will get you what you want. After all, they know you've gone there to drink, and they have the stuff they sell on display. So pointing and waving money will usually get you what you want.

      The skill is knowing what places not to go into, and there are usually pretty clear visual clues. But that is a reason to check reviews of places, if you're not local and have nobody to recommend decent places to you.

      *"Organised fun" is a horrible contradiction in terms. Hiring a party organiser is perfectly acceptable if you're doing PR for a sales event or I suppose if you're rich and have a huge family wedding or something. But needing a party organiser to go to the pub is a terrible indictment of your social skills.

      1. Tom 7 Silver badge

        Re: We've reached peak fuckwit

        Barcelona also has a cathedral of beer or something. I've been there but I cant seem to recall the name for some reason. But beer is different there than here in the UK. Craft beer places seem to have mediocre tapas - possibly because its easier to sommelier for a more limited and expected taste range.

        Mind you I had a 'sour' in the Nags Head in Reading not long ago and I doubt there's is a food in the world that would complement that.

        1. Tom 7 Silver badge

          Re: We've reached peak fuckwit

          I've not tried that surmstrum (??) rotted fish thing from seriously oop north so It may complement that sour but even if it doesn't it seems to have a similar effect.

  16. Andy Landy

    go to the pub?

    "Untappd’s concept of operations is simple. You go to the pub and drink beer."

    i wish :(

  17. Anonymous Coward
    Anonymous Coward

    Can we please not discourage them?

    Spies are a menace to society. Let's publish all their names and addresses. And not just ours, let's use these tools to track down and publicize the names and addresses of the Russians and Israelis too.

    While we're at it, let's go even harder after the secret police. Every cop's name, address, picture, and license plates should be plastered all over the web.

    1. druck Silver badge
      Facepalm

      Says an AC.

  18. eionmac

    Years ago , got a hotel bill for many thousands for a seven day stay in a Middle East place. With a number of uncommon forenames but a common surname, it turned out I had an identically named UK 'Official' in same hotel organising a trade conference. Umm, found we were distantly related, but four identical forenames is unusual as two of them are not English names.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020