US troops + wearables = global OPSEC fail; Expect a 2019 budget request of $716B; US tells Turkey: we’re staying put; Waves of violence in Afghanistan; and just a bit more...

An unprecedented OPSEC fail appears to highlight U.S. troops in sensitive locations across the globe. The fail comes from a batch of GPS data that was released in November, but was only linked to remote base locations after an Australian student put two and two together on Saturday.

Credit where it’s due: Nathan Ruser is the man behind the findings, made public by the GPS tracking company Strava, the Washington Post reports.

What’s inside the data: 3 trillion GPS points from their users assembled in 10 terabytes of raw data covering 17 billion miles of running across 5 percent of the earth’s surface, according to Strava.   
What’s more: “You can also trivially scrape segments [of the data], to get a list of people who travelled a route, and trivially obtain a list of users,” one observer discovered.

How it links to military users: “The [Strava] app can be used on various devices including smartphones and fitness trackers like Fitbit to see popular running routes in major cities, or spot individuals in more remote areas who have unusual exercise patterns,” The Guardian reports.

How it shouldn’t link to military users: If those users simply turned off location sharing — as Strava reminded folks when it shared a link to its July 2017 privacy notice, here. Turning off sharing like that is often too easy, notes U.S. Army officer Crispin Burke writing on Twitter, “This should go for every app. Always check the privacy/geotag settings.”  

A few things analysts and hobbyists have culled from the data: Taiwan’s missile command center, possible specific locations of Russian troops within an airbase Syria, similar possibilities for U.S. troops across Africa, Patriot systems in Yemen, oddities in the South China Sea, activity near the front lines in Ukraine, at Groom Lake (aka Area 51), mysterious paths seemingly beneath the ground near the HQs for the U.S. Office of the Director of National Intelligence, curious locations around Camp Peary, Va. The list goes on. And on.

Quote of the day: “If you think I am being alarmist, you should see the things we aren't putting online,” said Arms Control Wonk, Jeffrey Lewis — who wrote up the section on Taiwan mentioned above.

So, what now? Aside from lots of probable new security briefings, here’s one prediction: “[F]lummoxed by technology, the Department of Defense overreacts, banning all wearables (and maybe smartphones too) OCONUS for foreseeable future,” tweeted CNAS’s Phillip Carter.

Said the U.S.-led coalition to the Washington Post: “The rapid development of new and innovative information technologies enhances the quality of our lives but also poses potential challenges to operational security and force protection… The Coalition is in the process of implementing refined guidance on privacy settings for wireless technologies and applications, and such technologies are forbidden at certain Coalition sites and during certain activities.” Read on, here.


From Defense One

Shrugging Toward Doomsday // The Atlantic’s Robinson Meyer: Experts warn that the world is now as dangerous as it was at the height of the Cold War. Many Americans already know it.

Chelsea Manning's Campaign Website is Based in Iceland. Why? // Patrick Tucker: For one thing, it's harder for U.S. law enforcement to search. That may matter to the Wikileaks contributor-turned-U.S. Senate candidate.

US General to Turkey: We're Not Pulling Back // Kevin Baron: General Votel said the US supports its NATO ally's concerns but won't abandon the coalition of Syrian Democratic Forces fighting ISIS on the world's behalf.

Podcast: The War in Yemen and the Making of a Chaos State // Ben Watson

More than 1,000 days of fighting have turned Yemen into one of the most dangerous places on the planet. Aid workers, journalists, and experts explain little-appreciated realities about the war, and how — just maybe — to help turn things around.

DHS Cyber Info Sharing Tool to Get a Reboot This Year // Nextgov’s Joseph Marks: The goal is for organizations to use the tool to automatically block cyber threats.

How the Saudis Drag the US into Perpetual War in the Mideast // Danny Sjursen, an Army veteran an fellow at Defense Priorities: With ISIS essentially gone from Syria, it's time to bug out, no matter what the Kingdom thinks.

Welcome to this Monday edition of The D Brief by Ben Watson and Bradley Peniston. Email us. And if you find this useful, consider forwarding it to a friend or colleague. They can subscribe here for free.


White House wants $716 billion budget for Pentagon in 2019, reports the Washington Post, quoting unnamed U.S. officials. That figure would seem to include the base budget, the OCO fund formerly known as the “emergency supplemental,” and Department of Energy spending on nuclear weapons, as the Post writes that it “would cover the Pentagon’s annual budget as well as spending on ongoing wars and the maintenance of the U.S. nuclear arsenal,” and calculates that it would represent a 7 percent bump over the 2018 budget request.
Caveat #1: Congress has (famously) not yet passed a 2018 budget.
Caveat #2: Like the 2018 budget request, the (reported) 2019 figure is many billions of dollars over the legal  caps installed in 2011.
The actual budget request is expected to go to Congress next month. In the meantime, here’s from the Post: “Pentagon officials said the 2019 budget would focus on modernizing the military’s aging weapons systems and preparing it for a potential conflict with major world powers after a long emphasis on counterterrorism and insurgencies in Iraq and Afghanistan. [Defense Secretary James] Mattis faced some resistance from White House officials, such as [Office of Management and the Budget leader Mike] Mulvaney, who worried that the deficit would explode with a large increase in military spending, combined with Republican tax cuts.” Read on, here.

Afghans are turning on their government after two waves of violence hit the capital this weekend, The Wall Street Journal reports.  
The first attack hit the capital of Kabul on Saturday when an ambulance packed with explosives detonated on a crowded street, killing 103 and wounding another 235, CNN reports. The Taliban claimed responsibility for that one, almost exactly a week after a bloody siege of the Intercontinental Hotel, where 18 civilians were killed after a 12-hour standoff with four Haqqani-linked Taliban attackers.
The second attack hit Kabul this morning around 4 a.m. local time, when an ISIS suicide bomber blew up and triggered a gun battle with “an Afghan army unit guarding a military academy...killing at least 11 soldiers and wounding 16,” CBS News reports. “At least five insurgents were involved in the morning assault, according to Waziri. Two of the attackers were killed in the gunbattle, two detonated their suicide vests and one was arrested by the troops and handed over to intelligence agents.”

Ill-prepared for the ‘Stan? A new brigade of U.S. troops headed to Afghanistan are leaving despite “their training [having] been cut short by months, and units are still short-staffed,” The New York Times’ Thomas Gibbons-Neff reported Friday.
Replied Strategy Bridge Associated Editor B.A. Friedman: “Someone in the chain of command needs to cancel this deployment. These troops are unprepared and it's going to get someone killed.”

Maybe this will save the Afghan war: Kabul’s pilots are now dropping laser-guided bombs, Air Force Times reports. It’s being heralded as a “new first” as A-29 Super Tucano light-attack aircraft began firing off GBU-58s during training in early January.

The Turks and their Syrian rebels continue their march into Kurdish-held Afrin, Syria, the Associated Press reports from Kilis, Turkey. Where the battle seems to be concentrated: On "a strategic hill [known as Bursayah]... which separates the Kurdish-held enclave of Afrin from the Turkey-controlled town of Azaz."
The latest: "The Turkish military said in a statement that its soldiers and allied Syrian opposition fighters captured Bursayah hill assisted by airstrikes, attack helicopters, armed drones and howitzers."
Casualty count: The Britain-based Syrian Observatory for Human Rights "said at least 51 civilians, including 17 children, were killed in the offensive on Sunday, including eight people from the same family. It said 66 YPG fighters and 69 Turkey-backed Syrian fighters were also killed. Turkey says five of its soldiers and 16 allied fighters were killed in the fighting."
One more thing: "The YPG said one of its female fighters blew herself up, destroying a Turkish tank in southwestern Afrin." More on that attack (which may be more of a seriously brave move from the YPG — she reportedly climbed atop a tank and dropped a grenade down in, perishing in the encounter), via the NYTs, here.

Dispatch from Afrin. The first Western reporter to visit Afrin finds “the true victims of Turkey's invasion of northern Syria” are in fact — surprise, surprise — civilians. That graphic report, via The Independent’s Robert Fisk, here.

From the region: Abrams tank-maker General Dynamics suspends maintenance on Baghdad’s M1s, Kurdistan24 News reported this weekend. Why? “One of the military vehicles was provided to the Iranian-backed Hashd al-Shaabi,” which would be a violation of U.S. law.
On the flip side, GD will, however, pump $2 billion into its stateside shipyards, Defense News reports. Impetus: “The company is planning to spend about $1.7 billion at its Electric Boat yard in Connecticut as it ramps up for the next iteration of the Virginia-class attack submarines, the Block V, as well as the Columbia-class ballistic missile submarine.”

Attn: Pilots — USAF begins GPS jamming in the PacNW through mid-February, Flying.com reported late last week. The skinny: “GPS-equipped aircraft operating in the Western United States should be prepared for possible satellite signal disruptions at various altitudes. The disruptions may lead to traffic delays and even ground stops.”
A little more: This change stems from 2018’s “first iteration of the USAF's premier set of aerial war games, known commonly as Red Flag,” which takes place at Nellis Air Force Base just outside of Las Vegas, The Drive reports. “Not only is it the largest of its kind in the exercise's 42 year history, but the USAF is going to blackout GPS over the sprawling Nevada Test and Training Range to challenge aircrews and their weaponry under realistic fighting conditions.” Dive deeper, here.

Will Uncle Sam build the 5G network? Trump national security officials are considering a proposal to have the government — not America’s wireless-comms giants — build the next-generation network. Why? It’s the best way to keep tomorrow’s higher-speed cell communications safe from Chinese hackers, according to a PowerPoint deck created and briefed by “a senior National Security Council official” to “senior officials at other agencies in the Trump administration,” reports Axios.

While we were not looking: China bugged the African Union headquarters with hidden microphones and transferred server data to Beijing each night. It was five years before the mics and backdoor access were identified. Algeria has since taken charge of AU cybersecurity. That from Le Monde, here.

Today in visualizations: “Every satellite launched in last 10 years by country, size and purpose,” as documented by Axios in a terrific interactive chart. Lose yourself for a few minutes by rolling over the various dots that pop up info on the commercial and military birds orbited by nations around the globe, here.