Security researchers raised eyebrows on Wednesday when they revealed that Apple’s iPhone and iPad with 3G support maintain detailed location logs that track user locations and that the data is stored on unencrypted their computer. The discovery of the not-so-hidden files has led to privacy concerns, although it doesn’t appear that Apple is collecting the location tracking data.
The location data file is stored on the user’s iPhone or 3G iPad as well as in the backup files that iTunes generates when a user syncs their device with their computer, according to Pete Warden and Alasdair Allan, the researchers that discovered the potential privacy issue. By default, the information is stored unencrypted, which means anyone with access to the user’s computer has the potential to see detailed information about where the iPhone has been, including latitude, longitude and time stamps.
Based on their research, Mr. Warden and Mr. Allan don’t think Apple is collecting any of the tracking data. Instead, it simply sits in unused files on user’s computers and iPhones.
Yow! Your iPhone is tracking exactly where you are.The iPhone is logging detailed tracking data
It appears Apple began storing location data around the time iOS 4 was released. In The Mac Observer’s tests, we found that the oldest location data recorded was from June 16, 2010, which also happens to be the same day iTunes 9.2 was released. iOS 4 rolled out a few days later on June 21. It also appears that the location tracking file appears only for GSM-based iPhones, which means Verizon iPhone users aren’t impacted by this — at least for now.
To help illustrate how much information Apple is logging, the researchers cobbled together an application that access the tracking file and plots the data on a map. They intentionally reduced the accuracy of the plotted information to help limit potential abuse.
“Apple has made it possible for almost anybody — a jealous spouse, a private detective – with access to your phone or computer to get detailed information about where you’ve been,” Mr. Warden said.
Apple isn’t saying why it is logging such highly detailed location data, or why the information is available in an easily accessible file. While it’s easy to jump to conspiracy theories, it’s more likely the company plans on using the information at some point for social networking services or targeted marketing.
“[Apple] have new features in mind that require a history of your location, but that’s pure speculation,” Mr. Warden said. “The fact that it’s transferred across devices when you restore or migrate is evidence the data-gathering isn’t accidental.”
iPhone owners can add a little more protection for their privacy by encrypting the backup files that are stored on their Mac so a password is required to access the content. Here’s how:
Launch iTunes and connect your iPhone to your computer.
Select your iPhone in the Library list in iTunes, then choose the Summary tab.
Scroll to the bottom of the window and check Encrypt iPhone backup.
Enter a password when prompted.
The data on your iPhone is stored in an unencrypted format unless you use a passcode lock. The passcode feature on the iPhone, iPod touch and iPad can be enabled by tapping Settings > General > Passcode Lock. If a simple four-digit security code doesn’t offer enough protection, users can enable iOS’s more secure passcode feature, too.
While logging mobile phone location data isn’t something new, Apple’s decision to store that information in an unencrypted file without user’s knowledge falls outside of common industry practices. To obtain that data for other phones, authorities or private investigators would need to gain a court order that compels the service provider to had over the files.
Apple hasn’t commented on its location tracking practices.
Posts
2) Is there a way (say, through a trojan horse) to get the iPhone to pony up the data? (Pun intended.)
3) Is there a way to delete the data?
4) What the hell is the purpose of tracking the data? I can understand, maybe tracking 24 hours worth for diagnostic purposes... but months?
the "no true scotch man" fallacy.
http://www.thenewspaper.com/news/34/3458.asp
Sure, this is almost certainly illegal.
But that's the problem. People sometimes engage in illegal snooping. You can't expect the Constitution to protect you. The owner of a device should not only be notified, but should be able to control (within reason), what data is being stored on that device.
the "no true scotch man" fallacy.
thats about the best case scenario for them i can think of
2.) Any means by which you can get code executing as root means you can get access to this data. FOr example, the iPhone jailbreak exploit that worked through Safari would have been able to get at all the data and transmit it somewhere.
3.) You can delete it from the backups pretty easily. You can also delete it from the phone very easily if you are jailbroken or have a developer account.
4.) I really wish I knew. I sort of suspect it might be used for the geotagging photos feature in the short term and is just kept in the long term for some sort of future idea.
What's interesting is that I apparently teleported to Philly. Really, I was listening to Pandora the whole way on my phone. That suggests something interesting about the when this data might be collected.
You think that some applications (Pandora being the most prominent example) interrupt this data collection while they're running?
the "no true scotch man" fallacy.
upstate/north county NY is like the worst
But the Adirondacks in the middle are pretty awesome.
this is true
i also like how you go right up to boston but have enough sense not to go in :P
Oh god, you're right.
uugggggghhhhhhh
the "no true scotch man" fallacy.
This might have something to do with it:
Storing it in cleartext means anyone with unauthorized access to your Mac can take this data. Also note that the granularity offered in the database itself is much finer than what the app will display - they deliberately didn't provide the maximum possible detail.
The basic principle here is that your devices should not record information without clearly telling you (i.e. no burying it in the EULA), and should not perform operations you didn't instruct them to perform, ever.
Anyone seen a PC port for this yet?
It's pretty stupid, sure, but useful it is not. There's probably more incriminating evidence in your call log.
Look up the DC Circuit ruling against warrantless GPS tagging of cars. It explains the problems in detail.
The amount of "incriminating" information contained in a detailed, timestamped map of your location is going to be heavily dependent on whether you, personally, are doing incriminating things while carrying your phone. Perhaps you don't do anything private or questionable, and are always honest about your whereabouts when speaking with family and friends, but others are probably not so virtuous.
Moreover "You only need privacy if you've got something to hide" is hardly a valid position to start from.
Apparently, you can delete the data but it just keeps coming back. There's no way to turn this off.
...and people really think this is no big deal? Just by walking around, there's an unprotected record that tracks your location at all times? This is literally a level of crazy paranoia that could have gotten you institutionalized if you had told someone you thought they were doing it.
Crazy person: "No, you don't understand! They built it into my phone and I can't turn it off! It logs my location constantly, it's all recorded in the database! They could always find me! That's why I threw away anything that used electicity and live in this cardboard hut!
It doesn't sound like they're collecting this info yet, but it's incredibly stupid to even collect it. It's about 10 times stupider to not *tell* people you're collecting it for no good reason, and another 10 times stupide than that not to let them turn it off.
Which is FINE.
But it needs to be opt-in, NOT opt-out, and the ads should only hit when you are in the location and not something that pegs you weeks or months later at an inopportune time.
Hey honey, why are you getting a 100 dollar funbucks coupon to a strip club in Vegas? I thought you were at a business convention...
Let's play Mario Kart or something...
Posting this again seems relevant:
http://www.youtube.com/watch?v=Vsxxsrn2Tfs
What's the gist of it?
According to the link you can enable encryption, if that makes you feel any better.
Edit, wait, I read it again, that actually made it a little worse.
So if you sync it with iTunes, the data is now on your computer. You can encrypt that, but not the record on the phone. At least, that's my read.
(This is a case to watch - its split with the Ninth, so expect to see it go to SCOTUS.)
Also, the iPhone will have a record of data recorded prior to the involvement of law enforcement.
If I'm involved in a nasty divorce and custody battle... sure my spouse might hire a private investigator (or even bug my car) to follow me around for a week or two. That's bad.
Subpoenaing my phone and finding out everywhere I've been for the last year? Not even comparable. Completely different league.
the "no true scotch man" fallacy.
See, every cell tower can tell you what direction you're in from that cell tower if you're within range, and you make or receive a phone call. If you're within range of at least two cell towers, the cell phone company knows pretty much exactly where you are, anyhow, if they care to figure it out.
Those records, however, are generally only kept on-hand for between 90 days and a year. Also, it's some trouble to pull them, and figure things out.
As you aren't legally obligated to keep the data, you can delete it whenever you want. When you visit your secret safety deposit boxes, for example. Then when the subpoena comes they won't have anything.
As I understand it, you can't turn the logging off, but you can purge the records.
Just because you delete something doesn't mean it is gone, unless you are suggesting that every time I visit my safety deposit box I take out the data storage device, clone only what i want to keep, replace the new one, then drill holes int he old one and melt it in a furnace.
Then I remembered that I was an idiot, and had just done exactly that a few weeks ago. The guy's flash drive still had every revision he ever made to the file he lost.
So yeah. Good point. Creepy.
Basically, to not function in modern society.
Actually you want to use the internet everywhere but home. if you use it at home they know where you live.
The cop phone scanner strikes me as even more of a story out of this thread, but just because I can't fathom what data a cop would even WANT off a cel phone during a traffic stop. Like, the only thing I could see it being useful for would be in nicer phones being able to prove your speed for the past few miles. But my pictures? What?
As it turns out a lot of people communicate with their drug dealers via text message, and any teen who is speeding welp... you get them with a raunchy sext and you've got two people in the hole for production and possession of child pornography.