and...
...exactly WHO is surprised about this...
Apple's iPhone and iPad constantly track users' physical location and store the data in unencrypted files that can be read by anyone with physical access to the device, computer researchers said. The file, which is stored on both the iOS device and any computers that store backups of its data, can be used to reconstruct a …
There is a bit of a difference in being able to ask a phone to remotely tell you of its location when it has been lost/stolen (as is done with MobileMe on the iphone and countless applications on Android including "Where's My droid" and "Lookout") and having a device "pre-emptively" recording your every move and recording it for month after month without any permission requested or granted!
Would you say "OK" to an a new application that said it would record all your movements and store them in an unencrypted file when you backup? I certainly wouldn't.
Whilst there are reasons to need to know the current location, there are no reasons I can see that would require this to be stored in a historical log. I'm sure the security services could find lots of reasons this is a good idea, but then they aren't interested in your privacy.
It does sound like a bit of debugging code which has been left in, but whatever the reason, it's not a nice discovery.
I downloaded and tried the software. While it found all of my tracking data for the UK it failed to find any of the trips my phone had made to France, Germany or Russia.
France and Germany where on roaming (Orange in the UK) and Russia is a separate SIM card.
Personally I have no problem with this data being collected as Orange are able to track me everywhere I go anyway.
...and now Apple too apparently. And anyone with user access to any PC or Mac you sync it with, and the authors of any executable which might be run on said machine and call home. It doesn't even need to be you running them. Any user can see it and see what your routine is.
Why don't you have a problem with that?
Uh you say: anyone with user access to any PC or Mac you sync it with
Actually they would need your user account and password to read your files right. I mean one user on the OS cannot read the files of another user's account. And if someone hacked my user account there's much more valuable data they can get to.
How secure that is would depend on how the PC/Mac was configured. I've used plenty of both that automatically start up logged in to the desktop. Linux would be far safer (if it ran iTune), as every distro I've used insists on a log in.
And if your user files aren't encrypted, or stored with with a file system which enforces access control, then simply removing the hard drive and plugging it into an external USB housing on another machine will let you read all the files.
Not that this is likely to be required in the spouse spying context mentioned in the article.
Coming next week:
"Here dear, I've bought you an iphone for Easter"
*SLAP*
"Personally I have no problem with this data being collected as Orange are able to track me everywhere I go anyway."
This isn't about Orange tracking you. You have a contract with Orange and part of the price you pay for the service you recieve is that Orange can track you. Quid pro quo.
This is about other people being able to track you and find out historically where you have been. The article gives the example of someone getting hold of the database from a backup which seems irrelevant to me. Might matter more if I were the sort to play away, if Mrs iShit wants to know where I've been she's welcome to.
What I'd find more concerning is that this is available to any app on the phone. Pleanty of apps have been found doing questionable background activity, how long before a freebie ad sponsored game starts feeding this back to the mothership?
Surprised the file isn't called newlabour.mbdb.
It's obvious that your phone service provider has to know where you are (at least, in the sense of which cell you are communicating through) in order to route calls to you. The ETSI standards define mechanisms for this information to be recorded and made available to law enforcement subject to appropriate legal provisions. If you're concerned about this tracking, it can be circumvented (at least in normal circumstances) by simply turning off your cell connection.
But this is very different from the phone manufacturer using built-in GPS to record your phone's movements throughout its lifetime (and sharing that information with 'appropriate' third parties). Apparently the right to do so is buried on page 94 of the 20,000 word legal document that you agreed to by breaking the seal on your new phone.
Lawyers: start your engines!
"But this is very different from the phone manufacturer using built-in GPS to record your phone's movements throughout its lifetime (and sharing that information with 'appropriate' third parties)"
This is very different from what it actually does. It tracks your location based upon triangulation of cell towers (think what would happen to the battery if GPS was constantly on), and also keeps a log of Wifi networks your phone has spotted. You could probably also circumvent this by turning off your cell connection and your Wifi.
I have an iPhone and this concerns me, but at least get it right.
You beat me to it, It's one thing to have the cell provider track when you're camped-on to the network , but this would normally be just the tower ID.
This creepy thing triangulates between "n" towers and records WiFi MAC's - a shitload more detailed information than you (are compelled to) agree to by using a mobile phone.
There are legal agreements in place to cover disclosure of mast ID's - I would presume "reasonable suspicion" is required, or at least the pretence of it. There is no regulation whatsoever of this new datagrab.
Still, i don't have a iThing and don't frequent public toilets much, so I've nothing to worry about. Right? ,
Orange or any GSM operator in a modern country is bound to some insanely serious laws about such location data. In fact, in some countries, people have died because the network operator declined to give location data without proper paperwork.
Ask anyone at a GSM operator, even they can't access such data without proper paperwork. Yes the people sitting at their data centers. Every access is logged and there must be something to show for each access.
Apple is not bound to such laws, especially with their evil genius lawyer written EULA.
Just watch when they sue them, you will be surprised.
Many programmers will be familiar with cache files. This just stores the results of the Cell ID to latitute/longitude that all smartphones with GPS have to use.
I've confirmed that eg the area around my own home only shows up once since I got my iPhone (6 months ago)! Hardly tracking to the second... Also the resolution (in the raw data) is only down to about cell tower level.
All this does is saving my phone making constant queries to Apple for this Cell ID mapping, which is how Android does it. At least this way Apple has no way of knowing what I do every day.
Oh it saves battery to.
Any privacy loving person will already encrypt their backups, and apps approved by Apple will not have ways of accessing this file in the phone.
Complete non-issue in my point of view.
"He's probably been voted down because he didn't immediately call for Steve Jobs' head and recommend everyone blend their iPhone and then put a tinfoil hat on."
Yes, yes, very droll. I'd wager though, that he's been downvoted because he's posted a smarty-pants rebuttal of the findings in the article, and he's wrong. Just throwin' it out there. Could also be the 'to' vs. 'too' thing.
@ .3
If you had read his comment, it sounds like he's actually taken the time to investigate the contents of this file from his iPhone and has not found per second data, has noted accuracy "only down to about cell tower level" (i'm guessing he's not in the position to go and work out exactly how accurate), and has not seen his home location more than once in the data (and I'd guess he's being going there most days in the past 6 months). Kind of at odds with the article, I know, but why shout at /downvote him instead of questioning the article?
Also, it may be that it *is* a cache file, it all depends on how many duplicate entries one can find - if you find lots then it's more akin to a log file (which should be purged regularly), if you find one then it's most likely a cache file (which really should be limited in size and have least used records removed on a regular basis).
@ PerfectBlue
Your assumptions seem to indicate that encrypting backups is not that much of an issue.
1) Most people won't think about encrypting a back-up (a checkbox on the device's "home" page - not exactly hard - but let's run with the assumption)
2) Only Tech savvy people will encrypt.
3) Hardly anyone backs up their devices anyway.
Based on the above, it seems like the issue of encrypting backups won't affect most people and the chances are pretty good that those who *do* back up are the tech savvy ones (we like backups, after all) who will encrypt said backups.
If you actually see the file and not go by some speculative articles you'll see it is the cell tower locations and timestamps are precise but towers only get recorded once.
Here's the SQL for the CellLocation table:
CREATE TABLE CellLocation (MCC INTEGER, MNC INTEGER, LAC INTEGER, CI INTEGER, Timestamp FLOAT, Latitude FLOAT, Longitude FLOAT, HorizontalAccuracy FLOAT, Altitude FLOAT, VerticalAccuracy FLOAT, Speed FLOAT, Course FLOAT, Confidence INTEGER, PRIMARY KEY (MCC, MNC, LAC, CI))
as you can see MCC, MNC, LAC, CI are primary keys, therefore will only appear once! So this does not track all your movements.
Sorry to state the bleeding obvious - but you've identified a bunch of keys defined one table - wouldn't that suggest that the data might be linked to information held in other tables?
Perhaps phone keeps a unique record of the location of each hotspot/tower and also has a table (with one entry per second) referencing them - you know, some kind of a log - so when you use the two together you can generate a detailed mapping of the phones location over time.
I think we used to call those kinds of things relational databases.
@ +++ath0
The phone was pwnd at Infosec. Pentesting companies view its security as so weak they wont issue it to their employees. I am sure you know more than any of the other people who have published their findings, which is why you confine your rebuttals to a discussion forum on the Register.
Bravo.
This post has been deleted by its author
Interesting update.. nice summary paragraph in there of one of the main issues
"Now for law enforcement and other purposes the device can come in handy. Will it give you a 100% accurate GPS point with Date/Time? No. Will it give you real-time tracking data to track someone? No. Can it help you narrow down timeframes and locations of potential suspects or victims? Absolutely, if used properly."
@Tim and @AC
Yes he does say that if used properly law enforcement can narrow down timeframes and areas. But he also says " after looking at a freshly wiped iPhone 3G which was running iOS 4.2.1 which didn’t leave a single building, had points from all over the town."
So there seems (and I see this too, both in my data and in the original movies posted) a lot more data in there than actual location. It would be really difficult to pinpoint anyone based on this data.
From my own experience I can't even pinpoint my own house to where spend at least 8 hours a day.
This opens a lot of plausible deniability cases: if someone claimed you were somewhere based on this data you can easily say you were not and it's all down to the phone caching more than it needed. No one could truthly say otherwise.
I agree a lot more research has to be done on this, but hopefully not the sensationalistic kind. That's just destructive and doesn't help much.
@ +++ath01 or Gk.pm,
The point is not that pwning the device will allow you to install trackers it is what historical information is now available.
I dont think anyone thought you only posted here - I suspect like most you have a day job.
Christopher Vance's article is good (and it is an improvement to see links to supporting claims rather than simple assertions) but the simple fact remains that a lot of his conclusions are guesses and assumptions. He says so himself.
He makes the following statement:
"Can it help you narrow down timeframes and locations of potential suspects or victims? Absolutely, if used properly."
And this is pretty much the problem.
First off I am glad we can agree this is not a cache file.
Secondly, you are spot on that MCC, MNC, LAC and CI will only occur once in the table. However this is not the protection you think it is.
Lastly, I have had a look at mine now and despite what you are claiming here it *does* seem to be tracking a lot of my movements very accurately. How can that be?
Wow, talk about exaggeration, I was expecting a _really_ accurate trail of where I'd been with my phone. It is _not_ that. It was various dot sizes, very roughly where I'd been in the UK, sort of.
Apparently I'd visited Cardiff (or my phone has, without me). I think I have visited Wales as a young child, certainly pre iPhone days, nearest I've been since then is Bristol (ironically doing some consultancy for cellco there). It had no indication of my various trips to Aberdeen (nothing North of the Border).
There is a very small dot (accurate fix I'm assuming?) on my house for one day, when I hit play. I'm pretty sure I've spent more time here than that! There is no dot covering my office, and I seem to be spending a lot more time south of the river than I remember.
The data is very inaccurate, which greatly lessens the security impact (though does not remove it of course). I did see that I'd visited Exeter and Bournemouth with the in-laws last year, but there are probably easier ways to find that out (like my flickr feed?).
It seems from other articles I've read that yes - it *is* the location of cell towers and WiFI hotspots that is recorded, *not* the location of the device.
And whether the data is held in an SQL database or not is immaterial to the question of whether it is a cache.
"Any privacy loving person will already encrypt their backups,"
I hate to disagree, but where I come from privacy means a 14 year old girl hiding their cell phone while they;re in the shower so that their mom can't browse through their text messages.
The idea of encrypting a backup simple wouldn't occur to 90% of smart phone users. Most smart phone owners aren't technical people. Most probably don't back up at all. Syncing their iTunes with their laptop is probably the closest thing that they get to doing a backup.
You buy an iPhone because "it just works". Not because you want James Bond style privacy.
Encrypting a backup is just one checkbox tick away on the device's page in iTunes.. hardly a very complex operation.
There's very little in this cache file. It also has many errors, for example it shows up with places I've never ever been to.
The downvotes are typical whenever anyone says Apple might not be entirely to blame anywhere in El Reg.
Apparently to even technical people at El Reg it's fine to send location data to Google, but it somehow becomes an invasion of privacy when even sparser information is stored in your own devices.
That's already been Googles answer courtesy of Eric Schmidt:
"If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place."
Oh what like using Google to look up if I have an embarrassing disease, or my gps route tracked by an Android phone? Why on earth might I not want anyone to know that? How stupid and unreasonable of me.
Apple are less concerned to intrude on your privacy just so they can sell you advertising. Their response would more likely be "You're holding it wrong"
if the information they store doesn't change much. Like for example cell tower locations.
Think about it, isn't it better that the phone already has this Cell mast id to location mapping and doesn't contact Apple with a new request?
This way Apple gets to known even less where you are at a some given time.
Why are some people demanding that their phones don't store this and in turn have to request information from Apple more often?
Symbian on phones with a GPS receiver appears to only request this data when you're using some software that wants your location (e.g. maps) AND you enabled Network-based location and/or A-GPS. Even if it was a cache (which it isn't - why the timestamp and repeated data?), it should be possible to easily disable it.
For cell triangulation you need to know where the cells are eg: latitute and longitude of the mast.
However the network only gives you the Cell ID. So there has to be some mapping for this to happen.
This mapping is exactly what's cached in this file (it's the cell tower approximate location, not your true location like some people claim) Nothing more to this file really.
You can either cache this information like Apple, or contact the mapping server every time like Android does (not sure about Nokia but it'll have to be similar)
It does actually triangulate your position. With 3G, the cell base stations already know their own location and broadcast it precisely so devices can do this.
Android's online location database is for stations which don't report their location, i.e. GSM (and WiFi thanks to streetview).
If that's so you might want to contact Ofcom, apparently they've been trying for ages to compile a reliable database of 3G masts but it's still far from complete as not all operators have given this info...
If the masts just transmit their location it should be a doodle.
Then again maybe they don't actually do that...
Why are you making me do your homework? That is only a location spec describing how the network can locate phones.
It doesn't include actually telling the location back to the handset, or even the cell tower locations. That's an optional subscription service from the mobile operator, or given to authorities for emergency or lawful interception.
It doesn't come standard with your service.
Because of this Apple, Google OpenCellID.org and others have come up with databases that locates cell towers from their ID and do the triangulation on their own.
You are completely missing the point, and probably intentionally.
Why the hell does APPL see a need to store the locations that I was visiting on the device that I was carrying in those locations? Especially without my expressed permission.
Can you even comprehend why this might be an issue, shill?
Have you read any of my posts? If so you'd this has been covered already.
Apple and all other smartphone companies need to map Cell IDs to latitute/longitude of towers so that they can make GPS location fix in useful time (ie under 10 minutes). People use that for locations apps, to geolocate photos, etc and would be extremely bored if they had to wait for the GPS chip alone.
Don't give me the shill crap, I'm a researcher just as the two guys who published the original article on this. I actually look into what am I'm saying, unlike you.
Fascinating threads..
@+++ath0, you have some of this right;
- The data collected is not terribly precise, and fairly incomplete, leaving it of limited interest to bad/good guys who obtain it (but it might be enough to tie, say, a serial killer to specific locations or movement patterns, or an injunction buster to his MP, or a consumer to certain supermarkets etc..)
- Apples motivations for this appear to be a mix of the commercial and the practical; improving the user experience, reducing costs to users and apple.
- This is not a fully fledged location tracker; far from it! If it had really been developed to track you for sinister motives it would be much more sophisticated, Apples engineers are not dumb.
However, you look like a fanboi/shill because you don't seem to acknowledge that:
The very act of recording of this data and storing it in plain sight on your handset and it's backup devices is an obvious security/privacy mistake. Apple could have made much more effort to protect it from casual browsing, they could have worked out that this was going to come and bite them later..
Oh; and they they could have informed their customers what was happening.. but that goes with the rest of Apple's customer handling ethos: "consume! but never question because we always know what is best for you!"
Thanks, I think :-)
I agree with you that Apple may have put more effort into protecting this file, but if I put my security researcher hat on all these mechanisms could have been broken since people have access to the device.
Would it really be any safer if just the serious black hats had access to this info?
As for informing the customers they actually did already, both in the T&Cs and when the US Congress launched a privacy investigation last year. It was even covered here in the Register: http://www.theregister.co.uk/2010/07/20/apple_location_policies/
So people who gives a heck about privacy should not buy any kind of "smart phone".
Funny that J2ME developers kept whining about the torture users get into when they used location data without unsigned (not code reviewed) applications. In fact, user has to do 5 step process not to be nagged "allow access to location" window even if you have got app signed.
After this story, I won't swear to my Nokia when that popup appears.
"Apple have made it possible for anyone from a jealous spouse to a private investigator to get a detailed picture of your movements.”
Personally, I don't have jealous spouse, and I don't think that a private investigator is going to tail me. My life just isn't that exciting.
What I am concerned about is that a cop or a fed with a generic search warrant could snare your cell phone and use the data on it to go on a fishing expedition. If they know where you are, and at what time, they could potentially try to tie you to who knows what.
Even if you didn't happen to be near an actual crime they could imply that you were and use that to try to entrap you.
"Say, young African American male, I see you were on 2nd and Broadway at 6:30 yesterday evening ..."
FFS! You seriously think the cops are going to go on a fishing expedition based on your phone data? You seriously think they're going to grab your phone, review your past movements, then try and get you to admit to being party to a crime you didn't commit? That this would somehow work and you'd just go "All right guv'nor, it's a fair cop"? That this would somehow stand up in a court of law? "Well you see, your honour, the subject was clearly in the approximate location at just about the right time. We don't have a motive, witnesses, or any other evidence, but hey - he's black (sorry, "African American")."
Nice use of emotive, racist undertones on the example too. Care to bring the Nazis into this as well, for completeness' sake?
Sounds like you need to adjust that foil hat.
"FFS! You seriously think the cops are going to go on a fishing expedition based on your phone data?"
You think they wouldnt? Do you think that, when put under pressure to solve a random high profile crime the police dont try fishing to see what they find?
Your faith in the integrity of the police force doesnt match up with reality.
Yep, they track your location and everything!
Except they don't unless you let them. And, uhh, the phone/tablet tells you when it's trying to locate you with a flashing sat-dish icon. Oh, and it tells you if any applications you're about to install want that kind of access, as well. Oh, and continues to let you review installed applications' permissions any time you please.
Android better than iOS at protecting privacy. Who'da thought it eh? Well, I believe I've said this any number of times, that Apple and Microsoft all want your details for the same reasons that Google do. Have I been believed so far? Well, no.
Perhaps that will change.
If this had been an Android phone - this would now be hitting the national news - "Google secretly stores tracking data on mobile phone users" but as it is - it is Apple - and people are coming up with all sorts of stupid excuses as to why this is a "non-issue".
A cache file? several people have reported that they have location data turned off and have never used location aware apps - yet the phone has still logged thousands of data points.
MobileMe? the Apple find my phone service does not have any need to know where you were last week - therefore the phone does not need to keep this information for this service.
There is NO legitimate use in recording your entire location history - no app needs more than a few hours worth of history (except Google Latitude, but that is stored on Google Servers).
I have even heard such stupid excuses as "all GPS devices record where they have been" no, they don't.
"It's for assisted GPS" - no it is not - if I stand outside my house using GPS at 3pm, the satellites my phone can "see" are NOT the same satellites it can "see" at 7pm. From howstuffworks: "Each of these 3,000- to 4,000-pound solar-powered satellites circles the globe at about 12,000 miles (19,300 km), making two complete rotations every day." Besides which - aGPS does not need to know where I was last week.
But obviously as can be seen on any news site across the web reporting on this story - the "cult" of Apple is strong with people claiming it is a good thing.
To the person above who believes it doesn't matter as your mobile operator already knows this information - yes - and in order for anyone else to get access to that information - they need to provide the mobile operator with a court order - I don't suppose you have stopped to think that there must be a reason the court has to approve the handing over this data? Something like - it's very sensitive, personally identifiable data?
It is for assisted GPS.
Like you say the satellites will be different but have you heard about this concept called geometry?
Once you know your location (from the Cell ID) It's actually possible to calculate which satellites will be in view at any given time of day. There's even apps that use that to show you the stars (and satellites)
3G masts broadcast their location in their data, there is no need to cache it.
Knowing which satellites are in view is no use too. The satellites tell you who they are! If you can hear them, you know which ones are broadcasting to you!
The whole A-GPS argument seems a bit thin to me. Modern chipsets get a location lock within a few seconds. Dedicated Sat-Navs have no access to the cellular network, and they work out where they are pretty quickly.
but thats because of different GPS chipsets. phones generally use weaker crapper AGPS necessary solutions. Proper satnavs (and bluetooth GPS boxes) have proper GPS chipsets in them - they can pick up weak signals and work out locations faster, AGPS needs to know where the good strong ones are before it goes filtering the time messages.
No they don't 3G masts don't send location in their data, unless you subscribe to an bloody expensive location service.
I suggest you read up on how GPS works for your second point.
Have you tried using a dedicated satnav besides a tall building? It will takes ages to get a lock. They work because the cars are on the road with open skies all around. I know this well since I have a Sirf III device (one of the most sensite) on by bike.
AGPS works in these the more difficult, but pretty common for mobile devices, situations.
"Knowing which satellites are in view is no use too. The satellites tell you who they are! If you can hear them, you know which ones are broadcasting to you!"
GPS sat transmit their *own* orbital parameters, along with that of the whole constellation at 50 bits per second. The datastream takes about 12.5 minutes to repeat. Initial lock could take less than 6 seconds using certain methods.
"The whole A-GPS argument seems a bit thin to me. "
Agreed. If 3G masts *only* put out a mast ID # (or whatever it's called) *rather* than actual lat/long co-ordinates you might want a database to map them into a location. It would *slow* growing and not need any time data at all.
I agree with you, on the database being slow growing. Unfortunately even slow means data has to be expired at some point, hence the time data.
Even something more detached from time like a FIFO queue would still denote some time sequence information.
The developers at Apple would really need to do a complex randomisation of the cache to avoid these sort of issues. By then maybe it would be more efficient just to contact Apple's servers and not cache anything. Oddly enough if they had done that no one would be complaining now...
"The whole A-GPS argument seems a bit thin to me"
Well get off your ass and do an experiment. Find someone with a modern AGPS enabled phone where the 'location server' can be configured. Nokia Symbian phones have a whole menu where you can turn on/off individual parts of their location service.
Disable AGPS, reboot phone, see how long it takes to get a lock. Re-enable, reboot, repeat. Do that a few times, especially in complex environments and you will see just how much faster AGPS makes things.
My N97 mini (approx 1.5 year old phone) would generally take a minute or so to get a GPS lock when I had this off (to save datacharges). Once I got a better dataplan it started getting a lock in seconds. The difference was dramatic.
Haven't tried this yet, but couldn't you just SSH into the phone, delete the offending files on a (somewhat) regular basis and be done with it? In fact, I'll bet some aspiring cydia developer will have an app for deleting the data soonish. To the poster suggesting google cares more about privacy, you sir have one fantastic sense of humor. Thank you for the laugh.
Just reporting the facts. Android phones at least tell you when they are snooping, report what apps do snooping, and let you turn it off.
iSomethings? Not so much. An iSomething-owning friend of mine is surprised that I'm not loading my tablet and phone both up with every free thing on the Market, especially all those "cool" free things you can get on Apple's app store. So I point him at the big permissions list that some of these apps want, and his response is something like "so what?"
So maybe the iPhone is perfect for him...
"The image is cropped, but it also picked me up in Iceland, Dubai and the Maldives".....Hypothetical...somewhere in a secret CIA base....."So my friend, you have been to Dubai, met an Al-Qaeda representatives while you were there? Know anything about the recent terrorist attack in Iceland? You were there as well according to Apple records, its all there on your phone, no use denying, does this hurt?" Sound of nutcrackers crunching and a long drawn out scream!
You see here, a terrorist attack in Iceland, the CIA trawl Apples database of location visits for anyone visiting any Arab state and Iceland in quick succession, your name appears, the next time you end up in a foreign state sympathetic to US interests your name pops up in their todo list and you vanish quietly to eventually end up in guantanamo bay V2 as a terrorist, lucky you, and all the fault of you iphone.
... explicitly that it doesn't send the file *anywhere*?
I don't even trust my own android phone.
Not that it ever is an issue but if I ever do want to go anywhere I don't want anyone knowing, I'd not take my phone with me.
Or if I did, the battery would be out. Even then... the possibility of an embedded RFID is always there in the SIM for example, but that's really probably bordering on tin foil hat territory. Hey, tin foil, that's a great idea.... :P
I have always assumed that mobile telco's could triangulate reasonably accurately where any phone logged into their network alwats is anyways.
"It might be interesting to replace the location data in the file concerned with some made up locations and see if the flavour of any advertising changes."
Nice.
But to avoid unfortunate mishaps due to accidentally re-locating yourself near some sort of criminal event make sure the rows are reporting your locations are physically *impossible* to move between in the time.
The gutter press will LOVE this - allegedly... Imagine if you somehow obtained the location databases of a bunch of celebs, sports people and politicians. Then you do a bit of SQLing to find the location/time correlations. If they have a regular schedule, your photographers are there waiting the next time they meet. Conclusion: don't carry an iThingy if you're in the public eye!
This post has been deleted by its author
Hardly exciting, my phone of nearly a year only has 669 distinct timestamps for those. Hardly tracking every second of my life...
Still it has something similar to Google's Street View cars Wifi grabbing potential.
At least now I can access some of that data for my own devious purposes, and it's not locked away in some server for Google's elitists to play.
Apparently it's in the Ts & Cs punters sign when they scribble their monicker on the dotted. I know some folks get terribly excited about all this, like they were up to anything interesting that they'd want kept private, but most phones have some way of identifying a user's position, even if only loosely. If one has broadly agreed to this kind of data collection it's probably not breaking any laws at all.
seems to be a common feature of contracts these days. The law doesn't matter, because it's in the contract. I've recently watched a company turning a blind eye to a breach of its own T&Cs for about a year, and only reacting when it became apparent that the perpetrator was very likely a computer criminal, who, on his release from prison, pretty quickly started a new fraud through them.
You can't trust anyone these days. Nobody seems willing to enforce the law, and companies only seem to enforce their contracts when they might be the ones being hurt.
I have a couple of slightly different view points:
1) Apple must surely know that people might not want their location at all times to be logged. Sure, there may be a benefit (better battery life, smaller mobile data bill or whatever) for users with the phone doing this. But from a PR point of view surely it would be better to tell the users what's going on under the hood, maybe having an option to stop it, etc.
2) With Apple having servers that dish up the information on request in the first place there is an interesting consequence for the network operators. The networks are traditionally shy about the exact locations of all their cell stations. A network armed with the locations of a rival's cell stations can work out all sorts of things about their rival's network capacity, operating overhead, etc. etc. That counts as priceless commercial information allowing them to accurately undercut the rival..
So what's to stop Vodafone (for example) buying O2 iPhones and using them to get a complete map of O2's cell network and thereby deriving performance information for O2's entire cell network? Or have the network operators accepted that their competitors know everything about their networks costs and performances?
And we do need a popcorn icon.
... it's just an automated blog system! Except in better, as whoever (e.g. burglar or hitmen who wants to know your "away from home" habits) accesses it will find something interesting they actually want to know (so as opposed to most blogs).
Also, I don't know what's all the fuss about, I have absolutely no problems whatsoever with any of Apple products: I don't have any of them.
Whilst this data may look like something, it really is nothing.. its just a way to bloat the phone in a gradual manner such that in a year or two the device is slower than it was they day you bought it.
hence you buy another. Its just 'good business'.
A very large number of devices do this kind of inane logging including PC's.
I definitely not a member of the Stevie-boy's-biatches club, but second-by-second tracking? Get real.
Assuming 4 bytes for INTEGER and FLOAT data types, that would be 1.5GB per year (365*24*60*60*52/1024/1024/1024) - excluding the primary key index.
Don't some of those devices only have like 4GB?
According to Apple's EULA they have the right to track your location and to share this information with third parties.
That IMHO puts a slightly different slant on why perhaps this data is being stored.
I'm not a paranoid type, I know that if the cops or MI5 (I wish) or even a half decent PI wanted to track me they could but I do find it a little disturbing that EULA's have this kind of stuff written in them and the consumer has no recourse to remove or amend them - Accept or don't buy the product.
To post an accusation like that you moron...
Looking at the posts he has made he does indeed come across as fanboi number 1, but on this occasion I think you will find it is with good reason. He is correct, look at the data for yourself, it is not as accurate as the researches are making out. Or certainly not in my case.
This post has been deleted by its author
as we all know this is a legal requirement on the case of the networks, and I can see why many elements of the iphone app's and services need the information, not least for the ability to use the phone and wifi.
I can see how legacy information might be useful so it is left on the phone (although more likely that it takes up so little space it doesn't matter).
For me it's more the matter that it is available on the pc you sych to.
And also the fact that the app to look at it is Mac only! I want to see where I've been!
so many faults in your post.
1) the network stores your tower ID and any calls. it does not triangulate nor does it log WiFi MAC addresses.
2) running applications might want to use the data, maybe to suggest the nearest polo-neck experience. They do not need storage for the last x years.
3) the phone does not need any of this stuff to "work"- it needs to talk to the mast but has no need to log the ID nor even store it temporarily, outside of the 3G stack itself.
4) similarly the WiFi MAC address, yes it is needed to connect, yes it needs to be stored if there is a password to remember, but not if no connection is attempted.
5) "so little space it does not matter" - that is SO not an argument. Murderers kill so few people...
1) Apple want to know where you are so they (or their "partners") can supply targeted advertising.
2) Bloat up the memory so you need to replace/upgrade faster than if this "feature" were disabled (can it *be* disabled?). A time honoured MS tactic.
3)Enable the offering of a "people tracking" service to "authorised" customers that offers them useful information from day 1 rather than waiting for the suspect (because clearly you are doing *something* suspicious by someones yardstick) to do something interesting.
I was originally going to ask "why?" but there are plenty of reasons why. It's just that, had I bought one of these things, *none* of them are reasons that help *me*.
*As in legitimate ways to get more money out of our customers that is.
It seems that none of these phones are secure.
See this URL, and note that the situation dates back to 2008.
http://www.thenewspaper.com/news/34/3458.asp
The device that is being used is claimed, by the manufacturer, to be able to access all the data on your phone, bypassing the password protection.
I've had a look at my phone using the tool that was published on the blog (link from the article) and all I can see is a nice grid showing me the cell towers in the vicinity that my phone was in. I don't see any specific locations, my house isn't even on there, just a bunch of pins showing masts in the area.
Not too bothered about it having looked for myself at the data, I think this has been rather blown out of proportion. Take a look for yourselves and you will see. Maybe your data is more concerning but no problems with mine.
Please spend a few minutes reading:
https://alexlevinson.wordpress.com/2011/04/21/3-major-issues-with-the-latest-iphone-tracking-discovery/
which shows this has been known about for a long time, already researched and published (even in a book on iOS security), and Apple is NOT collecting the data.
Finally some sensible comments and truly useful information!
Thanks a lot AC, I've been trying to point this out to people all along this thread but apparently most of their brains go numb as soon as they hear the word Apple.
And people say Apple has an RDF field... it seems that field is in fact on the other side of the court...
It became really hard to defend Apple because of their rude, sometimes swearing cult like fanatics. Apple is being driven to very bad decisions because they are listening to their noise. Some flaw like this, happened to any company except Apple could drive the CEO or very high level staff "retire" because they have healthy people who critize their bad actions.
anyway, blame fanatics.
Seeing all the really nasty crap that goes on which people don't complain much about eg:
* Pandora radio transmitting real location of users
* Online tracking such as the Facebook like button or that done by ad networks (remember the recent "do no track" option in some browsers?)
etc..
people choose to pick on a harmless little file that only caches the cell phone masts the phone has seen, used for the phone's own location services to work.
The police can get a lot more than what's in that file just by calling up the mobile company.
Don't want to risk other people finding out which cell towers you may have hanged around? Just check "encrypt backup" in iTunes. There's a lot more valuable information in your phone than this if it fell into the wrong hands.
This post has been deleted by its author
"I've had a look at my phone using the tool that was published on the blog (link from the article) "and all I can see is a nice grid showing me the cell towers in the vicinity that my phone was in. I don't see any specific locations, my house isn't even on there, just a bunch of pins showing masts in the area."
Err, that package has been neutered so there will be less detail..
"The researchers have released open-source software that makes the entire process a snap. It also plots the information to a map that shows the movements of the user. While the locations are stored down to the second, the researchers said, their software intentionally reduces the time to weekly increments to make the data less useful to snoops."
Has anyone here given it a full analysis that stands up.
Even if it's down to the second, it's still just the cell tower locations, which doesn't give much resolution. It's not going to be enough for someone to be able to tell you left the office, walked down the street a block or two, and popped into a hotel to meet your mistress or into a massage parlor for a happy ending or to meet your dealer to score some smack.
I already assumed this was the case with most or all of the current crop of similar devices.....it's just how easy to gain entry to it that would be the sticking point for me.
Though I still refuse to pay the Apple premium, so hopefully nobody will ever be able to see how mundane, humdrum and repetitive my life is for the majority of the time :D
...but this is not news by any means and there is an en excellent analysis and explanation of how and when this was first 'found' here: http://bit.ly/e21NVr
Me, I'm not really bothered that someone *might* be able to get hold of my phone and then see where I've been: Should it be used for location-based advertising I'll simply opt out (since I'm pretty sure there would have to be an opt out clause somewhere). I suspect people are getting their pants in a twist about nothing much really.
I ran the program. The database is not where you've been, but what cell tower and wifi networks you've been in range of. I was on a trip to San Jose last month, and there were points on the database that were 75 miles away from there. It's not a breadcrumb of your exact gps track, it's the resources that the phone used to connect, or to provide you with GPS info during the trip.
It's definitely a good idea to encrypt this better, but not for the reason you think - it's an EXCELLENT resource for determining exactly where cell towers are - it makes a little circle for each one. That's not really information that you want so easily collected - I think it's quite possible I could drive around a city and collect the location of every piece of cell radio infrastructure in one day.
I checked my recorded locations stored during a recent weekend in Philadelphia.
The resolution is in terms of blocks. You can tell I was in Center City Philadelphia, and popped over the river to the University of Pennsylvania campus. But the towers recorded are farther south than I actually went, and one is farther west. (I stopped at 33rd street, but apparently my phone pinged a tower at 38th street.)
Apple can't gamble that much and Facebook and Twitter are already being pressured by Govt. for more sane privacy settings.
A California company doing such a nasty privacy crime would go out of business, especially California. Notice some sites have "your californian privacy rights"? It comes from the amazingly strict law of California.
Having just downloaded the application and looked at the data, here's what I found:
1. Location accuracy is wretchedly poor, and frequently wrong. Apparently I've been on day trips to Newport, Oxford and Weymouth recently - which is certainly news to me.
2. The best accuracy is maybe half a mile.
3. In all the years of tracking data I've collected, I've never been at home. Not once.
So... the assertion that this is uber-spy Big Brother monitoring is clearly nonsense and wild exaggeration.
The only conclusions anyone can draw from the collected data is that on [date] you made a journey to [region.]
If [region] includes a city, there's a good chance you went to that city - probably.
There's *no chance at all* of getting anything as accurate as a street address, or even a mode of transport. (Car, bus, or tube? No idea...)
Now - this doesn't mean Apple should be collecting this data.
But that's for two reasons.
One is that it's not Apple's business.
The other is that this data is so useless it's difficult to see that it has any value to anyone. It's useless to advertisers, useless to Apple, useless to law enforcement, and useless to the emergcency services.
So the real issue is - why bother at all?
Were these just bundled in to make the thing more comprehensive? Let's say I have a wifi-only iPad (as in fact I do). When this has no connection, I really doubt anything is tracking it. A couple of apps have asked if they can use location and been told no.
So perhaps it depends on which iPad you have. I'm more worried about my car's GPS. I'm SURE that thing is tracking my movements.
Amazing stuff. Not the article. We've come to expect this kind of stuff from apple.
But the reaction from some people.
I honestly think that if apple were to announce that they'd disabled everyones iphone and you should go buy a new one at full price immediately there would still be dozens of posters on here saying yes this is a perfectly reasonable thing to do
It's the reaction from people like you that's amazing, almost like a firehose of nonsense.
If you follow that same line of though you could claim that the Chrome cache files are all part of a conspiracy plan by Google.
Everything should be judged coming from a presumption of innocence. This presence of this file is very easy to explain if you understand anything about software and how GPS location works on phones.
If it wasn't believe me I'd be among the first up Apple's throat.
I gotta question for ya, shill ...
An internet (browser) cache stores info on a computer under the assumption that the individual user, who owns the computer, will frequent specific internet sites, thus minimizing transfer of data and minimizing bandwidth use for that individual.
Said stored ("cached") data is only stored when requested by that user, and only used when re-requested by that user.
On the otherhand, when I am using my telephone, I expect it to find the nearest ("least costly") cell tower, and make the call accordingly. Why the hell should my telephone need to look thru' a database that includes my time/location information, detailing when I'm in Forresta, Graeagle, Fort Bragg, Covolo and Solvang, when I'm in Grass Valley (all in California)?
The answer is that it doesn't need to look thru' that database. All it needs to do is get the signal, and act accordingly. In fact, that database has absolutely zero use in the day-to-day life of the consumer.
Yes, the telcos are probably required to keep "who was where, and when" info ... but on the personal hardware of their customers? Not so much ...
IMO, that database only exists to track the user, for reasons that are uncertain. And that is an extremely good reason to avoid AAPL products at the consumer level. It is a personal privacy invasion atrocity looking to happen.
As the register loves to publish at least 3 stories for every 1 real story here is an oppertunity. Why not talk to all your staff, download their data. and show us what you all do? :) You could compare the main bosses phone for instance to a typical 10K per year journo. In fact there's tons of milage and padding, maybe you could do a weekly feature.