If you have an iPhone running iOS 4, or a 3G-equipped iPad, Apple is and has been tracking your every move, Pete Warden and Alasdair Allan at O’Reilly Radar recently figured out. Warden is a former Apple employee and Allan is a senior research fellow at the University of Exeter in England.
Checking into Foursquare from a smartphone, for example, shows a time stamp giving a longitude and latitude record of the user’s location. The difference, where the iPhone and iPad are concerned, is that there is no obvious opting in. It appears that Apple does tell users in the fine print of its iTunes Terms and Conditions (see below), which users have to accept, as written, to access the iTunes store.
“We’re not sure why Apple is gathering this data but it’s clearly intentional, as the database is being restored across backups, and even device migrations,” the pair wrote in an April 20 blog post.
“What makes this issue worse is that the file is unencrypted and unprotected – and it’s on any machine you’ve synched with your iOS device,” the two continued. “It can also be easily accessed on the device itself if it falls into the wrong hands. Anybody with access to this file knows where you have been over the last year, since iOS 4 was released.”
Warden and Allen found the location data in a file called “consolidated.db”. It contains latitude-longitude coordinates with a timestamp, and some other collection parameters that are less clear. It appears that Apple has been collecting the data since the launch of iOS 4. Warden explains, in a video on the site, that since upgrading to iOS 4 he switched from an iPhone 3GS to an iPhone 4 to another iPhone 4, after dropping the first one – but his location data was seamlessly collected throughout that time.
Analyst Ken Hyers, with Technology Business Research, says that tracking mobile phone users is a practice that has gone on for years and is necessary to support 911 calls from mobile phones.
“But the location data collected by the mobile operators is protected and can’t be accessed without a court order,” Hyers told eWEEK. “Many smartphone apps on Android, Apple and BlackBerry devices also collect location data and, in fact, cannot function properly without [it]. Popular apps such as Layar require location information in order serve up location-based information. But this data is anatomised, protected and, as far as I know, not stored locally on the phone.”
Collecting and storing data on the phone, however, unsecured and without users’ knowledge, is another thing all together.
“I think Apple has really fallen down on the job here,” Hyers said. “They need to quickly develop and upload a fix that secures the data and gives the user a way to manage and remove it if they wish. Apple also needs to clearly explain why the data is being collected and what, if anything, it intends to do with the data. ”
While Warden and Allan are unsure what prompts the timing of the OS’s location recording, which is erratic – they have reached out to Apple’s Product Security team but have not heard back – the location information is likely determined by cell tower triangulation. The pair created and are offering an application that offers a visual representation of the data. In the on-site video, you can watch a device travel from Washington DC to New York on an Amtrak train.
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…
US Supreme Court says it will hear appeal of TikTok and parent ByteDance against ban…
Japanese start-up Space One destroys Kairos rocket for second time shortly after launch, as country…
World's biggest EV battery maker CATL aims to build 1,000 battery-swap stations next year, rising…
Facebook has 'severely restricted' news content from Palestinian outlets since October 2023 amidst bias concerns,…
View Comments
You can view the entire structure of the database at http://iplaq.com/iphone with the ominous table names and my own data.