dslreports logo
 story category
iPhone Location File Not New, Not Secret
And it has Been Used By Law Enforcement for Some Time

Yesterday we noted that security researchers Alasdair Allan and Pete Warden announced they'd found that iPhones and 3G-enabled iPads have been tracking user locations and storing the data in an unencrypted file ever since iOS 4.0 was released, while releasing an open source app making it simple for anybody to open that file and track their device usage in visual form. In an interesting bit of analysis, 21-year-old Alex Levinson, a student at Rochester Institute of Technology, says in a blog post that many security researchers have known about this file for some time, and that Allan and Warden didn't do their homework on previous research. He also states such data is routinely used by law enforcement:

quote:
Click for full size
This hidden file is nether new nor secret. It’s just moved. Location services have been available to the Apple device for some time. Understand what this file is — log generated by the various radios and sensors located within the device. This file is utilized by several operations on the device that actually is what makes this device pretty "smart". Through my work with various law enforcement agencies, we’ve used h-cells.plist on devices older than iOS 4 to harvest geolocational evidence from iOS devices.
Levinson claims Apple is not harvesting this data, and that he's never seen such data traverse a network. The data is used by law enforcement as part of criminal investigations, and is something the iPhone has been doing since at least iOS 3.2, when the device received a location services update. So what's really new? Nothing, really. The file simply changed forms and storage locations, after which it was discovered by Allan and Warden.

As we noted yesterday, the hysteria surrounding this story is rather amusing in broader privacy context. Devices are tracking you on multiple levels, from GPS triangulation down to specific applications -- and it happens on all mobile devices, not just those made by Apple. Meanwhile, carriers are constantly tracking and storing location data and selling it to the highest bidder on a daily basis, when they're not busy dumping data wholesale into the laps of law enforcement and intelligence organizations with often only a fleeting regard for the law.
view:
topics flat nest 

pnh102
Reptiles Are Cuddly And Pretty
Premium Member
join:2002-05-02
Mount Airy, MD

pnh102

Premium Member

Bad Jorunalism

Perhaps the media outlets which went bonkers over this original story should have taken the time to, you know, maybe get some more facts first, before posting such alarming headlines.
Kearnstd
Space Elf
Premium Member
join:2002-01-22
Mullica Hill, NJ

Kearnstd

Premium Member

Re: Bad Jorunalism

Fear sells papers, Why do you think when stories like this do not exist the news will always remind us that "Terrorists are everywhere"

thegeek
Premium Member
join:2008-02-21
right here

1 recommendation

thegeek to pnh102

Premium Member

to pnh102
SeNsAtIoNaLiSm!!!!!! Real news doesn't sell ads anymore. Over-hyped slightly factual news does. Don't blame the media outlets though, blame the consumers who fall for the shit.
TheRogueX
join:2003-03-26
Springfield, MO

TheRogueX

Member

Re: Bad Jorunalism

said by thegeek:

Don't blame the media outlets though, blame the consumers who fall for the shit.

The same consumers who fall for Apple's marketing!
MRCUR
join:2007-03-09
Lancaster, PA

MRCUR

Member

Re: Bad Jorunalism

You mean the consumers who fall for any marketing.

Noah Vail
Oh God please no.
Premium Member
join:2004-12-10
SouthAmerica

Noah Vail

Premium Member

Re: Bad Jorunalism

said by MRCUR:

You mean the consumers who fall for any marketing.

Which is why Elections are largely composed of marketing.

NV

cdru
Go Colts
MVM
join:2003-05-14
Fort Wayne, IN

cdru to pnh102

MVM

to pnh102
said by pnh102:

Perhaps the media outlets which went bonkers over this original story should have taken the time to, you know, maybe get some more facts first, before posting such alarming headlines.

Does previous knowledge or period that the tracking has been happening diminish the fact that the information is available to begin with?

pnh102
Reptiles Are Cuddly And Pretty
Premium Member
join:2002-05-02
Mount Airy, MD

pnh102

Premium Member

Re: Bad Jorunalism

said by cdru:

Does previous knowledge or period that the tracking has been happening diminish the fact that the information is available to begin with?

But isn't this the point of a location-aware device? To actually make the location of the device aware to applications on the device that would want to know this information? As I said before, I think the use of a plain text file to present this information is a very useful and practical way to access this information. It sure beats having to write code that talks to the GPS hardware directly.

Besides, if people are concerned with such things, they can choose to not use devices that are location-aware.

cdru
Go Colts
MVM
join:2003-05-14
Fort Wayne, IN

cdru

MVM

Re: Bad Jorunalism

said by pnh102:

But isn't this the point of a location-aware device? To actually make the location of the device aware to applications on the device that would want to know this information?

But there is a difference between location aware and tracking. Knowing that right this instant you are standing at approximately 123 Main Street, and a historical log that recorded hundreds or thousands of data points for the last month illustrates the difference.

As I said before, I think the use of a plain text file to present this information is a very useful and practical way to access this information. It sure beats having to write code that talks to the GPS hardware directly.

If you are smart enough to create a iPhone app, you're smart enough to use the core location API. You're probably not likely to ever need to access the hardware directly anyways. I believe most/all hardware is inaccessible directly, instead you must go through the official API (at least if you are using the official SDK and want your app to be published in the AppStore).

pnh102
Reptiles Are Cuddly And Pretty
Premium Member
join:2002-05-02
Mount Airy, MD

pnh102

Premium Member

Re: Bad Jorunalism

said by cdru:

If you are smart enough to create a iPhone app, you're smart enough to use the core location API. You're probably not likely to ever need to access the hardware directly anyways. I believe most/all hardware is inaccessible directly, instead you must go through the official API (at least if you are using the official SDK and want your app to be published in the AppStore).

How do you know that the API doesn't store this information in that file though?

cdru
Go Colts
MVM
join:2003-05-14
Fort Wayne, IN

cdru

MVM

Re: Bad Jorunalism

said by pnh102:

How do you know that the API doesn't store this information in that file though?

Where it stores it doesn't matter as far as I'm concerned. The fact that it's stored in the first place, particularly in some trivially readable form, is the whole issue.

My comment regarding the API was just in response your comment that it's a very useful and practical way. If you had to write your own driver or interface to pull in GPS information, then I would agree with you. But any app created with the SDK is already going to have access to the API so the whole logging to a file is not necessary.

pnh102
Reptiles Are Cuddly And Pretty
Premium Member
join:2002-05-02
Mount Airy, MD

pnh102

Premium Member

Re: Bad Jorunalism

said by cdru:

Where it stores it doesn't matter as far as I'm concerned. The fact that it's stored in the first place, particularly in some trivially readable form, is the whole issue.

I don't think it makes a difference. Even if the information was encrypted, there would be ways to decrypt it in short order.

cdru
Go Colts
MVM
join:2003-05-14
Fort Wayne, IN

1 recommendation

cdru

MVM

Re: Bad Jorunalism

said by pnh102:

I don't think it makes a difference. Even if the information was encrypted, there would be ways to decrypt it in short order.

Right. We aren't arguing about that. It's the fact that it's there in any form. Unless the user explicitly knew of it and consented to it, and at a minimum has a easy way to clear it, my opinion is that it shouldn't be there.

My wife runs, and has several devices that can record her path. If she was using an app that did that, that she installed or at least knew was installed, then a log would be expected and acceptable. But in this case that's not the case. Current location information doesn't need to be logged to be useful, and even direction and velocity information wouldn't need more then a few moments of history, definitely not measured in minutes, hours, days, or months.

tiger72
SexaT duorP
Premium Member
join:2001-03-28
Saint Louis, MO

tiger72 to pnh102

Premium Member

to pnh102
said by pnh102:

said by cdru:

Does previous knowledge or period that the tracking has been happening diminish the fact that the information is available to begin with?

But isn't this the point of a location-aware device? To actually make the location of the device aware to applications on the device that would want to know this information? As I said before, I think the use of a plain text file to present this information is a very useful and practical way to access this information. It sure beats having to write code that talks to the GPS hardware directly.

Besides, if people are concerned with such things, they can choose to not use devices that are location-aware.

response from Windows Phone team was that the only location they store is one location periodically, which is then overwritten by a new location. Months of tracking data is not stored on the device.

I don't mind apps knowing my current location. I don't like the idea that my device itself is tracking my every movement for months on end and logging it indefinitely.

I'm less concerned about law enforcement than when a person loses their phone. Or has their phone stolen.
fiberguy2
My views are my own.
Premium Member
join:2005-05-20

fiberguy2 to pnh102

Premium Member

to pnh102
Make the location know... once made, no need to store it. Done.

pnh, your attitude on this sucks big time.

Law makers are more worried about making cell phone providers make CLEAR AS DAY next to the price of the phone, in some areas, what the so-called "brain melting power" of your phone is. (That's still data under debate) HOWEVER, where's the push of these same law makers to make it VERY well known that a phone is collecting and storing this sort of data at all times? ... I dunno about you, but I think the consumer DOES want to know THIS important fact over some "your brain will melt this much if you use this device" non-proven-fact.. don't you think?

The "if they are concerned which such things, they can chose" attitude is a bunch of crap. You first must make this very clear to the consumer, which they don't. There's nothing that states "we're collecting, storing, and this data can be made available" that the consumer is aware of. THIS is the issue. So, if this was in fact being done, then I'd agree with you - the consumer can chose - but first you must be made away, and they're not. So hang up your argument already as it is WAY out of line.

By the way.. back to what you said.. the device has to make information aware to applications.. what I did last week isn't necessary today. If I told you I'm going to be somewhere at a certain time today, you're aware. Do you write that down, save it for eternity so that you can look back a year later to see where I was? No.. you were told, you were made aware, you did what you needed with that information, and life moved on. IF you are that anal and want to keep such worthless information.. 1) get a life. 2) it would be a choice you're consciously aware of in the first place.

In other words, this data does not need to be stored on the phone. There is also no feature that you can turn this off with - THAT is also a problem. There is also no feature that lets the user clear this data - THAT is a problem. Apple doesn't own the right, the app developers don't own the rights, and the government HAS NO RIGHTS to this data. Are you okay with pre-spying? I'm not. Are you okay with being tracked? I'm not - nor is the constitution. Wire tapping requires a judges order by law. And, only at said time is ANY information collected allowed to be used. They can't tap the line today, get the order next week and use all said data in between. This is what the government likes to have access to. ILLEGAL.

Be it that this data was always being collected or not, and in what ever file or format and in what location, it doesn't matter. This isn't anything about "media getting their facts together" first.. I don't seem to recall this story making the media cycles before, not to this level.

I guess you are one of those people that believes that its okay for government to have any and all information on you.. just don't do anything wrong and you have nothing to fear.. (soviet, cough cough, soviet) Um.. not sure what country you live in, but the one I live in was founded on completely different principals and laws.

pnh102
Reptiles Are Cuddly And Pretty
Premium Member
join:2002-05-02
Mount Airy, MD

pnh102

Premium Member

Re: Bad Jorunalism

said by fiberguy2:

I guess you are one of those people that believes that its okay for government to have any and all information on you.. just don't do anything wrong and you have nothing to fear.. (soviet, cough cough, soviet) Um.. not sure what country you live in, but the one I live in was founded on completely different principals and laws.

I also fry small children too. I do make sure to marinade them first. They sure taste yummy with ketchup.

I'm still looking back through my posts in this thread to see where I said it was OK for the government to willy-nilly look through your personal items without any probable cause or a search warrant. I'd also be hesitant to think that the government should be allowed to convict someone of a crime simply because a file claims (with no verifiable external evidence) that a mobile device was at a given location at a given time.

If we expand your scenario to its logical conclusion, there could also be rogue applications which collect the same information. Could the next version of Angry Birds be collecting your location information and storing it for months on end the next time you play? On some devices, sure!

But as for these devices, I still stand by my assertion. Any location-aware device will inevitably have the capability to collect and store location data. I have no doubt that if I wanted to I could write code for Android to do the same thing. If you don't want this or any other device to collect such information, then leave it at home.
fiberguy2
My views are my own.
Premium Member
join:2005-05-20

fiberguy2

Premium Member

Re: Bad Jorunalism

You ARE right.. they can, and DO, collect this data - clearly.

However, there are just some things, that when done, should realize extreme punishments. If you tapped into someone's phone line with out a warrant,.. just tapped someone's phone PERIOD, I'm tellin' ya, you'd be in jail. Using your example, say the maker of Angry Birds collects your personal data, ie: taps into your communication, collects it and sends it back to the maker, then I too think that person, or those responsible, should be treated the same way - harsh!

Today, for some reason, in these cases, it usually ends up with a PR statement, a bunch of press over it, the maker gets advertising out of the deal, and winds up prospering more for it. I don't care if it's apple, google, or microsoft (or as you said, app makers) if they're mining data they're not supposed to, they should going after the people AND companies directly and taking PROPER and APPROPRIATE ACTIONS against them.

Also, as I said before as well, if the government abuses this information, those responsible for authorizing the actions should see bubba on a regular basis as well.

Again, if you're of any size, you seem to be able to explain the situation off (or sometimes just deny it) and move on. "nothing to see here" - that needs to come to an end.

There are just certain things that are NOT ok. One, is saying "eh, if you don't want this to happen, then leave the phone at home".. that's rolling over and being the good little submissive that those at the top want us to be. Sooner or later, the people in this country are going to go all Egypt on their government's ass.

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

FFH5

Premium Member

Re: Bad Jorunalism

In a new iOS version coming in next 2 weeks, the collection will be modified:

»news.cnet.com/8301-30686 ··· 1_3-0-20

But the company did admit that it may be storing too much information about users' location. And it said it will soon fix this in a software release.

"The reason the iPhone stores so much data is a bug we uncovered and plan to fix shortly," the FAQ says. "We don't think the iPhone needs to store more than seven days of this data."

Apple also admitted that users should be able to turn off the location logging feature on their phone when they disable location services on it. But a bug in the software has also prevented this, the company said.

Apple said it plans to release a software update in the next few weeks that will

reduce the size of the crowd-sourced Wi-Fi hot spot and cell tower database cached on the iPhone,
cease backing up this cache, and
delete this cache entirely when the Location Services feature is turned off.

Expand your moderator at work
diz17
join:2010-11-17
USA

diz17

Member

Sensationalism at it's finest

Funny how no one in the media mentions that most, if not all cellphones from 2007-08 forward have built in GPS, and even non GPS phones can be triangulated.

If you're not doing anything guilty, you shouldn't have anything to hide.

A900MHz Fan
join:2004-07-12
Mitchell, SD

1 recommendation

A900MHz Fan

Member

Re: Sensationalism at it's finest

said by diz17:

Funny how no one in the media mentions that most, if not all cellphones from 2007-08 forward have built in GPS, and even non GPS phones can be triangulated.

If you're not doing anything guilty, you shouldn't have anything to hide.

If I am not doing anything to be guilty of, no one should be looking.

Neal

crazediamond
Maybe you shouldn't be so proud?
Premium Member
join:2002-01-19
Brooklyn, NY

1 recommendation

crazediamond to diz17

Premium Member

to diz17
said by diz17:

If you're not doing anything guilty, you shouldn't have anything to hide.

freedom fail

RRedline
Rated R
Premium Member
join:2002-05-15
USA

2 recommendations

RRedline to diz17

Premium Member

to diz17
said by diz17:

If you're not doing anything guilty, you shouldn't have anything to hide.

Typical authoritarian, un-American attitude.

Nanoprobe3
Looking for cures in memory of Mom
Premium Member
join:2003-05-11
Crab Nebula

Nanoprobe3

Premium Member

Re: Sensationalism at it's finest

quote:
Levinson claims Apple is not harvesting this data, and that he's never seen such data traverse a network.
Yea, right.
If the above statement is true then why is the data being collected and stored at all? Just because Levinson hasn't seen it traverse a network does that mean it hasn't. Makes me wonder how much of a role big brother is playing in this.

cdru
Go Colts
MVM
join:2003-05-14
Fort Wayne, IN

cdru to diz17

MVM

to diz17
said by diz17:

Funny how no one in the media mentions that most, if not all cellphones from 2007-08 forward have built in GPS, and even non GPS phones can be triangulated.

Can anyone who just gains access to your iPhone get the previous triangulation data the carriers can perform? Is the actual triangulation always being recorded by the carrier (and not just the cell site)? How precise is the available triangulation that the carrier can perform vs what's recorded in the GPS log?

Camaro
Question everything
Premium Member
join:2008-04-05
Westfield, MA

Camaro to diz17

Premium Member

to diz17
said by diz17:

If you're not doing anything guilty, you shouldn't have anything to hide.

Err famous last words,as much as this statement might have been true like 40 years ago with modern technology this does not apply anymore,lets take a look at china for example,would you go live there full well knowing every phone call,website,hell even mail is "checked" to make sure that any dissident talk or democracy is crushed like a egg,oh and also the dirty talk you had with your wife on the phone is sitting on a server somewhere being listened to while a bunch of techs are getting there jolly's off.

This can go back and forth till the end of time,but in my humble opinion if this file was put there to "assist" cops then shit all that is left is someone to wipe there ass.

tiger72
SexaT duorP
Premium Member
join:2001-03-28
Saint Louis, MO

tiger72 to diz17

Premium Member

to diz17
said by diz17:

Funny how no one in the media mentions that most, if not all cellphones from 2007-08 forward have built in GPS, and even non GPS phones can be triangulated.

If you're not doing anything guilty, you shouldn't have anything to hide.

So if a thief steal's your daughter's iPhone from the mall, pulls up her precise location tracks for the past 8 months, and goes on to harass or assault her based upon that tracking data, that's not a problem?

Because there's a difference between cell triangulation as applied and monitored by LEA and cellular networks, and keeping that data on a phone, easily accessible to anyone who has more than a few minutes of free time with the device.

skuv
@rr.com

skuv to diz17

Anon

to diz17
said by diz17:

If you're not doing anything guilty, you shouldn't have anything to hide.

Not everything that people do that they don't want others to know about is illegal.

rchandra
Stargate Universe fan
Premium Member
join:2000-11-09
14225-2105
ARRIS ONT1000GJ4
EnGenius EAP1250

rchandra to diz17

Premium Member

to diz17
one, being able to locate, and keeping a log of those locations, are two entirely different things.

and two, you go ahead and lobby to have the 4th Amendment repealed. For me, without it, that gives the government the permission to get all up in my business and harass me. Granted, they're rather disinclined to do so at the moment, as there really isn't anything to see. Nonetheless, I don't share your apparent view of not having the 4th Amendment in full force and effect.
fiberguy2
My views are my own.
Premium Member
join:2005-05-20

fiberguy2 to diz17

Premium Member

to diz17
said by diz17:

If you're not doing anything guilty, you shouldn't have anything to hide.

Can we ever have a discussion like adults about this? The founding document for this country was signed a few hundred years ago. We've already established our laws... we don't need to reinvent the law of the land EVERY TIME someone or something takes an action that directly violates it.

"SPLAT, you're it" mentality doesn't work for me. In other words, and this is probably how these things come to be, ... "invent it, make it happen guys.. put it out there, and we'll clean up the mess after the fact." This is what's being done. Just as we know it's wrong to kill someone, they know it's wrong to collect data on people with out telling them. We ALL know that they (apple, at least) CAN remote wipe our phones or a single app. We've established that they can in fact communicate with the phones. That's not what we signed up for... is it? The issue here is simple.. if they're doing something this questionable, then it's probably not something they should be doing in the first place. If they were to ask the customers if they could track and store this information on the device and also made us aware of the level of access they actually have to the phone, I guarantee anyone that at least 90% of the people (and I'm being generous) would say NO.

There's no need to store the data. And, your statement of "if you're not doing anything guilty, you shouldn't have anything to hide" is a bunch of crap and goes against the constitution. You are innocent UNTIL proven guilty.. in order to even say "doing anything guilty" has to imply that it's been PROVEN you are guilty in the first place, or have you not been taught that?

The law is not always clear. In MN, we have a no-texting and driving law as many states do. Using a cell phone while driving is legal at this time. There also currently is no law that says you can't eat, drink tune your radio, or pick something up off the driver seat while you're driving. (Spare me all the "you should only be driving" arguments as they're not valid here, and I really don't care about OPINION at this time) However, LAW ENFORCEMENT has decided to take matters in their own hand, (ie: stretch laws) by taking it into their rights to pull any driver over that they feel is "distracted while driving"... this can include eating, tuning your radio, TEXTING - which is already illegal and I'm okay with, but DIALING YOUR PHONE to make a call which IS a legal act.. eating even something as simple as doritos out of a bag. Is it illegal to do any of this? No.. not in the least. But, they want to become the judges of activity and now are including these actions as acts that are "distracting" under the narrow "distracted driving" laws which were enacted for gross violations such as shaving, putting on makeup and reading a magazine.. or beating your kids in the 3rd row from the driver's seat. Tuning the radio in a car is not "distracted driving" on the pretense.. they were approved and installed in a vehicle for use of the operator. Again, it's not illegal, but, as of now, officers will pull you over if THEY feel you're distracted.

I'm sorry, but there is a point in time where we have to be able to live our lives free of tyranny from our government. We have a RIGHT to be innocent unless it's PROVEN we are guilty.. and how do we prove guilt? .. you need evidence, which is clearly being compiled in advance IN CASE you MAY be guilty.

Sorry, sir, but your point is crap, and others have said.. un-American. Be in the wrong place and the wrong time and see how you like something used and twisted against you.. it happens and people not only sit in jail, they sit on death row in some cases.
gpmoo7
join:2009-01-03
Montreal, QC

gpmoo7

Member

It's still a problem...

The problem is that iOS is doing that without user approval and that's not legal, at least in some countries where the iPhone is sold.

Carriers 'can' locate you but they don't have the right to locate you, store and sale your location without your approval or without the police/justice/government approval.

The fact that it's not a secret for everyone now that the press spread the news doesn't make it OK.

At least, you should be able to opt-out from this and when you choose to opt-in, the date should be encrypted.
And that's applicable to any device, not just iOS devices.

I've chosen to share my location on Latitude but this is my choice and the data is not stored clearly on my phone and my PC. It's securely stored on Google servers and no-one has managed to get access to it ... yet.
SPQRxB
join:2011-03-03
Pennsauken, NJ

SPQRxB

Member

Re: It's still a problem...

There is a clause in the agreement when you activate your iPhone that specifies that location data can be collected. When you agree to activate your phone, you agree to that clause. Whatever you want to call it, it is not illegal.

coldmoon
Premium Member
join:2002-02-04
Fulton, NY

coldmoon

Premium Member

Re: It's still a problem...

said by SPQRxB:

There is a clause in the agreement when you activate your iPhone that specifies that location data can be collected. When you agree to activate your phone, you agree to that clause. Whatever you want to call it, it is not illegal.

Perhaps not, but it is deceptive and too vague for a user to make an educated decision not knowing the true implications of what he/she has agreed to.

Now if Apple changes it so that any/all location aware applications request permission to record that information with a popup warning that the user may be disclosing sensitive data that could be retrieved and accessed later, that would be a different story entirely...

Just because you bury something in a EULA, does not also mean you have adequately informed the user OR gotten explicit permission to access, record, or send that data.

When Apple starts ensuring that even the "idiot in a hurry" is properly informed, then this discussion becomes moot...

JMHO
Mike

SimbaSeven
I Void Warranties
join:2003-03-24
Billings, MT

1 recommendation

SimbaSeven

Member

Why not..

..just turn it off? Oh wait, you don't have control over that.

Yet another reason I like to root my phone, so I have control over what it does.. not the carriers or manufacturers.

I wonder if Android has this issue?
MRCUR
join:2007-03-09
Lancaster, PA

MRCUR

Member

Re: Why not..

Android does keep this type of DB as well, but it is very limited. I do not know if the DB is transmitted to Google or anywhere else.

The past 50 cell locations are stored and the past 200 WiFi connections are stored.

antdude
Matrix Ant
Premium Member
join:2001-03-25
US

antdude to SimbaSeven

Premium Member

to SimbaSeven
said by SimbaSeven:

..just turn it off? Oh wait, you don't have control over that.

Yet another reason I like to root my phone, so I have control over what it does.. not the carriers or manufacturers.

I wonder if Android has this issue?

Another reason why I don't own a cellular/cell/smart phone.

dellsweig
Extreme Aerobatics
MVM
join:2003-12-10
Campbell Hall, NY

dellsweig

MVM

solution

»modmyi.com/forums/iphone ··· ing.html
tpkatl
join:2009-11-16
Dacula, GA

tpkatl

Member

What about Android?

Do Android phones do similar location logging?

••••••••••••••
tivoboy
join:2004-05-10
Menlo Park, CA

tivoboy

Member

overblown

Once again, this is the type of story that gets so overblown it is ridiculous. My wife called me, said that one the "today" show they had a report. IT said, ANYONE can track you, applications can track you, your BOSS can track you and know exactly which shops you go to, which stores you are in etc.

First, without access to your computer, nobody can track you with THIS data at least. That is a first step.

Second, the nature and QUALITY of this data is such that there is really no way other than a REMOTE WALMART that someone could tell which store on a city block I was in, most of the time, on a random walk down 5th avenue, so getting real demographic and shopping habits data would be very hard. This data is much more crude than say a-gps data. Which it isn't.

If you want to stop this, just encrypt your itunes backup with a password. Done, nobody can read the file (okay, if they got access to a file, and a lot of computing power, they could probably break the encryption)

Also, it really is only accessible if you SYNC your iphone, A LOT.

As usual, totally overblown and far less intrusive and exposing than say a foursquare app, which DOES track you and uploads that data in REAL TIME to a server farm somewhere and could be hacked.

In actuality, THIS data is possibly used by the carrier to enable better tower management and understand towers that MAY cause more trouble for call drops, etc.

•••••••

JohnInSJ
Premium Member
join:2003-09-22
Aptos, CA

JohnInSJ

Premium Member

In other words....

Non story. Same GPS logging as the location service always did.

Thank goodness we all got stirred up over it, because that was awesome to watch.

I guess the crack team of security researchers will have to start looking for other things people have known about for two or more years. Perhaps they can discover "root"?
clickie8
join:2005-05-22
Monroe, MI

clickie8

Member

CDMA ?

Is there any truth to the rumor that this doesn't exist in CDMA iPhones? If so, and coupled with the fact that CDMA phones need to download profiles in order to work, it gives credence to what I read that one purpose of this database is to predict where to find GSM and wifi services without having to key the radio -- thus saving battery life.

For anyone who thinks that the cellular provider isn't doing this; you're being naive.
MRCUR
join:2007-03-09
Lancaster, PA

MRCUR

Member

Re: CDMA ?

This is true. CDMA iPhones and iPads do not have this past location DB. I believe it has something to do with the way CDMA cell towers work and information which cannot/is not provided to phones (such as tower IDs).

odreian615
join:2006-01-18
Chicago, IL

1 recommendation

odreian615

Member

HAHA

You can tell who has a iOS device and who don't in this thread.
bugabuga
join:2004-06-10
Austin, TX

bugabuga

Member

Dexter story plot? :)

I can imagine someone writing a new app already that fakes those logs, or tweaks them slightly to make it look you were somewhere else. "I couldn't have possibly been at the crime scene at that time, look at the logs!"

Razzy12345
@rr.com

Razzy12345

Anon

Re: Dexter story plot? :)

They will just subpoena the cell company to release the data they're looking for.

Now this has been public, now almost alot of people are aware of it, I don't think the file in question will be admissible to court.

Ctrl Alt Del
Premium Member
join:2002-02-18

Ctrl Alt Del

Premium Member

Don't act surprised. What do you think this is?

F-Secure has a great writeup about this: »www.f-secure.com/weblog/ ··· 145.html
tivoboy
join:2004-05-10
Menlo Park, CA

tivoboy

Member

Re: Don't act surprised. What do you think this is?

strangely, I tried to download the tracking software and have it pull up my data and it couldn't . And the data is not encrypted.

I do have phones on every carrier, it'll be about a week before we see this from other carriers smartphones.
MRCUR
join:2007-03-09
Lancaster, PA

MRCUR

Member

Re: Don't act surprised. What do you think this is?

The location DB file is not encrypted on the phone and is not encrypted on your computer by default. Selecting the option to "Encrypt Backups" changes this.

I'm not sure there is any way to encrypt the file on your phone.

SLD
Premium Member
join:2002-04-17
San Francisco, CA

SLD

Premium Member

But, the story is true

The real story is informing the public that carrying one of these devices means that your usage and location information is being shared with corporations, law-enforcement and basically anyone willing to pay without regards to the consumers privacy preference and without proper disclosure. It isn't sensationalism. Ther responses here reflects insensitivity to ones privacy and rights.

•••••
MTU
Premium Member
join:2005-02-15
San Luis Obispo, CA

MTU

Premium Member

Acceptance

Perhaps explains the massive & effortless acceptance by the powers-to-be in the PRC.

manfmmd
Premium Member
join:2003-01-14
Earth, TX

manfmmd

Premium Member

Geezus!

These locations being stored on the phone are WAY off... I pulled my Wifi and Cell location data and plugged it into Google Maps and it's not even close to being accurate, even if the 'horizontal accuracy' is less than 500 (meters I'm assuming). If the data WASN'T being collected by Apple, why would they have tables called 'CellLocationHarvestCounts' and 'WifiLocationHarvestCounts' in the database...
jjeffeory
jjeffeory
join:2002-12-04
Bloomington, IN

jjeffeory

Member

Feds to Supreme Court: Allow Warrantless GPS Monitoring

»www.wired.com/threatleve ··· itoring/

compuguybna
join:2009-06-17
Nashville, TN

compuguybna

Member

Tracking.

If you got a GPS in ANY cell phone, it can show your location on the spot. Mine pinpoints me within 5m.

also, even with the GPS turned OFF, the mapping software can locate a general range of where I am (using the wireless network).

So, I am wondering why this is such a surprise to anyone.

I guess we're just wondering HOW this data is used if it can be retrieved.

freedom123
@telekom.hu

freedom123

Anon

cannot believe this..

I cannot believe that the media is actually supporting Apple on this. This is complete unsolicited intrusion to my privacy. Where's the liberal media now attacking the ones who are spying on me now??
It is really Bad Journalism...