Slashdot Mirror
Apple Logging Locations of All iPhone Users
An anonymous reader writes "The Guardian reports that researchers have found a hidden file on all iPhones, iPads and any computers to which they synchronize, logging timestamped latitude and longitude coordinates of the user since June 2010. A tool is available on their website to check on your own."
Why were the people who own these products not informed? (or why was the informing done within miles of legal jargon that is the user agreement?) I have a BIG problem with this as I believe that us Canadians still have some privacy laws left.
Next thing you know, the economy is down for good, the chinese take over, then nobody cant say crap while they get painfully raped up their sociopolitical collectives arses.
And having an iPhone causes that, huh? Get over yourself, geek filth.
I've checked the data on my iPhone and it's crap. Zero hits on my apartment, zero hits on my office. Hundreds of hits on places I've never visited. During a trip to the UK, I seem to have visited locations arranged on a one-kilometre grid covering most of Yorkshire and Lincolnshire -- which is odd, because I just went to my sister's house. Good luck using that for anything worhwhile.
Apple fanbois couldn't stop bashing Google's wifi tracking, meanwhile saying Apple's ethics are superior. I for one can't wait until lawyers get a hold of this. Karmic retribution.
That brings me to an interesting point, / . is just "the ramblings of socially-inept, technology-literate news-mongers".
Okay I'm all for explaining why this is bad, but why the fuck do we insist as a group using the example of a private eye tracking down a cheating spouse for the purpose of divorce as a reason to take privacy concerns seriously? The average citizen is going to be like "Oh well I don't have to worry about that, I have nothing to hide from my spouse!" even if they are lying to themselves. The political and social leadership will be like "well then don't cheat and you'll be fine!"
WORST... EXAMPLE...EVAR...
Here's some better examples for this specific situation:
1) A burglar determining a pattern when you aren't home so they can rob your house.
2) A stalker determining the best place to attack you
3) Someone who doesn't like you smearing your character publicly simply because your phone walked by a strip club (he must have gone in, he's a sinner!!!), even though 2 blocks away is the hospice you volunteer once a week at.
Let's try to come up with better examples that make people actually care please?
"All great wisdom is contained in .signature files"
No surprise here. I posted about this ages ago, but everyone argued that I was talking out of my arse by a whole load of iPhone users.
We knew Apple were doing this nearly a year ago
Next, they'll be sharing it with their 'partners', and using it for direct advertising. You've already agreed to it in the terms.
Reference yesterday's story...
http://apple.slashdot.org/story/11/04/19/2231240/Michigan-Police-Could-Search-Cell-Phones-During-Traffic-Stops
I wonder if this location data would be part of what could be extracted there...
Chaos, panic, disorder...my work here is done.
I just dumped the file from my iPhone and imported it into a Google map. I had to check out the source code to the tool at TFA to figure out that the dates are based on an epoch of 2001-01-01 and not the usual Unix epoch date.
I'm looking forward to using this feature to help me track my location. Since the phone is already doing this "for free" it's not going to "cost" me any more battery power to use this log. It's not as accurate as GPS, but it's accurate enough for my needs.
Once I've got a cron job setup to offload the file from my (jailbroken) iPhone 3GS to a box on my network I'll work out how to wipe the file on the device after each upload (so that the device isn't carrying around weeks or months of my position data).
The Attitude Adjuster, I hate me, you can too.
"The most immediate problem is that this data is stored in an easily-readable form on your machine. Any other program you run or user with access to your machine can look through it."
Apple may not upload it while syncing or by using a scheduled cron job, but any single individual app can read it. Also, as the others said, prove to me at no event does any proprietary apple application access the file. The location data resolution is set to one second intervals, that is insane. They can easily know when I take a piss just by how often I frequent that specific location for short time periods.
That you know of. Or better yet, what if its sent to ATT or whoever your carrier is now? I mean they would have a legitimate need for the information to maintain their network except they can probably gain it on their own without it.
More importantly, the government can gain access to the location and use it for anything if they get your phone. How about you are standing on the street corner waiting to cross the street, minding your own business in a neighborhood that you have a legitimate reason to be in. You all the sudden hear a commotion down the street and try to see what it is. Turns out to be one of the internet organized protest rallies attempting to raid the democrat or republican convention or some speech that happening close by that you knew nothing about. You sit there watching peacefully as they pass by you pondering whether to ask them what's happening or join them. They are holding signs up advertising a web site so you open your Iphone and browse to it hoping to grab some insight into what's happening in front of you. Then moments later, they clash with the police. The police chase them, rocks are thrown, tear gas is used, in the chaos, you are snagged up by the police. You swear you weren't part of it. A policeman and a representative got seriously hurt so they aren't going easily on people. They grab you Iphone and pull this file out, find out you were within 20 feet of the start of it, moved closer to it before the violence started, and visited the website that organized it moments before the violence started. You are now on the hot seat for attacking a police officer, attacking a representative of the state or federal government, participating in an illegal mob/protest/criminal gang activity and whatever else they can dream up because they are out for blood. And Its your IPHONE that is going to give them enough information to either convict you (because they like making examples out of people who hurt government employees and politicians) or cost you a shit ton of money, probably a conversion to some religion so your prayers would feel like they are helping more, maybe even your job, and maybe time in jail while sorting it out, just to get out of it.
Yeah.. It's a fail to be concerned with the Apple products tracking you without your knowledge for uses not disclosed to anyone.
True, but even if it was being sent to Apple, I don't think it's particularly useful to them. Remember - it's logging the location of the cell towers you hit, not YOUR actual location. Given that there's only one cell tower every couple of kilometres in most areas, this is not particularly 'high resolution' data.
I've used the tool linked in TFA to examine the data on my own iPhone and you couldn't really figure precisely out where I lived or worked from the data. Only the 'general area' (e.g. 'oh the northwestern suburbs of city X'). Your phone company logs this data too as a natural consequence of providing you with service, and frankly I don't trust my phone company any more or less than Apple.
Agreed that Apple should probably address this issue (explain what the file exists for, and perhaps patch it so that you can turn it off/expire the data after X days etc.) It's mildly concerning but not enough to worry me too much. If it were logging exact GPS-derived location on the other hand, rather than cell towers, that would be bad.
(PS. the data is only connected 'per user' insomuch as you can restore an iPhone backup taken from one phone, onto another phone, if you so desire. It's not specifically being linked to you or your Apple account ... it's just that you are restoring an image taken of one phone onto your next phone, which happens to include this file. The 'new phone' becomes the 'old phone'. You may actually be a completely different user ... though that's unlikely in practice, since who's gonna use someone else's backup to restore their phone?)