Slashdot Mirror
Apple Logging Locations of All iPhone Users
An anonymous reader writes "The Guardian reports that researchers have found a hidden file on all iPhones, iPads and any computers to which they synchronize, logging timestamped latitude and longitude coordinates of the user since June 2010. A tool is available on their website to check on your own."
Surprise!
Tracking people's whereabouts is truly evil. Wait until the divorce lawyers start subpoena them for location data to help their clients.
Do you really need to invoke a government conspiracy? This is Apple we're talking about.
Look again. There is no link to upload anything only a link to download the application.
So you're telling me if someone physically steals my phone or computer, and is able to break the passwords, they can see private info about me? NFW!
I assure you all that if someone were to do that, I'd have a lot more to worry about than my PC or phone giving up my travel habits.
Slashdot "libertarians": Small government for me, big government for those I disagree with. -1, I disagree with you
Why were the people who own these products not informed? (or why was the informing done within miles of legal jargon that is the user agreement?) I have a BIG problem with this as I believe that us Canadians still have some privacy laws left.
It's impossible to determine where this data has been sent. Any app has access to it. Access to this file itself is not logged. It could be sitting on the hard drives of any number of app producers.
Likewise with my Nexus S. I know it tracks itself, because I have joined Latitude and keep my GPS turned on, but I can opt out of Latitude and disable the GPS, so it can't track itself. And at least I own that device, unlike the iStuff, which I apparently only lease from Apple...
Hyperbole: I use it liberally!
They are either at the Apple Store, North Face or Star Bucks. Done.
Though it is a very fine distinction, Apple isn't receiving any of this information, it's simply being stored.
From the Article
As bad as some may play it, without Apple receiving this information it's simply information that is stored, not "Big Brother"/Apple monitoring your every move.
DEMETRIUS: Villain, what hast thou done?
AARON: Villain, I have done thy mother.
Shakespeare invents 'your mom'
I've checked the data on my iPhone and it's crap. Zero hits on my apartment, zero hits on my office. Hundreds of hits on places I've never visited. During a trip to the UK, I seem to have visited locations arranged on a one-kilometre grid covering most of Yorkshire and Lincolnshire -- which is odd, because I just went to my sister's house. Good luck using that for anything worhwhile.
Apple fanbois couldn't stop bashing Google's wifi tracking, meanwhile saying Apple's ethics are superior. I for one can't wait until lawyers get a hold of this. Karmic retribution.
That brings me to an interesting point, / . is just "the ramblings of socially-inept, technology-literate news-mongers".
Okay I'm all for explaining why this is bad, but why the fuck do we insist as a group using the example of a private eye tracking down a cheating spouse for the purpose of divorce as a reason to take privacy concerns seriously? The average citizen is going to be like "Oh well I don't have to worry about that, I have nothing to hide from my spouse!" even if they are lying to themselves. The political and social leadership will be like "well then don't cheat and you'll be fine!"
WORST... EXAMPLE...EVAR...
Here's some better examples for this specific situation:
1) A burglar determining a pattern when you aren't home so they can rob your house.
2) A stalker determining the best place to attack you
3) Someone who doesn't like you smearing your character publicly simply because your phone walked by a strip club (he must have gone in, he's a sinner!!!), even though 2 blocks away is the hospice you volunteer once a week at.
Let's try to come up with better examples that make people actually care please?
"All great wisdom is contained in .signature files"
There are varying degrees of many things, of which many subsets can be constructed.
Apple is a Tier-2 evil. They are more evil than the neighborhood bully, but they are less evil than...say, Hitler.
Just like evil, there are subsets of happy.
Think about "I just got an 'attaboy' from my boss" happy versus "I just got with this super-hot girl I've been into for a long time" happy.
If the only way you can accept an assertion is by faith, then you are conceding that it can't be taken on its own merits
There is no evidence that this data is being sent to Apple or anyone else.
As the article illustrates, any app you install has easy access to this data.
With their phone data slurper tools (Michigan State Police Could Search Cell Phones During Traffic Stops), they could get your location database in a couple of minutes.
Location services serve a function. There still no good reason to log all of the data. This is not a solution.
I just dumped the file from my iPhone and imported it into a Google map. I had to check out the source code to the tool at TFA to figure out that the dates are based on an epoch of 2001-01-01 and not the usual Unix epoch date.
I'm looking forward to using this feature to help me track my location. Since the phone is already doing this "for free" it's not going to "cost" me any more battery power to use this log. It's not as accurate as GPS, but it's accurate enough for my needs.
Once I've got a cron job setup to offload the file from my (jailbroken) iPhone 3GS to a box on my network I'll work out how to wipe the file on the device after each upload (so that the device isn't carrying around weeks or months of my position data).
The Attitude Adjuster, I hate me, you can too.
I am just looking into the file.
The database contains also a huge list of access points.
basically it seems that for each and every WiFi network the iPhone "sees" (not only if you join it, and even if the network is hidden)...the toy stores the Mac Address of the access point, timestamp of detection, coordinates (including height and accuracy), speed, ...
See table WiFiLocation
CREATE TABLE WifiLocation (MAC TEXT, Timestamp FLOAT, Latitude FLOAT, Longitude FLOAT, HorizontalAccuracy FLOAT, Altitude FLOAT, VerticalAccuracy FLOAT, Speed FLOAT, Course FLOAT, Confidence INTEGER, PRIMARY KEY (MAC));
Mine contains >50000 entries, basically I have the entire WiFi Map of Milano.... nice but, isn't this what Google was fined for doing ???
Interestingly, each and every iPhone user is doing the same "crime" committed by Google,, but unintentionally (and no, this does not seem to collect packets).
Andrea Cocito
/var/root/Library/Cache/locationd/consolidated.db
http://www.hollowdepth.com
There's only one way to see if the data is sent somewhere: it's to monitor the iPhone's input and output over an extended period. To my knowledge, no one has done that. In other words, we simply do not know whether this data is sent anywhere - and there are absolutely zero protections against it being sent. However, the way the data is stored, and the way the data is connected per user instead of per phone (being migrated across if you switch phones), makes it seems like presuming that Apple is being totally clean with this is very very naive.
True, but even if it was being sent to Apple, I don't think it's particularly useful to them. Remember - it's logging the location of the cell towers you hit, not YOUR actual location. Given that there's only one cell tower every couple of kilometres in most areas, this is not particularly 'high resolution' data.
I've used the tool linked in TFA to examine the data on my own iPhone and you couldn't really figure precisely out where I lived or worked from the data. Only the 'general area' (e.g. 'oh the northwestern suburbs of city X'). Your phone company logs this data too as a natural consequence of providing you with service, and frankly I don't trust my phone company any more or less than Apple.
Agreed that Apple should probably address this issue (explain what the file exists for, and perhaps patch it so that you can turn it off/expire the data after X days etc.) It's mildly concerning but not enough to worry me too much. If it were logging exact GPS-derived location on the other hand, rather than cell towers, that would be bad.
(PS. the data is only connected 'per user' insomuch as you can restore an iPhone backup taken from one phone, onto another phone, if you so desire. It's not specifically being linked to you or your Apple account ... it's just that you are restoring an image taken of one phone onto your next phone, which happens to include this file. The 'new phone' becomes the 'old phone'. You may actually be a completely different user ... though that's unlikely in practice, since who's gonna use someone else's backup to restore their phone?)
Actually come to think of it, it's the CARRIERS that benefit from this data, not Apple. It's not storing your GPS location ... just the location of the cell towers you've hit. So it's giving, essentially, a map of network load caused by your phone. Aggregated with other phones, this would be pretty interesting information to a carrier, you'd think. Perhaps carriers wanted Apple to do this kind of logging? But again, since the data isn't sent to anyone, it's still hard to see how this could be useful for anything other than a legitimate reason related to the phone itself (e.g. caching your previous locations so that it can more quickly use AGPS to pinpoint you again).
Nice logic. Except that the carriers already know with great precision where you've been anyway. They run the towers you connect to, remember?