iPhone and Location: Don't Panic

stonemirror writes "There's a lot of blind panic out there over the discovery of a database file on the iPhone which contains dated location information. Without actually looking at the data, a lot of folks have proclaimed that the 'iPhone is tracking your every move.' I actually did take a look at the data, and it's not doing anything like that."

Anecdotal

[RocketRabbit]

This story is entirely anecdotal. Sure, it may not be tracking your "every move" but we have no way of knowing if this guy's phone was even on for his whole train ride (for example).

His conclusion is "We don't know why Apple is collecting this information but it's not a big deal." What the hell? How do we know it's not a big deal?

Sorry, Apple, you guys fucked up. A random blog-pologist isn't going to save this one for you.

Re:Anecdotal

and saying that its OK because 'it isn't accurate' is just fucking stupid. This type of personal intrusion cannot be accepted.

if we don't take action now, we'll settle for nothing later.

Re:Anecdotal

[Pieroxy]

The most interesting thing in the article is the last sentence:

[UPDATE: Exactly the same kind of information seems to be getting stored on Android phones. Here's an application you can use to dump it out...]

So Apple users know they're not alone ;-)

Re:Anecdotal

[h4rr4r]

This "but my friends are all doing it too" argument did not work when I was a kid and I don't see how it holds water now.

Re:Anecdotal

[stonemirror]

I had the phone on the entire time, and that's far from the only anomaly I pointed out there. All of the information presented on this—so far, anyway—has been anecdotal: nobody has access to anybody else's location database from their iPhone. And, since Android phones do just the same thing, if the guys at Apple "fucked up", the guys at Google did, every bit as badly. My point here was not to be an "apologist", simply to present some aspects of the data that were getting missed in all the hysterics.

Re:Anecdotal

[Americano]

Sure, it may not be tracking your "every move"

If it's not tracking your every move, then it would be inaccurate hysteria to claim that it is, in fact "tracking your every move."

More anecdotal data, which suggests that TFA's anecdote has some validity:
I looked at my iPhone data, and I saw very similar information. I took a trip with some friends back at the beginning of December; During that time, we spent our time at a ski area, or within about 5 miles of the hotel we stayed at for dinner/drinks in the evenings. My iPhone tracking data is so wildly inaccurate that about the only conclusion you can draw from it is that "sometime during the weekend of December 3, 2010, I spent some time in central New Hampshire and/or coastal Maine." The points it collected for that weekend are spread all over a ~100 mile radius from the point I actually stayed. And yes, my phone *was* on the entire time, because I was in fairly regular contact with my girlfriend throughout the weekend via SMS & the Facebook app.

Also, since my backups are all encrypted, I had to specifically turn off encryption to even view this data, and there is zero evidence to suggest that this data is being phoned-home to Apple for any reason.

Is it worth understanding why this data is being collected, and what - if anything - it's being used for? Absolutely. Is it worth fixing if the long-term collection of this data is a bug, or an oversight? You bet. Is it the end of the world, or worth getting hysterical over? Nope, not without significantly more evidence of some sort of nefarious intent.

Re:Anecdotal

[Coren22]

That concerns me just as much as the iPhone doing it. However, it appears that the Android one is rather temporary, not the extended log file that the iPhones store. Unfortunately, I don't think I could root my X even if I wanted to, and the tool to output it requires root.

Re:Anecdotal

[tripleevenfall]

Agreed.

It's not enough to say "Well, you agreed to the TOS" when you know full well nobody reads it. If you are tracking my physical movements, I should have to opt-in to that in an obvious way.

It doesn't even clearly state that this stops if you turn off Location Services, or what happens to the backed up files if you do.

Re:Anecdotal

[Antisyzygy]

Apple fanboi's have a weird insecurity and chronic need to feel like they are better or, at the very least, the same so I am not surprised they tried to find something like this. The fact remains that the iPhone has far more data (month vs. week) that is stored over Android does. Furthermore, Apple routinely touts themselves as consumer privacy friendly and the "most secure". Obviously keeping a month's worth of cell tower and wifi locations you were in proximity to without letting the user know ahead of time proves that they aren't as secure nor as privacy friendly as they claim. Nice work.

Re:Anecdotal

[Wyatt+Earp]

I checked mine last night.

Two phones sync to my computer, so I checked both.

1. My iPhone 4 - got it Dec 27th in Las Vegas at Apple Store - Forum Shops - Caesars Palace - it didn't have any of the Las Vegas, North Rim Grand Canyon, or SeaTac. It has everything up here in Alaska.

2. iPhone 3 - it has a longer history, got it April '09 in northern Washington. It has everything up there, but it doesn't have two trips down to Portland, it has a trip to Portland in '10, nothing of Las Vegas trip, has all of Anchorage area, nothing south of Anchorage like Seward, Homer, Valdez, does have history of trips to Denali. Again, no logs of SeaTac or Portland International Airports.

Everywhere I mentioned, I had the phones on and it wasn't in airport mode.

Re:Anecdotal

[stewbacca]

I think his second example is a clearer indication that this isn't tracking anything, other than a very large geographic location and an active phone account. You can't be in San Jose and Merced at the same time, especially if you never leave your house that is in neither place.

Re:Anecdotal

[Foofoobar]

this could be one of two things: wifi hotspots being found via a network of other iphones or the network of iphones in the area.

Re:Anecdotal

[Americano]

No, but it is interesting that another platform is doing similar things. Understanding why it happens on Android may provide insight into why it's happening on iOS, as well.

Re:Anecdotal

[recoiledsnake]

> All of the information presented on this—so far, anyway—has been anecdotal: nobody has access to anybody else's location database from their iPhone

Huh, what do you mean by anecdotal? The tool is available to be used on anyone's iPhone and if there's no location data, that's easy to prove, you don't have to believe people's anecdotes about finding location data logged on their phone.

>. And, since Android phones do just the same thing, if the guys at Apple "fucked up", the guys at Google did, every bit as badly.

"They did it too" is not a defense.

Re:Anecdotal

[Lumpy]

Personal intrusion? your cellphone provider has a nice database of your every move that is accurate. They've had this for years. THAT is what you need to be outraged about, not a file that is safely on your phone that is not sent to anyone.

Re:Anecdotal

[geekoid]

That assumes the particular android phones that do that did have this installed by the carrier. As a data point, I can't find the files on my G1.

The only way I would call either of those articles 'Hysterical' is if I didn't know what the word 'Hysterical' meant.

The article really comes off as an iPhone apologist who is trying to deflect the issue by pointing as someone else.

That may not have been your intent, but that's how it reads.

Re:Anecdotal

Wow. Not only is Apple trying to track your every move, but they also suck at it.

Re:Anecdotal

[alienzed]

You're acting like anyone except the owners of the phone have access to this information. Given that the users of the phone probably remember where they have been, this really isn't a big deal. You also must realize that it's not Apple that is collecting the information, it's your device and no one has access to your device except you; no one has access to that file except you. Furthermore, this wouldn't be a big deal even if iOS was vulnerable to spyware that could relay the tracking information to a third party because if there were spyware, the spyware wouldn't need this file in the first place, it could gather that information on its own. A whole lot of news about nothing. Next up: your Apple computer has activity and system logs and website history that track your every move!

Re:Anecdotal

[geekoid]

wow, that first sentence was horrid. Sorry. Should be:

That assumes that the android phones that 'track' you do that because of Android; and that it's not the carrier that's adding the tracking ability. As a data point, I can't find the files on my G1.

Re:Anecdotal

[Qwavel]

It's not the same kind of information at all. The android file (only available if you have root) is a temporary cache. That is totally difference then the Apple file which holds the data about your location since you bought the phone.

The fact that he considers them the same, and the rest of his article, make it clear that he is merely some obscure, inaccurate, apologist.

With this story being reported all over the Internet, by media and blogs both respectable and ridiculous, why did /. choose to use this ridiculous one. /. seems to have turned into a sort-of FOX news of tech discussion - without even a pretense of objectivity.

Speaking of which, here's one of my favorites pieces so far. A Forces columnist asks whether this discovery (of the Apple location history file) is cool or creepy and concludes that it is cool. She decides that it is actually a great feature and pushes Google to get to it and see if they can come up with a similar feature:
http://blogs.forbes.com/kashmirhill/2011/04/20/cool-or-creepy-your-iphone-and-ipad-are-keeping-track-of-everywhere-you-go-and-you-can-see-it/

So maybe the blog post that /. choose for this whole saga is not actually the worst piece written on the topic.

Re:Anecdotal

[ColdWetDog]

Mine has me in various locations around my local town. And then, in several small villages in SE Alaska (Hoonah, Kake) that I have not visited in several years. I'm quite certain I had a different phone at that time. All I can think of is that the Kake and Hoonah repeaters picked up my signal when I was up in the alpine country on a hike or perhaps more likely, flying in a small plane. It's completely missing several trips to Seattle and California. Pretty random, actually.

Re:Anecdotal

[tripleevenfall]

It's synced to your PC, which is a vulnerability in itself.

Re:Anecdotal

[geekoid]

You seriously don't know what hysteria means, do you?

"If it's not tracking your every move, then it would be inaccurate to literally claim that it is, in fact "tracking your every move.""

True, but we really are doing is arguing semantics. At what point does it become accurate? write location once a day? twice a day? every hour? every minute? every second?
Fact of the matter is, if I track you for enough data points, I can know your every move in every practical way.

For example, based on the data from the web site I can accurate infer that the train was taken, and when. If somone had access to the train info, they could pick the train you were on.

Re:Anecdotal

[Snarky+McButtface]

I looked at the application and it dumps the information collected by Android location, which is an opt in service. Does anyone know if the location information being collected on iphones is the result of the user opting into a service?

Re:Anecdotal

[CannonballHead]

My point here was not to be an "apologist", simply to present some aspects of the data that were getting missed in all the hysterics.

Who said he was defending? Clarification of what is really going on != defense.

Re:Anecdotal

[marcello_dl]

Or an obfuscated list of more precisely computed locations, or whatever. Unfortunately closed systems can't let you find it out easily.

Re:Anecdotal

[h4rr4r]

The Droid X can be rooted, what you cannot do is replace the bootloader.

Re:Anecdotal

[Americano]

No, I didn't give permission for this.

Well guess what? If you own an iPhone, it's happening. So your choices appear to be, take a hammer to your iPhone to shut it off, or ask questions about why the data is being collected, who has access to it, and what the tradeoffs are of turning off the collection of this data. My guess is that it's part of the location services functionality, and if you disable Location Services, you'll probably also halt collection of this data. Now, if you like and value the Location Services functionality, disabling the collection might not be an option. But perhaps you'd want to lobby Apple to encrypt this data to prevent against unauthorized intrusion.

So its ok until it gets used in a bad way? Damn you're gullible.

Ah yes, the deliberate misrepresentation. I said - "is it the end of the world, or worth getting hysterical over?" And the answer is no, it's not. There's no evidence to suggest that the data is being made available to anybody except you, using your phone. If I lost my iPhone, I'd be a lot more irritated over the fact that it has emails, photos, phone numbers, addresses, and a host of other personal data that I'd rather not lose than I would be over the fact that "oh no, somebody can see the areas I visit frequently, with variable and inaccurate tracking data!" If there's evidence that Apple is using this to build some sort of master profile of all your movements and activities, I'm willing to examine that evidence and pronounce the situation to be worthy of hysterics.

As I said, it's absolutely worth asking about the collection of this data, and understanding why it's being collected, and what it's being used for. It's not worth getting breathlessly panicked over, which is what a lot of the news coverage of this "discovery" amounts to. And for what it's worth, it's not exactly "new" news to begin with: specifically, see points 2 & 3,.

Re:Anecdotal

[qubezz]

You also must realize that it's not Apple that is collecting the information....

You must realize it is Apple tracking your every move. We would expect that the mobile provider can record the cel phone towers you are using for billing/roaming purposes, but we would not expect that the manufacturer of your mobile phone is getting a daily update of all your movements provided by the satellite-based GPS in the device. That is in fact what is happening. Read the excerpt from the Apple privacy policy (reads like a waiver of all privacy):

We also collect non-personal information data in a form that does not permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose. The following are some examples of non-personal information that we collect and how we may use it:

We may collect information such as occupation, language, zip code, area code, unique device identifier, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising.

Re:Anecdotal

[truthsearch]

Obviously keeping a month's worth of cell tower and wifi locations you were in proximity to without letting the user know ahead of time proves that they aren't as secure nor as privacy friendly as they claim.

How so? Unless the data is transmitted off the phone then it can be secure and private.

Of course a developer app getting access to it is a bad sign. But if the data were locked down to only the phone itself then there's no privacy issue.

Re:Anecdotal

[poetmatt]

No, it's called "apple is innocent focus on android I'm an apple fanboy", to some degree (and not always). The "oh but android!" argument is seriously getting old.

Meanwhile, all cellphones have been doing this for years, and people rightfully can and should be concerned if they are not aware that their location is potentially trackable at almost any time you have a cellphone on. However, to act like "we can just patch so that it's not stored on your phone" doesn't answer the "guess what: it's still available" aspect.

Whether that information is being allowed to be obtained without a subpoena or search warrant however, is also a question to be asked.

Re:Anecdotal

[newcastlejon]

Personal intrusion? your cellphone provider has a nice database of your every move that is accurate.

Evidence please. I know that my network provider has data on where I am right now and that they would be capable of doing what you say (given a court order, for example), but that doesn't automatically mean they actually are.

I don't trust Apple any more or less implicitly than my network so I make no comment on whether or not they are in possession of the data my iPhone allegedly collects.

Re:Anecdotal

[mspohr]

If you follow the links and read the articles about the Android (I know, I'm a geek for actually reading the article and following the links), you will find that the Android is a cache of the most recent 50 or 200 locations which are overwritten with new information as you move around. The Apple phone, on the other hand, seems to keep all of the location information since the update to iOS 4.

Since this is a cache for the Android, it looks like it could be used to retrieve recent locations for current location based services.

Re:Anecdotal

[romanval]

The iPhone's location file is only available to root as well-- ordinary apps can't read it unless the phone is jailbroken.

Re:Anecdotal

[Americano]

No, it's not simply a semantic argument, I examined my own data and it's remarkably inaccurate, and certainly not enough to "track me" on anything smaller than a city scale. There is precious little to suggest that there's anything being "tracked" that would do anything more than give you an idea of "areas I frequently visit." And even those aren't accurate - there are data points of places which I have *never* visited, or can say definitively that I was NOT at the location marked at the time it's marked at.

About the only conclusions you can draw definitively from looking at my aggregated data is that there's a few places I spend most of my time in, and that those places are each within some 20-30 mile radius. The rest is simply "roughly accurate" location information. I'd be a lot more concerned about losing my phone with all of the contact info, email, and phone numbers in it than I would be about somebody getting ahold of my consolidated.db file.

Re:Anecdotal

[ThatsMyNick]

The android caches are flushed every 48 hours, I see iPhones having records as old as Decemeber 2010. So I would say Apple fucked up, Android (or Google) not really!

Re:Anecdotal

[MagicM]

/. seems to have turned into a sort-of FOX news of tech discussion - without even a pretense of objectivity

There was a time when Slashdot had a pretense of objectivity?

Re:Anecdotal

[Americano]

No, it's called "apple is innocent focus on android I'm an apple fanboy", to some degree (and not always). The "oh but android!" argument is seriously getting old.

I'm not sure what your point is. I agreed with h4rr4r that it doesn't "excuse" the retention of the data - but it certainly suggests that there may be a technical reason (most likely related to Location Services) for collecting & storing some location data. So the logical question, until we receive a response from Apple, is to ask, "If Android does it, what do they use that data for?" Because maybe iOS does it for the same reason.

Re:Anecdotal

[gilesjuk]

It's more than likely a file that contains the location of cells in the area? for aiding quick start positioning?

Either way, it doesn't matter since even if the phone doesn't have records of where you have been the phone company does.

The same information is also gathered by Android, so Google fucked up as well:

https://github.com/packetlss/android-locdump

Re:Anecdotal

[causality]

It's synced to your PC, which is a vulnerability in itself.

Is there a way to delete this "consolidated.db" file and replace it with a symlink to /dev/null? Not sure if iPhones have a /dev/null (or equiv.) but Android should.

It'd be interesting to do that and see if it breaks anything. If nothing breaks, even slightly, we can be fairly sure this "feature" provides nothing that benefits the owner of the phone, the paying customer. The question of who does benefit would then become more interesting.

For Apple and Google, this is how you avoid "panic", "hysteria", and various other words used to mischaracterize legitimate questions of trust: document features and files like this in a thorough, open, and easily searched manner instead of waiting for third parties to discover them and speculate about their function. If you refuse to do that, you are setting up this very situation.

Why anyone who is not an employee of Apple and Google would characterize legitimate inquiry as "hysteria" is another interesting question. It's obviously an attempt to dismiss and belittle ("you disagree with me about whether this should be questioned, so obviously you are panicking"). It would seem that in their minds, it's far more reasonable to blame people for wondering if this has privacy implications than it would be to blame the companies for leaving everyone in the dark.

Re:Anecdotal

[absurdhero]

this could be one of two things: wifi hotspots being found via a network of other iphones or ...

He filtered out wifi from the data before doing the analysis.

Re:Anecdotal

[Americano]

Which would be my guess as well. The point I'm making is that if two separate mobile OS'es are collecting and storing some level of location data, the reasoning for why one platform is collecting it may provide some insight into why the second one is, as well.

Then the question becomes: Is the longer-term retention by design? If so, what functionality is enabled by this longer-term retention? Is there a way to disable collection, if I don't value that functionality? If it's not by design, is it simply an oversight, that somebody forgot to write the program that purges old data? If not an oversight, is it a bug, that the purge isn't functioning as expected?

There's a host of questions that won't be answered until Apple issues an official response, but the only thing I can even remotely consider worthy of "OH NOES THINK OF THE CHILDREN" hysteria is that they should have forced encryption of iOS backups by default. I turned mine on, and have been doing encrypted backups since the feature was available - it would seem to me, especially with the personal information that is being backed up, that Apple should have turned this on by default to keep the contents of the backups secure.

Re:Anecdotal

So what you are saying is - "Look. X is raping you. Why are you complaining about Y?"

Apple apologists have no bounds.

Re:Anecdotal

[sangreal66]

I'm not an expert, but I do watch The First 48 and the police routinely receive cell tower records of everywhere a suspect has been.

Re:Anecdotal

[Xaedalus]

Why do you care? Are you really THAT important to the world that some shadowy group of villains are going to expend the time and effort to track your every move? Your greatest defense against intrusion is anonymity within the crowd, and that there's no reason for anyone to pay attention to you.

Re:Anecdotal

[stabiesoft]

I saw the blog and I wondered what conclusion the blogger would have had if it was microsoft instead of apple. Personally, I was on the creepy side of the scale and was stunned when she thought it was cool. I am so glad I am not cool.

Re:Anecdotal

[cultiv8]

Apple responded to this issue back in July of 2010. The major fuck up is that the file is not encrypted.

Re:Anecdotal

Yesterday

"The Guardian reports that researchers have found a hidden file on all iPhones, iPads and any computers to which they synchronize, logging timestamped latitude and longitude coordinates of the user since June 2010

Re:Anecdotal

[newcastlejon]

Suspects? I can accept that network operators would provide location data for such people, which is why included the court order part in my comment.

Re:Anecdotal

[causality]

Personal intrusion? your cellphone provider has a nice database of your every move that is accurate. They've had this for years. THAT is what you need to be outraged about, not a file that is safely on your phone that is not sent to anyone.

The people who run the cell networks have this data. The cell towers know where you are. Apple does not run a cell network. They just make the phone and leave it to AT&T or Verizon to provide network service. Therefore, it's possible this file provides Apple a way to track location data without owning the cell network. The same could also apply to Google's Android, of course.

If the data is inaccurate, that could be because this system is buggy -- maybe it doesn't get the attention and polish that advertised shiny features receive. It could be because it doesn't need to be accurate to serve its purpose. It could be for any number of reasons. The important part is that none of this answers the question of what the actual intention is. None of this answers the question: if it is a benevolent, innocuous feature, why isn't it listed as a selling point? That above all other things is what creates the suspicion, IMO.

Re:Anecdotal

[NicknamesAreStupid]

Not only is this anecdotal, it has been known by EVERYBODY who's anybody for years -- http://www.networkworld.com/news/2011/042111-iphone-tracking-researcher.html -- it is the worst kept secret since the hula hoop. When Network World says it is old news, archeologists take notice.

Re:Anecdotal

[stonemirror]

Why not simply set your iPhone backups to be encrypted...?

Re:Anecdotal

[nexex]

Suspects? No such thing, there are only 'persons of interest' now.

Re:Anecdotal

[safetyinnumbers]

And I was shocked to find similar files on my Garmin GPS!

Joking aside, the Terms of Use for the my.garmin.com site states it will upload information 'including track logs'.

Re:Anecdotal

[BigMick77]

Ummm... So what? How much other personal information is synced to your PC, let alone how much personal information you keep on your PC in any case. It's not an invasion of privacy if your privacy hasn't been invaded. No-one has access to this file unless you fail to lock your phone, or fail to protect your PC. Yes, it's a vulnerability, and I'm sure Apple will patch it - just as every vendor patches their products every month. Flaming on a forum about this is no better than the Apple bigots who stand there and vilify Microsoft for their perceived security flaws.

Re:Anecdotal

[causality]

Why not simply set your iPhone backups to be encrypted...?

A backup is a copy made from an original source of data. You can encrypt them all you like. It still doesn't explain why the original source of data was collected, what its purpose is, and whether there are implications for privacy.

That was far too trivial to answer. Therefore, I am guessing I have misunderstood your point. If not, well, now you know why I didn't mention encrypted backups.

Re:Anecdotal

There's a lot of stuff thats being reported about this that is somewhere between sensationalist and wrong. The "researchers" who published this have been pretty sloppy in what they are claiming. I've helped out police forces with using extracting and trying to use this data, over a number of years so I've a reasonably good idea what is there and what isn't.

The data is not new to iOS 4, it has been there at least back to iOS 2, its just the name of place that it is stored is different.

This existence of this data isn't secret, the use of this data is the subject of a session for Apple Developers at the World Wide Developers Conference each year - usually something like "Using Location Services in iOS" or similar in title.

The location data is not the GPS location of the user, it is the location of cell towers the phone can see. All the location data is time stamped, and stamped with the carrier network ID, and the ID of the individual and there's no way you can be in 3, or 6, or 9 different locations at the same time. Depending on how many cell towers were visible, all this tells you is that the phone was within maybe a few km, but up to 25-50km of the tower. If you then take that data and use it to triangulate the users location, you'd typically get a location that was at best accurate to a bit under 1km, and more likely a few km.

The collecting of the data isn't continuous, it appears to be event based. Anecdotally - the phone waking from sleep and reconnecting to the carrier network appears to be one of the events, as is rebooting the phone, and re-connecting to the carrier's network when you come out of a dead spot. It seems plausible, that it may also be snapshotted every time Location Services is fired up, eg by launching the Maps App and consenting to use of location services. That pattern of even driven acquisition would explain the differences that various people out there on the net report.

Similar data is also being tracked and logged by the carrier, but in their case, its harder to get to as it is sitting on carrier systems on their internal network. That is true for all phones. In this case, the data is pretty easy to get to if you have physical possession of the phone.

Thats good enough to tell that you actually went off to Hawaii with your mistress when you told your wife you were going on a work trip to California, but for most people , most of the time, it will only be pretty vague as to where they where - knowing that you are in Baltimore when thats where you live and work isn't that big a revelation.

If the user of the phone opts out of Location Services, the file isn't updated. This is done from Settings.

Like all files that need to be read/written in the background by the system, its always readable to root - it isn't readable (directly) to Apps , although they benefit from it indirectly by Location Services calls responding faster. If you jailbreak your phone, then Apps can read this data and transmit it for their own purposes.

Files in that data protection class can be recovered off the filesystem over USB tether. Technically it is encrypted, but the encryption is really only of use for a fast remote wipe of the device, and it isn't being encrypted in a class that increases the security of the data.

It does reside in the backup, so thats certainly a good reason to always encrypt your iPhone backups and use a strong passphrase for them.

Apple has also been clear in its earlier deposition response as to how user location data is anonomised when it is collected.

Its entirely possible that the persistence of the file is actually a bug - I can see why it would be useful to cache it for a few days to maybe a month at the high end, but back to the start of the epoch seems excessive. In my view its the persistence of the file thats the biggest issue. That not hard for them to fix.

So its bad, but its not where near as extreme a situation as what some people are saying.

Re:Anecdotal

[Fred+Ferrigno]

Android only keeps recent locations. The iPhone keeps them in perpetuity. One is obviously more effective when it comes to forensic tracking than the other.

Re:Anecdotal

[causality]

No, it's called "apple is innocent focus on android I'm an apple fanboy", to some degree (and not always). The "oh but android!" argument is seriously getting old.

If it's anything like the "oh but [the Democrats | the Republicans] aren't the only ones, because [the Republicans | the Democrats] did this nasty thing too!" then it's not going away anytime soon.

I mod those posts "Redundant" every chance I get, but it doesn't work when I'm the only one.

Re:Anecdotal

[stonemirror]

My point was that if you view the file being backed up to your PC as a "vulnerability", then encrypting it should ease you worries. While we haven't heard from Apple what the reason for the file is, it seems pretty reasonable to me that it's a database of known cell tower and WiFi locations, to be used to rapidly "triangulate" your location, when possible, if you have an application that wants to use iOS' Location Services. This idea would seem to be supported by the existence of a similar location cache on Android.

Re:Anecdotal

[skelterjohn]

They are - I worked as an intern at AT&T research one summer, and one of the other interns there was doing something with exactly this data. Of course, it was behind a few layers of security and could not leave the building, and even after all that the intern got only anonymized data, but it was definitely collected.

Re:Anecdotal

[causality]

/. seems to have turned into a sort-of FOX news of tech discussion - without even a pretense of objectivity

There was a time when Slashdot had a pretense of objectivity?

Here's my opinion:

If by "objectivity" you mean "one of my buddies might get ad revenue if I link his no-name blog on the main page ... so what if higher quality sources for the story are available?" then yes. It's just an unstated pretense. Also, if objectivity were a highly regarded goal, there'd be at least one book review on Slashdot that straight up says "this book is sub-par; here are a few books published by competitors that are much higher quality". Instead, virtually all of them are quite favorable, even though knowing what not to purchase is at least as useful as knowing that something else is recommended.

Re:Anecdotal

[causality]

I saw the blog and I wondered what conclusion the blogger would have had if it was microsoft instead of apple. Personally, I was on the creepy side of the scale and was stunned when she thought it was cool. I am so glad I am not cool.

It's not known for sure that Vladimir Lenin came up with the phrase, but it is attributed to him. The phrase is "useful idiots".

The very fact that someone would feel differently about Microsoft doing it than they would about Apple doing it qualifies them as a moron. To allow the legitimacy of a business practice to be defined by your personal feelings about the corporation is pure emotion that has no place in a discussion about the facts of the matter. I especially expect anyone who wants to be a reporter, blogger, pundit, or commentator to understand this.

Re:Anecdotal

[causality]

My point was that if you view the file being backed up to your PC as a "vulnerability", then encrypting it should ease you worries.

While we haven't heard from Apple what the reason for the file is, it seems pretty reasonable to me that it's a database of known cell tower and WiFi locations, to be used to rapidly "triangulate" your location, when possible, if you have an application that wants to use iOS' Location Services. This idea would seem to be supported by the existence of a similar location cache on Android.

It sounds then like we can agree that backups are not the issue here.

While I think your hypothesis is quite reasonable, it is unfortunate that we are all just speculating. I believe my point stands that if companies don't want people raising questions of trust, they should implement such things openly in a well-documented fashion. All it would take is something you can easily find with a Web search and this whole issue would have been put to rest before it ever got started.

How is it that marketers and PR people are so good at manipulating behavior and perception, yet so terrible at foreseeing preventable controversies like this one? The cost to produce one simple document or a couple of entries in a FAQ is absolutely negligible compared to all the other costs involved in designing a phone and implementing a location service.

Re:Anecdotal

[jonnyj]

No one has access except you because you keep your phone and PC confidential? Maybe... except your partner. Except your partner's hi-tech friends. Except your practical-joking mates. Except your kids. Except your stepkids. Except your fosterkids who plan to file a false report with their social worker. Except your kids' friends when you're down the pub. Except the chap who nicked your phone when you were in the pub. Except your housekeeper, if you have one. Except your employer, if it's a corporate phone. Except the guys at the Genius bar when it breaks. Except the police, when you're stop-and-searched. Except the Al Quaeda cell that have been targeting you as a member of the police / military / government and nicked your phone. Except the unscrupulous private detective hired by a journalist writing a story about your private life if you're a public figure. Except US immigration, and UK immigration, and everywhere else's immigration. Except the guy who put a Trojan on your PC. Relax! What could possibly go wrong?

Re:Anecdotal

[dwywit]

A random blog-pologist isn't going to save this one for you.
 
I parsed that as proctologist. Ah, I see it's redundant. Carry on.

Re:Anecdotal

[robwmc]

I know that Google sure uses this info. How do you think that they can tell you what the condition your street that you travel on is in (as in green red or yellow)? Every smart phone that uses Google maps contributes to this. With their history of accidentally collecting data on wifi networks, who knows what else they are doing with this.

Re:Anecdotal

No, we do know why it collects info and we know it's not a big deal. Stop knee jerking and start thinking.

http://alexlevinson.wordpress.com/2011/04/21/3-major-issues-with-the-latest-iphone-tracking-discovery/

Re:Anecdotal

[The+End+Of+Days]

Apple fanboi's have a weird insecurity and chronic need to feel like they are better

Oh, so totally unlike Apple haters, huh?

These arguments are fun to read, but I have to imagine the participants are amongst the most pathetic human beings around.

Re:Anecdotal

[VolciMaster]

Suspects? I can accept that network operators would provide location data for such people, which is why included the court order part in my comment.

Guess what - if they can provide it for specific dates of interest related to suspects in a case, then they're keeping it. And since they don't know who might be called as a suspect / witness, then they're keeping it on everyone. I was on a jury for a murder trial last year: the suspect, her erstwhile boyfriend, the decedent, and a host of others had their cell phone records pulled and presented as evidence.

Re:Anecdotal

[Jerslan]

No, it's called "apple is innocent focus on android I'm an apple fanboy", to some degree (and not always). The "oh but android!" argument is seriously getting old.

As opposed to the "Apple is doing BAD BAD THINGS!!!! But lets ignore that Android is too because we're Android fanboys" argument?

Re:Anecdotal

[Trelane]

There are some very important differences: http://www.ibtimes.com/articles/137143/20110421/android-phones-track-users-movements.htm

The data is unencrypted. Unlike the situation with iPhones, however, the data remains on the phone, and to access it one needs access to the operating system itself, known as "root access." On the iPhone, the location data was copied from the phone to a PC every time it was synced with iTunes. It was copying the data to the PC that creates a potential security problem.

Another difference is how big the location data files, called caches, are. On the Android phones they are limited in size to 50 unique cell sites and 200 WiFi access points. Apple's version was much larger

Also, according to a 13-page letter sent to Congress by Apple, they also upload your location history to Apple every 12 hours: http://www.wired.com/gadgetlab/2011/04/apple-iphone-tracking/

According to Appleâ(TM)s letter, geodata is being tracked and transmitted to Apple only if a customer toggles the Location Services option in the settings menu to âoeOn.â If itâ(TM)s off, no location-based information will be collected.

If the Location Services setting is flipped on, the iPhone, 3G iPad and, to a more limited extent, the iPod Touch and the Wi-Fi iPad, are transmitting geodata to Apple under different circumstances.

Apple is collecting information about nearby cell towers and Wi-Fi access points whenever you request current location information. Sometimes it will also do this automatically when youâ(TM)re using a location-based service, such as a GPS app.

As for GPS information, Apple is collecting GPS location data only when a customer uses an application requiring GPS capabilities.

Apple claims the collected geodata is stored on the iOS device, then anonymized with a random identification number generated every 24 hours by the iOS device, and finally transmitted over an encrypted Wi-Fi network every 12 hours (or later if thereâ(TM)s no Wi-Fi available) to Apple. That means Apple and its partners canâ(TM)t use this collected geodata to personally identify a user.

At Apple, the data gets stored in a database âoeaccessible only by Apple,â the letter says.

âoeWhen a customer requests current location information, the device encrypts and transmits Cell Tower and Wi-Fi Access Point Information and the deviceâ(TM)s GPS coordinates (if available) over a secure Wi-Fi Internet connection to Apple,â Apple wrote in the letter.

Re:Anecdotal

[Lord+An]

Evidence please. I know that my network provider has data on where I am right now and that they would be capable of doing what you say (given a court order, for example), but that doesn't automatically mean they actually are.

I don't trust Apple any more or less implicitly than my network so I make no comment on whether or not they are in possession of the data my iPhone allegedly collects.

Lookee here: A German newspaper made an interactive map of the location of a politician of the Green party who subpoena'd his cell retained phone location data and made it available. It's a very enlightening demo, IMHO (web-page in German, but self-explanatory: hit the 'Play' button and adjust speed with the slider to the right of it). Not only does it show his location over a very long period of time, but also when and where he made phone calls.

And I'd be really surprised if the US had less data retention than Germany.

Re:Anecdotal

[stonemirror]

"... one of my buddies might get ad revenue if I link his no-name blog on the main page..." Given that there aren't any ads on my blog for me to get revenue from, and I don't have any "buddies" who are moderators on slashdot (that I know of), I'm not sure what this has to do with anything.

Re:Anecdotal

[stonemirror]

For the record, if it were Microsoft, my response would be identical: tempest; teapot.

Re:Anecdotal

[stonemirror]

This is excellent information; I don't know why this comment hasn't been modded up.

Re:Anecdotal

[Crock23A]

...settle for nothing now
then you'll SETTLE FOR NOTHING LATER!!!!

Re:Anecdotal

[Xyrus]

This is like saying the new Verizon FiOS TOS changes aren't a big deal. For those who don't know, Verizon has now given itself permission to change the admin password on your router, and make any changes therein, and give access to law enforcement. Oh don't worry, they'll send you an email about it. If they feel like it.

FUCK. THAT.

Companies have gotten smarter. They take away little pieces at a time. They make changes to the small print. They use hidden files. It's getting to the point where the only software and hardware you can trust is open source. Otherwise you're just asking to be screwed over.

Re:Anecdotal

[dbosso]

It's synced to your PC, which is a vulnerability in itself.

Speak for yourself. I trust my "PC" more than the wireless companies who are storing this kind of data already.

Re:Anecdotal

[causality]

"... one of my buddies might get ad revenue if I link his no-name blog on the main page..."

Given that there aren't any ads on my blog for me to get revenue from, and I don't have any "buddies" who are moderators on slashdot (that I know of), I'm not sure what this has to do with anything.

One reason my post was clearly marked as opinion and definitely not represented as fact .. is that I run ad blockers to where it would look exactly the same to me whether or not you actually ran ads on your blog. I appreciate you clarifying that my opinion doesn't apply to you personally -- that's something I should have explicitly stated and I regret that you had to point this out.

The original post asking whether Slashdot is becoming the "FOX news of tech discussion" was evidently not written by someone who only just now thinks so. That, in turn, raises a bigger question about how stories are done that is not remotely limited to this particular story. In fact this particular story and anything you could say about it would be within the margin of error if one were to do a survey of all Slashdot stories. I don't know if you have been an active participant in Slashdot lately (UID alone doesn't tell me much), but this is a subject that comes up from time to time. That's why I also mentioned the book reviews, which this story is clearly not, because I am referring to a general trend and not to any specific story.

For example, I for one found your blog entry to be rational, decently well-written, and generally a pleasure to read. Yet, no matter how good your blog post is, it would have been better journalism to include in the summary link(s) to other source(s) with different perspective(s). We really have very few facts about this iPhone issue, apart from those we are all just speculating, and speculation is much more interesting and useful when it is diverse. In summary, it would have taken a trivial amount of effort on the part of Slashdot staff to make this a much higher quality story.

Reading back over my previous post, I can see how it probably did look like unfair personal criticism of you and for that I apologize. I appreciate the calm and reasonable manner with which you made me aware of this. Really, I wish more people handled disagreement this way.

Re:Anecdotal

[causality]

For the record, if it were Microsoft, my response would be identical: tempest; teapot.

From what I've seen of your rationality, I wouldn't doubt that for a moment. For others, that's more of an open question.

The poster to whom I was responding was talking about a Forbes author.

Whereas you merely explain why you believe this is nothing to panic about, the Forbes author positively thinks it's wonderful and hopes to see other vendors do the same. It's quite a leap from "this isn't a threat" to "this is quite an asset" when we still don't know exactly what this file is for. Unlike you, that Forbes author is making positive claims about the desirability of this feature and has about as much evidence as I do, i.e. zero. Meanwhile she is severely downplaying the privacy issues surrounding any kind of data collection of this type, reducing the entire subject to a one-liner about her "hope that creepy apps can't tap into it." That of course completely sidesteps the question of what, if anything, Apple does with the data.

She also talked about how the cell networks (i.e. Verizon, AT&T) already have location information from the towers. She completely ignores the fact that Apple doesn't have location information from the cell network, unless of course they are able to access location data stored on the phone as part of their location-based services. She does not even mention that and I doubt she appreciates the difference. One of those would have a legitimate need-to-know while the other would not.

I attribute that to fanboyism. When fanboys act like paid marketers when in fact they are not receiving compensation from the company in question, I refer to that as useful idiocy. For some reason, Apple in particular has a lot of fanboys and apologists who tend to downplay and dismiss instead of recognizing such questions and trying to answer them.

Re:Anecdotal

[Fri13]

Yes it is. As well are every applications in your phone what can access anyway to APN information. Usually advertised apps. They can store any data to files. The whole gps/gsm/nmt are problem

Re:Anecdotal

[Solandri]

It's not at all interesting that it's happening on Android. Anyone who hasn't been living under a rock the last decade knows that Google's entire business model is based on tracking what its users are doing and talking about. That's the Faustian bargain you make when you decide to use google search, gmail, google apps, or android.

Apple OTOH has been marketing itself as anti-Big Brother since the 1984 commercial. Their entire rationale for the iPhone and App Store's walled garden is that they're going to be the benevolent policeman who protects you from the bad people who write viruses and stuff that will make your phone do things that you don't want happening. That makes it a very interesting story when Apple does this stuff.

Re:Anecdotal

[stonemirror]

"Yet, no matter how good your blog post is, it would have been better journalism to include in the summary link(s) to other source(s) with different perspective(s)." You mean, like the Wired and Atlantic articles that I linked to at the end of my posting...?

Re:Anecdotal

[stonemirror]

iOS Location Services are "Opt In". You disable them entirely, if you want, by turning off the switch in the settings. Any app which wishes to use Location Services to determine your location on an iPhone has to get your permission to do so first.

Re:Anecdotal

[Deus.1.01]

Actually no they don't, that is...they do but only to a certain point for billing purposes.

This is why got this draconian data storage directive EU to deal with, ISP and phone companies delete shit after 1 month or so.

Re:Anecdotal

[smart_ass]

My thought is that the train is sufficiently fast that it probably changes towers so quickly that the phone may reject the data. That could easily explain that lack of data.

Re:Anecdotal

[initdeep]

how many apps running on your phone have access to that file?

oh that's right, it isn't kept on your phone if the cell companies have it.

now think about how many apps could be checking against this unencrypted file on your phone for imfromation and sending it to a third party without you even knowing.....

Re:Anecdotal

[stonemirror]

I guess the only reasonable response, if one is this concerned, would be to abandon the use of cell phones and computers entirely, not to mention paper and pens (since your partner, her friends, your mates, your kids, your stepkids, your foster kids, their friends, random criminals, etc., etc., etc., might find something you'd written down).

Re:Anecdotal

[itsthebin]

and I'm sure Apple will patch it

this has been known about for a while and has not been patched yet

Re:Anecdotal

[egranlund]

You sir have nailed it.

Thank you so much for writing this - it makes so much sense now.

Re:Anecdotal

[dreampod]

Meanwhile, all cellphones have been doing this for years, and people rightfully can and should be concerned if they are not aware that their location is potentially trackable at almost any time you have a cellphone on.

Actually with many models of phone they can be remotely enabled (by the phone company with a police warrent) to provide tracking information even while turned off, provided there is still battery charge. This came up recently in a Quebec mob trial because the police used this in the trial which the defendant tried to get the info tossed out because the police had broken his (old model) phone during an 'interview' and he claimed deliberately ensured he got a trackable one when they were obligated to replace it.

Re:Anecdotal

[Opportunist]

The question is, does it hold in court (or against a jealous lover)? Your phone was on the train. How likely/unlikely is it that you were, too? Courts do have a certain leeway when it comes to interpreting facts and unless you give a judge a VERY good reason to think you were not on the train while your phone was, he will assume that you were too. It won't get you convicted, but it is a pretty strong evidence against you.

OTOH, it's no good defense since if you planned to do the crime and knew about the tracking, it could well be part of your plan to leave your phone with a friend for an alibi. There's just no way this could work in your favor.

Re:Anecdotal

[Opportunist]

I know for a fact that my phone company stores my whereabouts for approx. 6 months.

Re:Anecdotal

[FrkyD]

Evidence? Ok. A german green politician wanted to find out the same thing so he got access to the information. Turns out that it provides a pretty accurate guide to your moevements. There is an article and an interactive map available here: http://www.zeit.de/digital/datenschutz/2011-03/data-protection-malte-spitz

Re:Anecdotal

[CharlyFoxtrot]

That's really interesting and a cool demo. Can't say I'm surprised about it though. Banks know how much money you have, your ISP knows what sites you go to and your phone company knows where your cellphone is (approximately) and who and when you call. It's self-evident when you think about it. The work-around is simple: leave it at home or anonymize yourself by using a prepaid card.

Re:Anecdotal

[CharlyFoxtrot]

Anecdotally, my Nexus S contains no such file.

According to the github link, the Android data are flushed every 24-48 hours.

Where did you read that ? Actual quote :

"However, data is only pruned when new info is added. There is no time based pruning unless there is new data being added to the cache."

You must be talking about this :

// Maximum time (in millis) that a record is valid for, before it needs // to be refreshed from the server.
        private static final long MAX_CELL_REFRESH_RECORD_AGE = 12 * 60 * 60 * 1000; // 12 hours
        private static final long MAX_WIFI_REFRESH_RECORD_AGE = 48 * 60 * 60 * 1000; // 48 hours // Cache sizes
        private static final int MAX_CELL_RECORDS = 50;
        private static final int MAX_WIFI_RECORDS = 200;

Which to me means, for cell, record age (12 hours) * records kept (50) = 25 days.

Re:Anecdotal

[CharlyFoxtrot]

It's not the same kind of information at all. The android file (only available if you have root) is a temporary cache. That is totally difference then the Apple file which holds the data about your location since you bought the phone.

Talking about objectivity, where did you hear it holds data since you bought the phone ? The only date I've seen Wired's 10 months. Granted that's longer than the month (for cell) and year (for wifi) the data seems to be retained on Android but, crucially, we don't know the reason for this. There could be a technical reason, or it could be negligence but you choose to jump straight to maliciousness. You are making as many assumptions as the people you criticize, just from the opposite standpoint.

Re:Anecdotal

[CharlyFoxtrot]

Exellent post. There's more on this blog where a forensics expert points out this is old news, with a picture of a book from 2010 that contains all the information on this "secret" and "scary" database file. Guess these "researchers" don't keep up with the literature, heh.

Re:Anecdotal

[CharlyFoxtrot]

The android caches are flushed every 48 hours

Then why does the article say : "There is no time based pruning unless there is new data being added to the cache.", what's your source on that ?

Re:Anecdotal

[Rhaban]

She decides that it is actually a great feature and pushes Google to get to it and see if they can come up with a similar feature

Something like this maybe? https://www.google.com/latitude/

Re:Anecdotal

[BlueStrat]

It's not an invasion of privacy if your privacy hasn't been invaded. No-one has access to this file unless you fail to lock your phone, or fail to protect your PC.

Unless you get stopped by the Michigan State Police with your phone in your possession. This was covered here a short time ago.

http://slashdot.org/story/11/04/19/2231240/Michigan-Police-Could-Search-Cell-Phones-During-Traffic-Stops

The more data your phone collects, the more you risk giving to the State. All I carry is a disposable phone with the battery removed in the glove box for emergencies.

Of course, one *could* open the phone and disconnect pin 2 and pin 3 (the 'Data +' and 'Data -' pins) of the micro-USB connector. They can't slurp what they can't connect to. The phone would charge normally, but unless you install a secret/internal switch to re-enable the pins you won't get any data in or out of that connector.

When their toy fails to steal your data and they question you, just say "You broke my PHONE with that stupid toy!?!? What, are you gonna wreck my car or torch my house with some other new toys there, "Inspector Gadget"? I hope your department's budget can take the hit for a new phone!".

It's still a new device and patrol officers are likely unfamiliar enough with the finer points of the new concepts, equipment, & techniques involved here that they may just suddenly be in a hurry to be done with you and send you on your way in such a scenario.

I wonder when someone will publish a "Surviving The Police State For Dummies" how-to book.

"Interesting times", indeed.

Strat

Re:Anecdotal

[intheshelter]

Jeez you're an idiot. In your zeal to condemn Apple fanbois you show your Android fanboi mentality. Physician heal thyself.

Re:Anecdotal

[mjwx]

Apple responded to this issue back in July of 2010. The major fuck up is that the file is not encrypted.

And the fact it's synced to another device. And the fact that they've already altered the EULA to permit them to share precise location data with third parties. http://consumerist.com/2010/06/privacy-change-apple-knows-your-phone-is-and-is-telling-people.html

Re:Anecdotal

[intheshelter]

Well how about this story, which sort of shows the "researchers" who disclosed this seem to be disingenuous publicity whores rather than defenders of freedom.

https://alexlevinson.wordpress.com/2011/04/21/3-major-issues-with-the-latest-iphone-tracking-discovery/

But hey everybody, don't let reality get in the way of a blind Apple hate. This is Slashdot. Where posters try to look cool by making fun of Apple users who you think are trying to look cool.

Re:Anecdotal

[thefixer(tm)]

no no! this is totally different, Apple did it!

Re:Anecdotal

[Antisyzygy]

No it doesn't. It shows that I am fed up with Apple fanboy assholes. They are the biggest pricks I have ever met. Condescending, rude, asshole dill-bags. Frankly Android sucks right now, my phone crashes all the time. Im probably going to buy a iPhone but not for the stupid reasons early adopter Apple-heads do.

Re:Anecdotal

[Coren22]

This deserves +5 informative. Thank you very much for the information.

Re:Anecdotal

[FrkyD]

I think the problem with a prepaid card might be that they could potentially identify you with the data available. If it's a smartphone it's even more likely. Between your movements, call records and isp logs they can probably get a pretty good idea of who you might be.

Re:Anecdotal

[plover]

One technical correction on your otherwise excellent post:

The location data is not the GPS location of the user, it is the location of cell towers the phone can see. All the location data is time stamped, and stamped with the carrier network ID, and the ID of the individual and there's no way you can be in 3, or 6, or 9 different locations at the same time. Depending on how many cell towers were visible, all this tells you is that the phone was within maybe a few km, but up to 25-50km of the tower. If you then take that data and use it to triangulate the users location, you'd typically get a location that was at best accurate to a bit under 1km, and more likely a few km.

The location is not that of the tower, it's the location of a specific cell that is operated by the tower. And it's not even the location of the antenna, but appears to be the averaged location of the iPhone users who have connected to that particular cell. (Which makes sense, because that's the locations the phones report back to Apple.)

It makes a difference because a single tower covers a large region that has many different cells. The smaller the cell, the finer grained the location information.

Also, the iPhone appears to retrieve several cells worth of data at once. If you turn on your phone in a location it's never been before, it will connect to a specific cell, but the cache will be populated with all the cells located within a certain radius of that cell. The cache doesn't say which of those cells you connected to, but if you plot them they appear in a large circle centered on the point you were at.

Re:Anecdotal

[RockDoctor]

I wonder when someone will publish a "Surviving The Police State For Dummies" how-to book.

I wonder when the author and publisher of the planned "STPS4D" book are going to regain consciousness wearing concrete boots standing neck-deep in the sea at low tide?

"Clearly a double suicide."

Re:Anecdotal

[poetmatt]

Nah, both deserve scrutiny, but to try to pull focus towards one or the other is straight up disgenuous. However, there's a difference here in that Apple doesn't tell you this is going on NOR is there a way to turn it off, while android does tell you with every single app AND you can turn it off if you so choose.

So while android is not innocent, how the two are handling the situation is not the same.

Re:Anecdotal

[poetmatt]

Uh, that's not even accurate. There's a backup battery in every phone. Pulling the full size battery doesn't stop the back up location tracking, however that one is only there for two purposes:

warranted tracking and emergency location finding. It is not "easily trackable by others".

Re:Anecdotal

[Jerslan]

He's not trying to pull the focus away from Apple though. The bulk of TFA is talking about the flaws he's seen in that "tracking" on iPhone. He has a small update blurb that mentions that Android has a similar tracking file. That isn't pulling attention away, just pointing out that Apple is not the only company that is doing this "bad thing". Pulling attention away would be talking about the Apple "flaw" briefly and then spending the rest of TFA talking about how Android is doing something similar and/or "worse."

Most people on /. seem to want to vilify Apple and raise Android to god-hood. Neither one is "the one true Mobile OS." There is no "one true Mobile OS to rule them all" and there never will be; the whole concept is flawed (without competition "the one true Mobile OS" would stagnate with no incentive to innovate, other than innovation's sake... and our society hasn't evolved to a point where that would be probable).

Android, iOS, WP7, WebOS, MeeGo, Symbian, etc... Whichever of these you choose, at least acknowledge that you are choosing it because it provides the user experience *you* want. Just because you like it doesn't mean everyone else has to. Vilifying the competition does nobody any good and only polarizes the general Mobile OS community. I'm tired of "ZOMG!!! [Mobile OS A] has [Some Perceived Major Flaw]!! They must be [Doing Something Evil]!!! [Mobile OS B] would never do that! Everyone should be using [Mobile OS B] because that's what I use!!!"-type arguments on /. (yes, I am aware that this is /. and being tired of these types of arguments is like being tired of seeing trees in a forest)...

Full Disclosure: I own an iPhone, work with both iOS and Android devices. I see neither as inherently superior to the other (both have their pros and cons and come out about equal in an objective analysis). I chose an iPhone for my personal phone because I liked the UI feel, and using iTunes to manage the media on it is more convenient for me than manually copying files.

Re:Anecdotal

[Jerslan]

You should also look into Location Services settings on an iPhone sometime... You can turn it off, and it *does* ask every time you launch a new app that want's access to it. These settings have always been there, in a recent update they just made them easier for people to find and change (4.2 or 4.3, can't remember which).

Re:Anecdotal

[The+End+Of+Days]

I didn't take a stand, so that's not really participation in the argument.

Don't worry, though, redefining words to mean what you want is a very Slashdot way of doing things.

Re:Anecdotal

[Kvasio]

It's not enough to say "Well, you agreed to the TOS" when you know full well nobody reads it.

also, the very same model of iphone is sold in EU, where such TOS are as valid as any print on toilet paper.

Re:Anecdotal

[causality]

"Yet, no matter how good your blog post is, it would have been better journalism to include in the summary link(s) to other source(s) with different perspective(s)."

You mean, like the Wired and Atlantic articles that I linked to at the end of my posting...?

You understand the distinction between your link and the Slashdot staffs' links, yes?

The moment they rely upon third parties such as yourself to do their journalism for them, is the moment they admit they have abandoned journalistic integrity. Therefore, whether you provided such links and whether the links you provided are immaculate or not is completely irrelevant to my commentary about Slashdot's journalistic quality.

Put another way, you may have shown them up. That still doesn't improve their standards, now does it?

I've enjoyed the discourse we have shared, but at some point I have to wonder if you just want to argue for the sake of contention.

Re:Anecdotal

[Pi1grim]

You're absurd. Read up on GSM standard and amounts of power needed to receive a signal, even more so, determine phone's location and send it back. Then open up a phone and take a good look at it. If you find a back-up battery big enough to provide power for that — let us know. Once the phone is off (and by "off" I mean OFF, not just screen turned off, then it is not operating. The only thing working is a clock chip. Pull the battery — nothing but the clock will be capable of operating.
Police will gladly bug a phone, but that's entirely different topic for discussion.

Re:Anecdotal

[Kattspya]

Useful idiots is an old KGB or general soviet/russian intelligence expression.

I came across the term in spy novels over ten years ago.

Re:Anecdotal

[causality]

Vladimir Lenin predates the KGB.

Re:Anecdotal

[Kattspya]

Indeed he does....

I somehow substituted Lenin with Putin in my mind. My bad.

Re:Anecdotal

[Jane+Q.+Public]

The problem is simply that the marketers and PR people can't fix it before hand because they don't know about it. Typically they're not in the development loop at all. Which is a shortcoming of many modern businesses.

Re:Anecdotal

[oliverthered]

Isn't that the definition of a fanboy? a fan with an immature insecurity complex.

The Point

[tripleevenfall]

The point is not what it's currently doing, the point is (a) what COULD be done (by Apple, a malevolent third party, whomever) simply because this information exists when it should not and (b) whether this level of personal tracking information should be stored in the first place without it being clear to the user.

Re:The Point

[david_thornley]

The other point is figuring out how different this is from the tracking on any cell phone. The carriers can find any cell phone with a connection by checking what the cell towers are finding, and have been cooperative with the police. Unless this location list is highly accurate (and it doesn't seem to be), it's less dangerous than the cell tower records.

Re:The Point

[ubernostrum]

because this information exists when it should not

So far as I can tell, this data is basically just a cache of the stuff the Assisted GPS would otherwise have to go fetch via slower means. That's a tradeoff I'd happily make as a developer (since, really, how often is the location of a cell tower going to change, that you'd need to manually figure it out every time?), and that I have no problem with as an end user.

Re:The Point

[NameIsDavid]

That's not the point at all. The existence of the log file has zero bearing on what Apple or a third party could do. After all, if the file didn't exist but Apple later chose to track users, they'd simply institute the logging at that time. The file only establishes that it's possible for a phone that knows the approximate location of towers to which it is connected (which we already know) is capable of writing this info into a log file (which we also already know).

Re:The Point

[mjwx]

because this information exists when it should not

So far as I can tell, this data is basically just a cache of the stuff the Assisted GPS would otherwise have to go fetch via slower means.

It's a cache that doesn't overwrite itself or roll every x days.

Wait, didn't we used to call that a database.

Re:The Point

[mjwx]

It's a cache that doesn't overwrite itself or roll every x days.

Meh. You want to nitpick semantics, go ahead. But like I said: how often is the location of a cell tower going to change? You really think that X days from now the tower might have been moved somewhere else, so that you'd better flush your old data and figure out the location again?

I sure as hell hope you aren't a developer.

If you are let me know who you work for, I never want to be one of your clients.

The point of a cache is to make future searches faster, this means holding the last few records, perhaps even 100 or the number of records for x minutes/hours/days depending on the size, relevance or how the data changes. The information Apple was collecting was lasting for months. Months, I've passed through at least 30 towers today, connected to 4 WiFi networks, multiply that by months. A cache should have rolled an a week, maybe two.

Delude yourself if you want, but I'll have not part in it. This is no mere cache, the sheer size of it defeats that purpose. A cache must be small to be effective.

Whether you like it or not, it is a database.

The question is, why would Apple be keeping a database on an Iphone users movements?

Well of course

[geekoid]

it's doesn't track every single move you make, but it's enough to know what you do, find patterns, and infer a lot of incorrect assumption.

Re:Well of course

[bennomatic]

Based on this post, I'm inferring incorrect assumptions about you right..this...moment!

Re:Well of course

[ColdWetDog]

My credit card data has much better info on where I've been. While any random Russian hacker probably can't get at it, I'm sure it's available for a reasonable price the the appropriate persons.

Bullshit

[vadim_t]

All the post shows is that the tracking still happens, it just isn't very accurate.

The data seems good enough to tell where you've been, just maybe not good enough to track your exact whereabouts by the minute. So maybe it takes note of the position at the times the GPS chip already happens to be active, and not constantly at regular intervals like a proper tracker would.

Still that seems to do nothing to disprove that the phone's location is being logged often enough to figure out where you've been, and to me it still amounts to a huge violation of privacy.

He mentions Android doing the same. That's no excuse, if Android does that it also should stop doing it.

Re:Bullshit

[straponego]

Yup. And I bet the accuracy of the location services varies based on the type of network used, tower locations, possibly GPS usage, etc. There's no reason to suppose Amsterdam is the same as Chicago.

Re:Bullshit

[mini+me]

GPS chip

I don't think it records anything form the GPS. The points recorded on my device line up exactly with cell tower locations; none of which I have stepped foot under –and some located in places I have never been.

Why it is recording tower locations is another matter. The most logical reason is background location services. Firing up the radio or GPS to get your location is taxing on the battery. Looking at a file with your current location is not.

Re:Bullshit

[tholomyes]

If by "good enough to show where you've been" means "I was somewhere in the Central Valley or possibly the Bay Area on Christmas Day (even though I didn't go anywhere)" (to use his second example) then, sure.

Re:Bullshit

[vadim_t]

Good precision isn't necessarily needed.

For instance if you know where I work, where my friends live, and where I attend meetings of the group I'm a member of, then knowing that my location was somewhere inside the block that contains one of those will give you a very accurate guess of what I was up to.

Re:Bullshit

[alienzed]

Do you browse the internet in private mode 24/7? If not your computer is tracking your every move! *gasp*

Re:Bullshit

[CannonballHead]

How about knowing that your location was somewhere within a range of 800 miles? ;)

Re:Bullshit

[tftp]

How about knowing that your location was somewhere within a range of 800 miles? ;)

It would be damn inconvenient if the police asks you if you were in New York City on a certain day but you claim that you were in San Diego.

Re:Bullshit

[vadim_t]

Not 24/7, but I certainly use it often

It's based on tower+wifi coordinates, not GPS

[tlhIngan]

Still waiting for an Apple statement on why (is it a bug in the opt-in? why?), but there are some things that just a bit of rational thinking would do about this...

First - it can't use GPS - otherwise your battery will be dead in a few hours. So its location mechanism must be non-GPS based. Common reports are that it's based on the towers your phone attaches to.

Second - it's probably not recording all the time. Again, your battery will be dead way too quickly because powering up the main CPU to record the data down into the filesystem database takes a lot of power. It's probably recording the times you actually are using the phone - playing music, watching movies, surfing, using an app, etc. Locked and quiescent, it's probably not recording anything.

This would explain the widly different results people are seeing. Some people get tons of missing tracks because their phone's in standby state, and any towers you pass by are lost.

Others see their every move because their phones are playing MP3s and other things, where the main CPU is alive and can do these things.

Still doesn't make it right, though. But some food for thought on why people seem to have wildly different results.

Re:It's based on tower+wifi coordinates, not GPS

[stonemirror]

The best potential explanation I've come up with is that the phone is caching the location of cell phone towers and WiFi networks you pass by or through, along with their recorded locations, in order to avoid having to use the expensive GPS hardware any more, or longer, than necessary.

Re:It's based on tower+wifi coordinates, not GPS

[tlhIngan]

More on this...

Anything that wakes up the phone (phone call, incoming SMS, alarm, etc) probably also causes the data to be dumped to the database. Which can explain odd flashes of location information here and there.

Re:It's based on tower+wifi coordinates, not GPS

[ColdWetDog]

While I like your idea, I'm not sure it holds water. My logs completely miss several out of state trips where I used the phone extensively. Especially when I was in LA, I used Google Maps for multiple hours a day for several days. Not a peep on the output. Analyze that!

Re:It's based on tower+wifi coordinates, not GPS

[metrometro]

"See, it only breaks when you use it" is not very reassuring.

Re:It's based on tower+wifi coordinates, not GPS

[NameIsDavid]

But this is all that it's doing. Any new connection to a tower triggers recording the latest best-guess location of that tower ... not the triangulated location of the user based on the tower or GPS. And, older info on any tower is overwritten by new coordinates and a new timestamp of a newer encounter. So, it's not a linear, complete history. The fact that towers appear only once in the file is apparent without having to quote a publication that I'm assuming you're referencing because they are regarded as pro Apple.

Re:It's based on tower+wifi coordinates, not GPS

[warGod3]

Doesn't matter - TFA states that you can deactivate it... we must all believe the general counsel for Apple as they would never the lead the public wrong...

Blinders

[Princeofcups]

Doesn't matter. Everyone who wants to believe it already does, and no amount of proof is going to change their minds. Fox News runs retractions all the time, and still a quarter of the country believes that Obama was not born in America. The cult of Apple Haters are the ones with the reality distortion fields.

Re:Blinders

[manekineko2]

The case is not already closed, and you're already calling that the other side (the so-called "Apple Haters") won't buy it because their minds are set. Whose mind is that will not change no matter the proof?

Re:Blinders

[moonbender]

Confirmation bias.

Re:Blinders

[Antisyzygy]

Thats a funny thing to say. I haven't meant a group of people with more delusions than Apple fanboi's. They still think their Mac's are superior in every way regardless of what evidence you throw in front of them. They also routinely act like assholes when anyone criticizes Apple's business practices or products at all. They also tend to be major Apple apologists no matter what underhanded crap Apple pulls or no matter how often Apple proves its just like every other big business tech. corp. To an Apple fanboi, everyone that isn't an Apple fanboi is an "Apple Hater", even if they like PC's and own some Apple products.

Re:Blinders

[david_thornley]

Odd. I haven't met a group of people with more delusions than Apple haters. They tend to make big deals out of, say, private location lists on iPhones that are less accurate than the information the carriers already have and are willing to share freely with police. They also claim that Macs are inferior on the basis of their personal criteria, which is fine grounds for a personal preference but not for a categorical statement.

Re:Blinders

[sessamoid]

I find that the only people who use the term "fanbois" are those that fall into that category. Similar to flagrant homophobes being in the closet...

Re:Blinders

[Raffaello]

No blinders, a form that *recently* came out of a computer and was stamped proves nothing.

What proves birth is determined by the laws of that state. By Hawaii law, the state checks the original which is kept on file, and then issues the certified copy, which is what Obama published. I have a birth certificates for my children. They are not the original, but are certified records with the seal of the state attorney general. Guess what - the US State Department had no problem accepting them for purposes of obtaining a passport.

 

Is he a Kenyan usurper of the U.S. presidency?

No, he was born in Hawaii. Even Michele Bachmann says so. This makes you officially more wacky than Michele Bachmann, and that's saying a lot.

Re:Blinders

[ubernostrum]

2/10, you forgot to get the Bilderberg Group and the reptilioids involved. Try harder next time.

Re:Blinders

[Antisyzygy]

There are other types of fanboi's so I am not sure what your point is. Its spin-off of "Ladyboi" and "fan boy", somehow equating a person that is overly obsessed with any particular thing to being transgendered or gay or something.

Re:Blinders

[ColdWetDog]

I think you need a nice drink. Have some Koolaid (Apple flavored!)

Re:Blinders

[UnknowingFool]

No blinders, a form that *recently* came out of a computer and was stamped proves nothing.

As opposed to what? You know when I ask for a copy of my birth certificate, that's exactly what my state does. They don't send someone to the archives to photocopy my records. According to you, I can't prove my birth. My state disagrees with you.

A very small handful of people who claim such a form is sufficient proves nothing.

That small handful of people includes the state of Hawaii and every state in the USA as well as the federal government. You can used the COLB to get a passport.

A newspaper announcement that could have been phone in from anywhere proves nothing.

First of all the announcement was not the paid kind that people buy like "Mr and Mrs Smith proudly announce the birth of . . ." . It was the kind of vital statistics that hospitals provide: "Aug 9. John Smith, boy, 2:38am. Father James Smith. Mother Julie Smith." Second, someone would have had a great deal of foresight to convince someone at the hospital to fake a birth announcement so that 40 years later he could become president.

A governor who claims he remembers the birth of his golfing buddy proves nothing.

As opposed to your lack of personal experience with the birth of the president.

Where is the long form birth certificate? I have mine, and I was born not a year later. why does not Barack have his?

Good for you. Now do you want to post your medical records online for everyone to see? What you do you mean don't want to release your private medical information? If only there was a short form where it excludes all your medical information. They could even give it a name like COLB. I wonder why Hawaii doesn't offer that.

Re:Blinders

[MartinSchou]

Is he a Kenyan usurper of the U.S. presidency?

No, he was born in Hawaii.

What I don't understand about this whole 'birther' issue, is why no one has pointed a finger at the DHS, FBI, CIA, NSA and Secret Service for fucking up at an insane level?

If the man is illegitimate, why did NONE of these agencies manage to find out BEFORE the election? They do massive background checks on all people involved, but are apparently so insanely incompetent, that they failed to notice the fake birth certificate that says "i r bron heer on haway".

Billion dollar agencies that the US puts all of their trust in. And they all missed that fake birth certificate.

If this is really the case, then that leads me to one of two conclusions:
1) They did find out but it was made super duper ultra insane top secret by the Bush White House
2) 8 years of the Bush White House managed to make the aforementioned birthers so insanely stupid, that they'd believe the moon was a Nazi Communist plot to take over the world

Re:Blinders

[rubycodez]

Second, someone would have had a great deal of foresight to convince someone at the hospital to fake a birth announcement so that 40 years later he could become president.

No, only a recent fake birth record would need be created; that's the whole point, the record shown publicly is computer generated and recent.

My birth certificate contains no medical information other than race, weight, etc.

Re:Blinders

[rubycodez]

That's fine, if Obama wants to be governor of Hawaii.

Re:Blinders

[rubycodez]

Those agencies all have a boss, for all but one the same boss. I'll counter your "stupid" argument that Obama is in every way even more stupid and even more a bitch of the mega-corporate elite than Bush. I wouldn't have believed it possible but there it is, Obama is worse than Bush on every issue of interest to a "progressive socialist" or "enlightened liberal". Just incredible.

Re:Blinders

[MartinSchou]

Those agencies all have a boss, for all but one the same boss

And that boss would be the sitting US president, would it not?

So, before this "Kenyan usurper" cheated his way into power, these agencies dropped the ball. If the buck stops at the boss, then the "Kenyan usurper" got illegally into office, because the Republic President of the United States of America screwed up.

An alternative theory, which I realize is simply a very, very weak claim, is that they didn't screw up, and that Obama is in fact an actual citizen of the US of A.

Re:Blinders

[UnknowingFool]

No, only a recent fake birth record would need be created; that's the whole point, the record shown publicly is computer generated and recent.

Huh? Your complaint was that the birth announcement from 40 years ago proves nothing. My point was someone would have had great foresight 40 years ago to fake a birth announcement especially for the kind of announcement that it was.

The rest of your statement makes no sense. When I ask for a copy of my birth certificate, my state does exactly what Hawaii does. A clerk looks up my information, prints out a computer copy, puts the state seal on it, puts a stamped signature, and sends it to me. According to your definition, I cannot possibly prove I was born where I was born. In fact most everyone can't because you wan't accept a certificate from a state as good enough.

If you don't think the COLB is good enough, ask for one and use it to apply for a passport. If the Federal Government accepts it, then you're wrong.

Re:Blinders

[rubycodez]

Regardless of current argument, the Republicans did want Obama for interesting reasons, which is why they had the freaky McCain/Palin ticket.

This...

[ckblackm]

sounds like a good reason to stick with my stupid phone.

Anyone tried the Android version?

[tlhIngan]

Interestingly, TFA contains a link to an Android version of this as well. Anyone try it? Does it contain similar information?

Re:Anyone tried the Android version?

[treeves]

Well, since I haven't rooted my phone (and don't want to), apparently I can't try it.

The app's website says
"The files are named cache.cell & cache.wifi and is located in /data/data/com.google.android.location/files on the Android device.
You will need root access to the device to read this directory."

Re:Anyone tried the Android version?

[subspacemsg]

Yes i just dumped out the data from my Android Phone, it's got 3 days worth of location information. It does not have GPS based location, seems like a temp cache for Apps to get location based on Cell tower/Wifi data. The Iphone data described seems far more extensive.....

Re:Anyone tried the Android version?

[Antisyzygy]

Thats a big difference since Apple stores about a months worth of locations.

Re:Anyone tried the Android version?

[bennomatic]

No, it's actually more. I just ran the analyzer and it shows my trip to the SF Bay Area in January. I'm sure, like many other are saying, that it's just a cell-tower-location-caching system. But it'd be nice if stuff like this were auto-purged after a few days.

Re:Anyone tried the Android version?

[Antisyzygy]

Damn.

Re:Anyone tried the Android version?

[sdguero]

And the only way to transfer music or videos with an iphone is to sync via itunes. Which then dumps that location data to the computer that might be infected with a virus.

I had an iphone for 2 years, hated itunes the whole time. Switched last summer to a droid. Waaaay happier now.

Re:Anyone tried the Android version?

[CharlyFoxtrot]

No, it's actually more. I just ran the analyzer and it shows my trip to the SF Bay Area in January. I'm sure, like many other are saying, that it's just a cell-tower-location-caching system. But it'd be nice if stuff like this were auto-purged after a few days.

There's already an App for that in Cydia

Perspective

[bennomatic]

It's interesting that on /. when the Fukushima reactor issue began, there appeared to be two camps forming: one that said, "maybe we should be concerned about this,' and another that said, "fucking libtards are going to use this as an excuse to push for tougher limitations on the expansion of nuclear power in other countries!"

With this issue, the two camps appear to be coming down to, "this may not be a huge issue; hopefully Apple will begin truncating this file with an upcoming update" and "fucking Apple fanbois will take anything that His Steveness rams up their rear! This is an outrage!"

It'd be interesting to track the outrage quotient on various issues and see where various /. users land on that chart. I wonder how many people who are vigorously defending nuclear power are busting a blood vessel over this iPhone thing.

Re:Perspective

[Antisyzygy]

Well, to be fair, plenty of people did push for tighter regulations on nuclear power after that event. Im pretty liberal, but I also think nuclear power is essential. Solar is find and dandy, as is wind, but you can't rely totally on these methods when an asteroid hits the Earth or our weather patterns change. Furthermore, I hate Apple fanboi's. They are the biggest pricks of all time. I have nothing against Apple products, even want a couple myself when I can afford it, but their little following of teet-sucklers really bother me. If you criticize Android or Google you end up with one or two well thought out responses. If you criticize anything Apple you get about twenty, and half of them are trolls. Simply put, I have never seen a company have such a devoted following as Apple, and I fail to see why when there are other products that exist that can do the same thing or do some aspect better. Furthermore, I fail to see why Apple fanboi's are such dicks about it too, and have to go out of their way to tell you what you own sucks in comparison to what they own.

Re:Perspective

You're right! Slashdot has never been so outraged over privacy issues before! It must be the right wingers! /sarcasm

Re:Perspective

[Urkki]

With this issue, the two camps appear to be coming down to, "this may not be a huge issue; hopefully Apple will begin truncating this file with an upcoming update" and "fucking Apple fanbois will take anything that His Steveness rams up their rear! This is an outrage!"

To me it seems more like "this may not be a huge issue; hopefully Apple will begin truncating this file with an upcoming update, even if fucking Apple fanbois sure will take anything that His Steveness rams up their rear!"

I was about to make a fortune, too ... :(

[ackthpt]

Selling 5 lb steel sleeves people could carry their iPhones around in, which would guarantee their privacy. :)

Would aluminum foil work, too? I could go for that sleek brushed aluminum look :)

Re:Is there ANY good reason to record GPS?

[Desler]

Can you think of ANY reason beneficial to the consumer of an Android device for it to record the exact same information? Oh right, it's only bad if it's happening on the iPhone. If an Android device does it we must spin and defend Google at all costs!

Re:not apple, but google "being evil"

[Antisyzygy]

Given that the author of the article is a fanboi I wouldn't take anything he says very seriously. Apple stores a month or more location data on the phone, Google stores about a week. This behavior is coming from a company that always claims to be the "most secure" and "consumer privacy friendly".

And you will know us by our trail of checkin's

[otherniceman]

So, how many of those people that are up in arms use FourSquare, Gowalla, Facebook checkins, Path, Twitter etc?

With my forensics hat on it is an interesting set of data.

What is it for?

[fermion]

The hysterics might go away a bit if Apple would tell us what it is for, and why it is plaintext. My concern is that if the data is being collected just because it can be, like when google stole everyones email using their cameras car, that is a pretty silly thing to do. If it is just a collection of access points, the tell us. My fear is that Apple is not telling because it is a basis for some sort of scary experimental feature that they want to keep secret for the time being.

Re:What is it for?

[SuricouRaven]

Google's mistake was understandable. They only really needed GPS locations and BSSIDs from every access point they could find - using the vast number of home access points, combined with their database, to create a low-power location-determining system. But rather than just record the BSSIDs, they configured their equipment to record everything, planning to just sort through the clutter at a later point. It's hard to see what google would gain from fragments of people's network traffic, untargetted and brief. If they wanted to snoop, well... they are google. They wouldn't need to go mobile to do it. They already have access to huge amounts of email.

Re:What is it for?

[ColdWetDog]

My fear is that Apple is not telling because it is a basis for some sort of scary experimental feature that they want to keep secret for the time being.

Your ideas intrigue me and I would like to subscribe to your newsletter. --

I'm not panicing

[northernfrights]

I'm pissed off. I don't care if it only records 1 coordinate per day. I should have every right not to have my location recorded in an unencrypted file without my knowledge, period.

Re:I'm not panicing

[david_thornley]

Then don't carry your phone. You do know, don't you, that the cell providers can and do track you by what towers your phone connects to? Ever since they became popular, the basic rule for not leaving clear evidence of being somewhere is to leave your cell phone (whatever sort) at home.

Re:I'm not panicing

[camperdave]

So they can track you all they want, as long as the file they use is encrypted? I think you're in the wrong battle.

Re:I'm not panicing

[northernfrights]

And do the carriers log this information unencrypted on my computer where any bit of malicious code can access it?

Re:I'm not panicing

[sdguero]

Take all the pissed off energy and put it into buying an Android device. :)

It is doing it....

[nfc_Death]

This article states exactly what we assumed was happening. Storing location data. Although intended as a 'defense' you've simply confirmed that the phone is doing what apple intended it to do. Store location data, obfuscated away from the user, and then persistently migrate that data.

Re:It is doing it....

[stonemirror]

There's no evidence that the data is being "migrated" off the phone, "persistently" or otherwise.

Possible use

[audunr]

With the data retention directive in the EU, the government is already tracking your phone's location. Maybe you should do the same if you at some point need to prove the government wrong?

On are more serious note, could this file be a fallback for apps that use location based services in iOS? Say an app uses the API to find the current position. iOS tries to fetch the current position using GPS or cell tower position, and if that somehow fails or takes time, it checks this file as a last resort. The file contains historical information as I understand it, so obviously it contains more info than it should.

Re:Possible use

[marcello_dl]

> Maybe you should do the same if you at some point need to prove the government wrong?

A file that can be tampered with is no proof. I hope.

Re:Is there ANY good reason to record GPS?

[briansct]

Right, for the simple fact that google must not be evil right?
Come On! I dropped Chrome shortly after noticing the only adware and spyware on my computer was coming in via chrome. coincidence? I think not.
Apple and Google are large corps. End of story. They will gather and sell the hell out of every bit of data they can get about their users, like every good company marketing dept does.

Wrong? Maybe. . . retreats into hole and puts on foil hat.

Re:Is there ANY good reason to record GPS?

[SuricouRaven]

In an interview on Radio 4 this morning, they had an expert (I forget who) comment on this news. He suggested that the data could be used against people in divorce proceedings. Snoop the phone, or subpoena it if you can't sneak access. Maybe you'll uncover a hidden affair, or a trip to the casinos, or that the vital business trip on that day the mother-in-law was supposed to visit seemed to involve going fishing. Something, anything, that can be used against the phone's owner.

Re:People are a bunch of crybabies

[tripleevenfall]

And how do you know that your dumbphone doesn't cache any location data in a retrievable format?

Re:not apple, but google "being evil"

[MozeeToby]

The android version is limited to 50 and 200 entries for the cell and wifi tables respectively. Still not cool, obviously, but at least there is a sane limit on how much data is kept. Compare this to the iPhone caches that have been shown to contain thousands of entries over a many month time frame. You can argue that it's only a matter of degree, but there are valid use cases for caching location data, it's all a question of how much data is collected and how long it remains.

Not remotely the same thing

[jdev]

The info on Android phones is totally different from iPhones. The infamous iPhone log file records your complete geo-location history since you started using your phone. The Android log file just records your recent coordinates and it overwrites itself regularly.

So even if you get root access on an Android phone, you only end up getting your current location. Most people allow apps to have that permission anyways.

The info on the iPhone is a huge privacy concern. The Android file is a non-issue.

Re:Not remotely the same thing

[NatasRevol]

They're not 'totally different'. They're the same thing. One file has a longer timeframe.

Re:Not remotely the same thing

[ColdWetDog]

The infamous iPhone log file records your complete geo-location history since you started using your phone.

Unless the iPhoneTracker app is doing it wrong, that's not entirely true. My logs seems to be a fairly random and very incomplete picture of where the phone has been. Haven't had time to look at the actual log data, but this scenario seems to be pretty common.

Re:Not remotely the same thing

[jdev]

They're not 'totally different'. They're the same thing. One file has a longer timeframe.

The longer timeframe is the issue. iOS keeps a log of your rough location for as long as you have owned the phone. Android has a small recent snapshot. I would call that totally different.

Re:Not remotely the same thing

[NatasRevol]

A longer time frame does not make them 'totally different'. It's the exact same data being captured & written to a file - location, strength & ID of nearest cell tower. One is being held indefinitely, one is being held for a few days.

If Apple puts a db purge for data >10 days old, like they should have, it's EXACTLY the same.

However, if Apple purposely dos this so that it always remembers which tower is the best & nearest, then that has some validity too. An option to set a regular purge, or opt out would be better, but that's not available on any platform right now.

Re:Not remotely the same thing

[jdev]

If Apple puts a db purge for data >10 days old, like they should have, it's EXACTLY the same.

Totally agreed, but Apple isn't doing that. The main reason this is an issue is Apple messed up and set up a file that never purges itself. So on everyone's iPhone is a file that has their rough gps coordinates for as long as they owned the file. This is mostly just an issue then for someone that has physical access to the phone and wants to see where the owner has been. I suppose law enforcement could use it as well, but they could probably just subpoena the cell phone companies and get the data anyways.

So like I said, the timeframe is the only important thing with this story. As soon as Apple corrects this and has the file only contain recent data, then it becomes a non-issue. Then we can go back to worrying about how apps or cell phone companies are tracking you.

Re:Not remotely the same thing

[intheshelter]

You're so full of shit you don't know your head from your ass. What an Android fanboi piece of drivel. In your hatred of Apple you've certainly swallowed the Fandroid Koolaid and found a way to make Android snow white and pure, and Apple an evil empire. What difference does the amount of tracking matter? Tracking is tracking. Apple does it, Android does it. Apple has fully disclosed this in the past (July 2010). These "reasearchers" have made some misleading and spurious claims, some of them flat out wrong. To get a bit more informed and not sound like such a Android whore you might want to read a more enlightening article about it which reveals a bit of the sensationalist claims by the two so called "researchers" who appear to be more intent on free publicity than the truth.

https://alexlevinson.wordpress.com/2011/04/21/3-major-issues-with-the-latest-iphone-tracking-discovery/

Re:People are a bunch of crybabies

[geekoid]

No. Apparently the West has some people who don't know what the work hysterical means. Seriously, no sane people could call any of those article hysterical, hell you would be hard pressed to call them sensational.

Don't Panic day?

[slapout]

A "Don't Panic" story? On a Thursday? I don't think I'll ever get the hang of these.

That is why Steve told ya

[ideaz]

Never Jailbreak you fooool!

The guy is a former Apple employee

[Llamakiller-4]

His defense of the data tracking should be taken with a grain of salt, he plainly states that he was an employee of Apple at one time.
His Faq
http://caffeine.shugendo.org/about//.

  If you arent made aware of it, and able to turn it off - then it's intrusive.

Re:The guy is a former Apple employee

[jo_ham]

Someone already "called him out" on this, and the guy responded. He last worked for Apple in 2001. His reply is here:

http://apple.slashdot.org/comments.pl?sid=2094940&cid=35904014

So, hardly the ideal "shill". I guess it's fine to continue the FUD though!

And you can turn it off - just turn off Location Services. It's under Settings > General.

PANIC

[mveloso]

OMG THE INTERTUBES ARE FINDING ME OUT!

Oh wait, it's a GSM phone. The network already knows where you are.

Maybe it's tracking roam points?

Re:PANIC

[vadim_t]

The network is one thing, anybody who gets their hands on my phone being able to see what I'm up to is another.

My phone contains a lot of personal info and I'm rather uncomfortable with the idea of it containing a collection of interesting things about me that I didn't explicitly put there.

IMO this should be taken more seriously, and phones should take special care not to store more personal information than the owner intentionally does.

He's no random blog-pologist

[spun]

He is David "Lefty" Schlesinger, a fellow who worked for Apple for ten years.

Re:He's no random blog-pologist

[stonemirror]

Yes, it says that pretty clearly, right there on the blog.

Anyone know how to turn this ON?

[swillden]

I'd really like to have a low-battery-impact location stream for my phone, but my iPhone 4 apparently has this logging feature turned off, because the CELL_LOCATION table on my device is empty.

Anyone know how to turn it on?

Re:Not new anyway

[Overzeetop]

Based on that, it sounds like Apple is simply lazy and doesn't bother to flush the log, or flush entries more than (x) days/hours old. I'm not too surprised that they keep a lot of data. The handoff from wifi to cell and back again seems to operate far more efficiently than my (very old) WinMo phone, and makes for a much better user experience, though with the potential privacy ramifications.

Don't Panic ??

[aynoknman]

It's "Mostly Harmless".

So it's not Literal but Figurative

[Duncan+J+Murray]

TFA seems only to prove that Apple is not 'tracking your every move' in the literal sense, they are just 'tracking your every move within the accuracy a phone on standby is able to, aggregated to a weekly basis'. Oh, well that's ok, if it's that inaccurate, surely my privacy isn't threatened! The writer is an apologist for Apple - after all, why end it with 'well if that argument didn't convince, someone else is doing it too! If everyone's doing it, it must be right!' (majorly paraphased).

People are also concluding that this data isn't 'phoned home'. But I don't believe they have the sourcecode for the software on their iphone, and if they did, that they have looked through it.

And as for the parent - your 'cell'phone provider needs to know where you are in order to supply your 'cell'. Not saying that justifies them keeping a record of it, but on the other hand, your bank has a record of all the transactions you have made involving your bank account. I'm not sure what justification a cellphone maker has to record your whereabouts.

Re:So it's not Literal but Figurative

[CharlyFoxtrot]

TFA seems only to prove that Apple is not 'tracking your every move' in the literal sense, they are just 'tracking your every move within the accuracy a phone on standby is able to, aggregated to a weekly basis'. Oh, well that's ok, if it's that inaccurate, surely my privacy isn't threatened! The writer is an apologist for Apple - after all, why end it with 'well if that argument didn't convince, someone else is doing it too! If everyone's doing it, it must be right!' (majorly paraphased).

People are also concluding that this data isn't 'phoned home'. But I don't believe they have the sourcecode for the software on their iphone, and if they did, that they have looked through it.

And as for the parent - your 'cell'phone provider needs to know where you are in order to supply your 'cell'. Not saying that justifies them keeping a record of it, but on the other hand, your bank has a record of all the transactions you have made involving your bank account. I'm not sure what justification a cellphone maker has to record your whereabouts.

Well we have (old versions) of Android's sourcecode and guess what, they have a location cache too.

"This is a quick dumper I threw together to parse the files from the Android location provider.
The files are named cache.cell & cache.wifi and is located in /data/data/com.google.android.location/files on the Android device.
You will need root access to the device to read this directory."

Can't say I'm surprised. Apple seems to retain the data longer than Android does but they might be doing some analysis on it to improve connection or it could just be a lazy programmer at Apple somewhere.

If you want to know if it's phoning home the data, sniff the connection. A lot of paranoiacs do this all the time and from time to time they come up with interesting tidbits apps send home, nothing about location data though.

Re:So it's not Literal but Figurative

[Audguy]

TFA seems only to prove that Apple is not 'tracking your every move' in the literal sense, they are just 'tracking your every move within the accuracy a phone on standby is able to, aggregated to a weekly basis'.

not weekly every few minuets, the program you were looking at only showed that in weekly chunks. The data has a whole lot more info.

Re:People are a bunch of crybabies

[romanval]

It doesn't matter, your carrier is caching your cell location and storing it in a database anyways. Remember the PATRIOT act?

Re:Is there ANY good reason to record GPS?

[gnasher719]

In an interview on Radio 4 this morning, they had an expert (I forget who) comment on this news. He suggested that the data could be used against people in divorce proceedings. Snoop the phone, or subpoena it if you can't sneak access. Maybe you'll uncover a hidden affair, or a trip to the casinos, or that the vital business trip on that day the mother-in-law was supposed to visit seemed to involve going fishing. Something, anything, that can be used against the phone's owner.

Without any further information, this is just a file on a phone containing some numbers. It is completely worthless unless you get someone testifying what the data actually means. And the only people who really know are a few developers at Apple. And we have people saying already that there is data in the file that is nobody near where they have ever been. So this "expert" is talking out of his or her arse.

Re:Is there ANY good reason to record GPS?

[ColdWetDog]

Maybe your VISA card transaction data will show you the same thing. Woops.

If your planning on doing something nefarious, pay cash and turn everything off.

Why is that different?

[Brannon]

What's to prevent Google from uploading the contents of that file to its master Big Brother server right before the file is wiped from your device?

Similarly, if Apple never uploads the contents of the file off of your device and it is inaccessible to apps, then how is that a security leak?

What would a real journalist do?

[spun]

Yes, it says that pretty clearly, right there on the blog.

In the FAQ. Nowhere in the summary or in the linked article do I find the sort of disclaimer that any reputable journalist with a conflict of interest such as yours would add. I'm not saying, "this guy is an ex employee of Apple so don't listen to a word he says." I'm just adding the sort of disclaimer that you, as a blogger and not a trained journalist, most likely simply forgot to add. You're welcome.

Re:What would a real journalist do?

[stonemirror]

I haven't thanked you yet. I last worked for Apple in 2001, and the work that I did was pre-iPhone, pre-iPod, pre-OS X. Since then, I've been publicly, and vocally, critical of a number of things Apple has done, and I was quite skeptical about the iPhone when it was introduced—I presented, for example, at "LUGradio Live" in San Francisco in 2008 on, among other things, why I didn't believe the iPhone had the chance of a snowball in hell against the unstoppable force of community-based open source goodness on mobile devices. Shows how much I knew. http://video.google.com/videoplay?docid=4794227130234037617&hl=en# So, unless you're supposing some sort of mind control on Apple's part, exerted on decade-old ex-employees, I don't see that any particular "disclaimer", beyond the clear mention on the easily accessible "About" page, is necessary, nor does my discussing the facts that I turned up represent any sort of a "conflict of interest". Frankly, you're making yourself look a little silly by suggesting that it is without knowing the facts of the matter. You'd have done a lot better to stick to something relevant instead. You're welcome.

Re:What would a real journalist do?

[jo_ham]

I think you just got "owned", I believe is the expression.

So much for the "disregard the article, he's an Apple shill!! Maintain the hysteria and total FUD about this issue!!" defence.

Re:What would a real journalist do?

[spun]

If you haven't worked there for ten years, and have been critical since, all the more reason to include a disclaimer. People will make their own assumptions if you don't. Sad but true, the world we live in is full of very mercenary people, and very wealthy corporations who will pay them quite a bit of money to say the right things. The best agents keep a few disagreements in their back pocket to trot out and show the unbelievers. I'm sure that's not the case with you, you sound sincere enough, but why not let your readers make up their own minds?

Re:What would a real journalist do?

[spun]

Did I say he was an Apple shill? No. I said, someone who works for a company for ten years and then goes on to write about them should disclose his relationship in the articles he writes. "As an e ex Apple employee, let me just say yadda yadda yadda." is not that hard to include. Not including it leaves the impression one is hiding something.

But thanks for your opinion, it added a lot to the discussion.

Re:What would a real journalist do?

[jo_ham]

He mad no attempt to hide the fact - it's spelled out right on the FAQ, and it relates to employment over a decade ago, followed up with a video link of him being critical of Apple.

Not what you were expecting when releasing this "ignore him guys, he's an ex-Apple employee" in a clear inference that the whole article can just be dismissed out of hand.

Not what you were expecting I think. I think my comment added just as much to this discussion as your "exposé".

Re:What would a real journalist do?

[spun]

Yes, everyone reads the FAQ of a website. And I never said to ignore him, now did I? If that was what you picked up from what I wrote, well, there isn't much I can do to clear up your misunderstanding that I haven't already done. And my pointing it out, rather than hurting his reputation, has enhanced it, as people such as yourself actually read his FAQ and learned more about him when they never would have bothered before, thereby helping put what he wrote into the appropriate context. More information and understanding all around never hurt anyone.

Bloggers need to disclaim their biases in their articles, not some FAQ. If I thought he was a shill, I would have called him one flat out. However, others are not as trusting as I am. For them, a disclaimer would make it appear he has nothing to hide, while a lack of a disclaimer is tantamount to proof he is a shill. That's just the reality of today's money driven media, and the cynicism it breeds. Ignore it at your own peril.

misses the point

[aahpandasrun]

It's not about the frequency or accuracy of how the phone is tracking people, it's that face that it's doing it period. I'm sure it's a standard feature related to diagnostics or cell tower use that's in every phone, but I'd be interested in an explanation from technical people for what it's actual purpose is.

Googe Latitude

[Fred+Ferrigno]

I take it you haven't heard of Google Latitude? It does pretty much what you're talking about, only intentionally, and with the consent of the user. I find it's actually quite useful.

Better article

[tylersoze]

https://alexlevinson.wordpress.com/2011/04/21/3-major-issues-with-the-latest-iphone-tracking-discovery/

Rotten Apple

[ninejaguar]

According to Apple, Apple sends itself your precise location data and shares that location data with whoever it wants to...

http://markey.house.gov/docs/applemarkeybarton7-12-10.pdf

As far as I know, Apple isn't the phone company and shouldn't be in the business of tracking its users from cell tower to cell tower or Wi-Fi to Wi-Fi.

What if Toyota or GM or Ford started tracking the users of its cars? How freaky would that be? Actually, if they partner with Apple, they can track you in your car. That Orwellian 1984 Ad from Apple, back in 1984, really makes sense now...except the roles are reversed. If Google does this too, then Rotten Google indeed.

Precise Orwellian location tracking, massive sales in authoritarian China...hmm...
http://techland.time.com/2011/04/21/iphone-growth-suddenly-soaring-in-china/

= 9J =

Re:Rotten Apple

[Caerdwyn]

As far as I know, Apple isn't the phone company and shouldn't be in the business of tracking its users from cell tower to cell tower or Wi-Fi to Wi-Fi.

Google Maps uses cell phone tower info to provide a rough location until GPS information allows precise locations. This is sent to Google in order to obtain the map-segments you will need, and that is done through Apple's APIs. It doesn't surprise me that there is a file where this information is cached pending retrieval of the needed info; the bug may simply be that this buffer isn't being flushed as anticipated (echo location >> file instead of echo location > file). Now, if that info is being used for other things (by Apple which has demonstrable need for the info local to the phone, or by Google which has demonstrable need for the info at their map-servers), or by third parties (who don't have legitimate need, in which case this is an Apple security bug, but the "spy on you" piece of evil intent goes to the third party NOT Apple), that's news. The fact that the info is there at all? Not news.

Capability does not prove intent. That's important. If any of you ever draw jury duty, you'd bloody well better hold that concept to be holy, in which case I'd ask why is okay to abandon that concept elsewhere?

Owaitslashdotnevermind.

Secondary question: is there a similar location cache on Android? If so, the screech should be just as loud outside of Google's offices and every cell provider's offices. If it's evil for Apple to do, it is equally evil for Google to do, and you either call out both of them or neither of them. Selecting just one reveals the color of one's kneepads.

What if Toyota or GM or Ford started tracking the users of its cars? How freaky would that be?

Like OnStar?

Re:Rotten Apple

[ninejaguar]

if that info is being used for other things (by Apple which has demonstrable need for the info local to the phone, or by Google which has demonstrable need for the info at their map-servers), or by third parties (who don't have legitimate need, in which case this is an Apple security bug, but the "spy on you" piece of evil intent goes to the third party NOT Apple), that's news. The fact that the info is there at all? Not news.

Capability does not prove intent.

Are you serious? We're talking about a for-profit company. Grow up. Apple stated in that PDF link that they will share this info with whoever they damn well please. Based on your argument, that "spy on you" complicity makes Apple intently evil.

the bug may simply be that this buffer isn't being flushed as anticipated

And, no, it isn't a bug...again, if you just read Apple's PDF, they tell you it's intended. Maybe this will help, but I'm beginning to doubt it seeing a pattern in your thoughts:

http://www.wired.com/gadgetlab/2011/04/apple-iphone-tracking/

Like OnStar?

Are you able to tell the difference between an expensive service that you want to intentionally subscribe to and knowingly pay for, and an unwanted security risk that shows up on the news to surprise everyone because it's first time the public has ever heard of it?

is there a similar location cache on Android? If so, the screech should be just as loud outside of Google's offices and every cell provider's offices. If it's evil for Apple to do, it is equally evil for Google to do, and you either call out both of them or neither of them. Selecting just one reveals the color of one's kneepads.

I thought I did say that Google would be rotten for doing it, but your own screeching must've blinded you. Oh, wait crapple-fanboy-syndrome stuck in a logical loop.

= N9 =

Re:Rotten Apple

[CheerfulMacFanboy]

What if Toyota or GM or Ford started tracking the users of its cars? How freaky would that be?

What is OnStar? I'll take, "You're not nearly paranoid enough, you must be one of them" for 600, Alec.

Re:Rotten Apple

[ninejaguar]

What is OnStar?

Well, if you're asking how does it differ from spying on you without your knowledge as Apple does? It's the difference between an expensive consensual act, and a free rape.

= N9 =

Re:Rotten Apple

[dreampod]

Maybe I'm paranoid but what makes you believe that they are not tracking or at least able to track any OnStar capable vehicle regardless of whether you are subscribed or not. Recently there have been entire lines of vehicles that come with OnStar as a default and (I think) a 'free one year trial subscription' and you can later activate the OnStar function even if not currently subscribed and receive assistance at a inflated rate.

Re:Rotten Apple

[CharlyFoxtrot]

Secondary question: is there a similar location cache on Android? If so, the screech should be just as loud outside of Google's offices and every cell provider's offices. If it's evil for Apple to do, it is equally evil for Google to do, and you either call out both of them or neither of them. Selecting just one reveals the color of one's kneepads.

Yes it has, it seems data is retained for a shorter time than on iOS though.

data used against you

[milwcoder]

Sure, phone companies may have better tracking data, however, the law protects cell phone location records from misuse or illegal access. The iphone tracks my rough whereabouts for months, years, guess what law enforcement will do if they have the option of jail breaking my phone, or get a warrant for the cell location records?

I think it is worthy for iphone owners to go "hysterical" by taking necessary steps to disable this kind of tracking, or have apple correct this excessive tracking.

FINE!

[sortadan]

Ok already, I'll go look... just did a backup here at work and extracted the consolidated.db file (AT&T 3Gs iPhone).

There are 28862 rows of data for me.

I'm on a PC so I found this nice little tool that plots google map coordinates.

The majority coordinates are clustered around my work and my home, but scattered around a 1/2 mile radios or so.

You can clearly see when I took a road trip around the western US last year (the path I took and when I was where in Oregon, California, Nevada, etc...).

More interestingly, you can see where in France I was last September, so this is not limited to US borders or AT&T.

The data comes in bursts, and even has a bunch of clustered coordinates with the exact same time code. I'm surprised they don't store the averaged weighting of them by HorizontalAccuracy to get a more exact location. I wonder if each data point is somehow significant for future processing of location.

Tower caches probably exist on old phones too

[ajdub]

I'd wager that most mobiles from the pre-smartphone era also maintain some kind of tower cache. I'd also wager that at least one of them also has some kind of bug where old cache entries live for way longer than they should.

Ho-hum

[Jgarren]

I can't understand the stir that this has caused. I use the find my iPhone-iPad feature of mobile me as well as Evernote on my iPad. All very useful and have incorporated this data. I would prefer that my whereabouts are tracked. The next story on this will be someone being found using their latest long/lat. Do you really believe that our lives are that private, or need to be?

No big deal? It will be.

[Posting=!Working]

For anyone who thinks that this is no big deal, I agree with you, it isn't one now.

That will all change the first time the information is subpoenaed in a divorce case. Then it will be an incredibly huge deal.

Re:iphone suckers

[UncleTogie]

I'm more annoyed by the BS line on page 5 that reads:

"To provide the high quality products and services that its customers demand, Apple must have access to location-based information." {emphasis mine}

Bulls**t. There's no "must" about it, and is pretty damn dishonest in itself.

What difference does it make?

[Tangential]

Get over it.

When you decided to turn on a cell phone, you gave up any semblance of privacy that your location has. Worst of all, that data isn't stored in a file you can clear on your phone...It is stored in servers at kind and gentle companies like AT&T and Verizon where it is imminently available to most any agency that needs it.

Google sets cookies in your browser and tracks your location by IP address on every query you make (or map you hit or gmail you read or ...) Your ISP does much the same thing. How are they less dangerous to your privacy?

If you really want to remain anonymous and not be tracked then don't have or use a cell phone or 3G data service. Don't have any internet service. Constantly clear your browser temp files/data and store them only in a ram disk. Also, change your mac address every time you connect in any way to the internet. Better yet. Pick a random library and use their computer.

Staying away from credit/debit cards would be a good idea as well. Just use cash and buy gift cards.

what I cannot understand

[Presto+Vivace]

is why Apple and law enforcement cannot use this data to locate stolen phones.

Re:what I cannot understand

[stonemirror]

They do: Location Services is what makes "Where's my iPhone?" possible.

Re:what I cannot understand

[Presto+Vivace]

then why are so few stolen phones recovered?

Re:what I cannot understand

[Opportunist]

Because that would draw attention to the issue? Wouldn't you want to know how your stolen phone was found?

Re:what I cannot understand

[CharlyFoxtrot]

then why are so few stolen phones recovered?

Because criminals with more than 2 braincells turn them off ?

Don't panic?

[Chris+Mattern]

So you're saying the iPhone is mostly harmless, then.

Re:Don't panic?

[mjwx]

So you're saying the iPhone is mostly harmless, then.

No, I said "mostly useless" but I understand that the words get switched around when you machine translate it to Vogon and back again.

Click on our website: ( http://www.fullmalls.com

[xiaojiekuiiu]

Click on our website: ( http://www.fullmalls.com/ ) Website wholesale various fashion shoes, such as Nike, Jordan, prada, also includes the jeans, shirt, bags, hats and decoration. Personality manufacturing execution systems (Mes) clothing, Grab an eye bag coat + tide bag Air jordan(1-24)shoes $30 Handbags(Coach l v f e n d i d&g) $35 Tshirts (Polo ,ed hardy,lacoste) $15Jean(True Religion,ed hardy,coogi) $30Sunglasses(Oakey,coach,gucci,A r m a i n i) $15 New era cap $12 Bikini (Ed hardy,polo) $20accept paypal and free shipping ( http://www.fullmalls.com/ )

MODS

[TapeCutter]

The GP deserves some of your points.

This is simply Wifi positioning?

[Fulkkari]

My guess is that the data is fetched to the phone when other means of positioning fails. This data is probably not your location, but the location of nearby Wifi hotspots. By using the nearby Wifi hotspot locations the phone still approximates your location, which is ofcourse neat. According to the update in the article, Android phones would seem to do the same.

Buffering data on the device makes sense. Downloading it every time you visit a location be much bigger privacy issue. Ofcourse downloading it in the first place would reveal your approximate position to Apple (or is it Google?). In my opinion, there is two things that could be improved: 1) disabling of Wifi hotspot positioning entirely and 2) expiration of data (shorter, if there already is expiration) of maybe one month to a couple of months.

I don't have an iPhone so I have not analyzed any data, but this would seem logical to me. My bets are that this is not some evil scheme to "track your every move", so calm down.

Re:I am not

[ThePromenader]

Don't Panic? I ~love~ to panic! Why do you think I bought my iPhone in the first place?

Lie watch

[Alistair+Hutton]

"I actually looked at the data"

"I haven’t done a raw dump of the locations in the file"

So that first quote would be a lie then?

Re:Lie watch

[stonemirror]

Hm. While I didn't look directly at what was in the database at that point, I modified Peter Warden's tool to let me get a more refined picture of what was going on, both by increasing the precision, and by aggregating the data on a daily basis, as opposed to a weekly one.

That said, I actually got into what gets stored in a representative consolidated.db's "CellLocations" table today, and dumped out raw data to an Excel spreadsheet (which you can also download if you want to play with it yourself). I also mapped each "batch" of locations—since they're time-stamped in a dozen batches ranging from 7 to 43 locations, collected at intervals ranging from 1 minute to over 16 hours, and covering geographical areas from a few blocks up to 80 or 90 miles. You can see all the details at http://caffeine.shugendo.org/2011/04/22/an-even-deeper-dive-into-the-iphone-location-data/

Now that we've gotten that out of the way, kiss my ass.

Privacy is fake

[huzur79]

privacy privacy privacy privacy, you don't have privacy in a electronic world and thats a big period. If you want privacy don't own a cell phone. If you want privacy use only cold hard cash and not debit and credit for purchases. If you want privacy do NOT use any store reward programs. Don't use the internet. When your cell phone is on, your being tracked, be it by the phone itself or the cell phone companies. When you use debit or credit to purchase anything your being tracked. When you use reward programs or electronic fare systems on transit you are being tracked. Every website you go to your being tracked. Seriously most people think they have privacy but they don't. The privacy you have is only limited to the documents and policies of the companies that you deal with and local laws. The privacy you have with any form of electronic systems is what and what a company can do with your personal info its collecting. The only true privacy is to give up the electronic world. Think about your car GPS system. It remembers all the addresses you put in it. Every element of the electronic world will have these issues. Physical security is about the most important thing you can do to protect yourself. Don't lose your stuff for others to play with.

3G only, not WiFi

[68kmac]

I looked at the data that my iPad collected. It's only data from the few occassions when I used 3G. If it would also collect information from WiFi, it would have recorded that, say, I was in Canada where I used the hotel WiFi but not 3G. But no location information was recorded there. As others have already pointed out, it's only recording information about the 3G cell towers that the iDevice sees.

Re:not apple, but google "being evil"

[FhnuZoag]

Garbage. Google can't write to this file on iPhones. And the file stored on Android is very different.

Why thay may be recording this info

[asdf7890]

A lot of people are saying they don't know why the iDevices are recording as much info and why it is kept for so long. There is an obvious purpose that many seem to have missed: warranty claim checking. It is known that the devices have ways to detect certain warranty voiding events (like having a small piece of litmus paper so they can tell if the device has been significantly exposed to liquid), so why not use this info to. While in most cases it will tell them nothing it could be used to check for obviously false claims. You were at home and it suddenly stopped working you say? Oddly enough your phone's records say you were up a mountain at that time...

Re:Why thay may be recording this info

[duguk]

A lot of people are saying they don't know why the iDevices are recording as much info and why it is kept for so long. There is an obvious purpose that many seem to have missed: warranty claim checking. It is known that the devices have ways to detect certain warranty voiding events (like having a small piece of litmus paper so they can tell if the device has been significantly exposed to liquid), so why not use this info to. While in most cases it will tell them nothing it could be used to check for obviously false claims. You were at home and it suddenly stopped working you say? Oddly enough your phone's records say you were up a mountain at that time...

So it's okay for Apple to store your longitude, latitude and timestamp, at seemingly 'random' intervals; just in case it ever goes wrong?

Pretty sure I know exactly what it's used for

[yabos]

We all probably know the phone can get the gps location of a cell tower over the cellular network and that the iPhone uses this to get an initial location fix. Or it will only use this cell tower location rather than power up the GPS if you ask the phone(through code) for a rough estimate of location, because sometimes that is all you need. The iPhone is all about power saving so I believe all this is is a local cache of all known cell tower locations.

Think about it for a second. The iPhone talks to a tower, finds out it's location and stores it locally. Next time any application requests a location through Location Services, the phone looks in the cache and instead of using the cellular network(which will use battery power), they read it from the cache.

My personal experience

[RogueWarrior65]

Much of the data is bogus. I looked at my iPad and it's got data points where I know the device has never been. Furthermore, it's missing a ton of data for where I know it has been. Finally, the dates are all wrong. IMHO, this would never hold up in court.

The only people who care

[kyrio]

are the retards who bought Apple products.

Perspective

[toddestan]

That's because around here, nuclear power and Apple are two things that everyone has pretty much already made up their minds on (hence, the "fanboy" effect). Therefore, any article that comes up here on those topics is pretty much either people fellating the author/submitter, or going through whatever contortions they think are necessary to try and dismiss the article as bullshit.

Other similar topics include (but are not limited to): HTML5, global warming, vi vs emacs, and whether or not the second Matrix movie was any good.

Re:People are a bunch of crybabies

[Quiet_Desperation]

Looks like I found people, including mods, who don't know a joke post if it ran them over like a bus. Oh well.

iPhone Geotag

[peterburkimsher]

Thanks to seeing this on the news, I've written an AppleScript called iPhone Geotag. It uses the location data to tag Places for your pictures in iPhoto. Brings a happy ending to this scandal, eh? Check it out on: http://goo.gl/OQzfB