Police Using Apple iOS Tracking Data For Forensics

Several readers have sent in follow-up articles to Wednesday's news that iPhone location data was being tracked and stored. First, it seems Android shares a similar problem, though the file containing the location data is "only accessible on devices that have been rooted and opened up to installation of unsigned apps." Developer Magnus Eriksson has created an app to flush this data. Next: the iPhone tracking file is not new, just in a different place than it used to be. Reader overThruster then points out a CNet story indicating that law enforcement has been aware of this file for some time, and has used it in a forensics context. This story is a growing concern for Apple, particularly now that Senator Al Franken (PDF) and Rep. Ed Markey (PDF) have both written letters to Steve Jobs demanding details about the location tracking. Finally, PCMag explains how to view the location data present on your iPhone, should you so desire.

Whoa, whoa.

[tripleevenfall]

Some blogger told us yesterday there was no reason to panic, and this data was perfectly safe.

Re:Whoa, whoa.

[couchslug]

My Reality Distortion Field will prevent anyone from reading my information.

Re:Whoa, whoa.

[bennomatic]

There is no reason to panic, actually. Short term solution: turn off location services. Long term solution: Apple reduces the time cached data stays on the phone.

There's apparently a good reason for the cache, otherwise Android wouldn't do it, too. I can't see a reasonable cause for it to be cached ad infinitum, though.

Of course, as others have pointed out, bazillions of people affected by this have location services turned on so that they can check in with 4square, add locations to their tweets, do location-based searches on Google, and so on. People are leaving breadcrumbs all over the place. Heck, if they have location services on, I think most smartphones include it in photo metadata, so all someone has to do is look through your camera roll to figure out where you've been.

Of course, metadata or not, if you've got a picture of yourself in front of a cable car with a news stand nearby, it's pretty easy to tell where you are and when you were there.

Re:Whoa, whoa.

[plover]

Your phone's location data has always been available to anyone who presents a warrant to your phone company. This just makes it easier to perform warrantless searches like they do in Michigan.

Anyone with a cell phone should have an understanding of this. If you bring a cell phone with you while you're committing a crime, don't be surprised if it's used as evidence against you. And if you bring a cell phone to Michigan, learn how to say NO to the cop who asks you if he can see it. At least in America, you are still not required to cooperate in investigation against you.

Re:Whoa, whoa.

[Lord+Byron+II]

Well, keep in mind that there is a difference between being asked and being told to do something. If a cop asks you:

"Can I see your cellphone?"

Then, you're under no obligation to answer in the affirmative. However, if he says:

"Hand over your cellphone."

That's a demand and you're legally required (with some exceptions) to comply. Although cops are well-trained and they know how to phrase a question such that it sounds like a demand:

"I'm going to take a look at your cellphone. Would you hand it to me?"

The point is that when talking to the police, stay calm and listen to exactly what they're saying. If you're not clear if something is a question or a demand, then ask for clarification.

Re:Whoa, whoa.

[Drakino]

From WWDC 2010, the purpose of the cache is for offline use, and to minimize network calls. Since it's the same code on both iPhone, iPod Touches, and iPads, the WiFi part in particular is important, since not all the devices may have 3G data connections at all times. The example they gave at the presentation was an iPod touch user pulling out his device while at the conference and locating a nearby restaurant using the free WiFi there. By searching in an area, Apple also sends down the relevant WiFi access points in the area to feed into the cache. When the user leaves the conference center and drops off the data network, the Maps program can still show a pretty accurate location, allowing the person to navigate to the restaurant. If he takes any photos or video along the way, it's all geotagged too if the user enabled that feature.

For Android, (and likely every other phone with AGPS) the cache is there to minimize the times the phone has to go and ask over the data network to get the initial seed data for the real GPS. Apple took it a little father to also help out their GPS lacking devices.

Re:Whoa, whoa.

[causality]

Well, keep in mind that there is a difference between being asked and being told to do something. If a cop asks you:

"Can I see your cellphone?"

Then, you're under no obligation to answer in the affirmative. However, if he says:

"Hand over your cellphone."

That's a demand and you're legally required (with some exceptions) to comply. Although cops are well-trained and they know how to phrase a question such that it sounds like a demand:

"I'm going to take a look at your cellphone. Would you hand it to me?"

The point is that when talking to the police, stay calm and listen to exactly what they're saying. If you're not clear if something is a question or a demand, then ask for clarification.

I can talk to elderly people who remember a time when cops were not state-sponsored thugs who rigorously searched for every possible way to nail you with something. Seriously... what kind of psychotic assholes thought it would be a great idea to train cops to request optional cooperation in a manner that sounds like a mandatory demand? What kind of world do people like this hope to live in?

Even if I were the undisputed dictator for life, an autocrat with absolute power, a sovereign whose orders are always obeyed without question and without hestiation, a ruler without rival, the man in charge of everything ... I still would not want to live in a dictatorial police state. I still don't want to be surrounded by that kind of misery and disharmony. I especially wouldn't want to be even partially responsible for it. No affirmation of my ego would be enough to make it worthwhile.

In some ways I can easily understand the minds and spirits of power-hungry people. In some ways I can easily grasp why the USA is becoming a police state. I see the forces at work driving both. They're the same type of perversion and corruption that has befallen every great nation. It's what possessed every bloodthirsty mass-murdering tyrant throughout history, and by that I refer to those who had motives other than self-defense. The history books usually refer to them as "conquerors" with a certain awe. As the saying goes, if you kill a man you're a murderer; kill many and you're a conqueror.

But in other ways, I really don't understand it at all. I mostly want to be left alone to live my life as I see fit. Taking responsibility for my life, not allowing my decisions to harm others, and respecting the freedom of others to live as they see fit are the only obligations I truly recognize. Yet for those who view life as one gigantic struggle for control of others, it's just a matter of who's holding the reins. Each would like to be that person or a member of that group. Often, this is even portrayed as normal and is rarely questioned. As common as it is, as predictable as its machinations are, this mentality is completely alien to me. I know it only through outside observation. Am I in a small minority here? Am I really?

If so, cops who find petty deception and intimidation useful, not so they can solve some heinous crime and bring a dangerous criminal to justice, but so they can brag to their buddies about how many additional charges they added to some poor schmuck who was a threat to no one ... well that's just the beginning. They think they're running the show because they can push civilians around? They're dogs on a leash to the truly powerful, obedient and loyal so long as their "appetites" are satisfied.

What a shame. We could have a much more beautiful world than this.

Re:Whoa, whoa.

[plover]

It starts out as simple corruption. Like most jobs, cops are reviewed on how much output they produce. Yes, they may have found ticket quotas to be unconstitutional, but there is an understanding that if Officer Jones brings in 5 guys with 3 charges each, and Officer Smith brings in 5 guys with 1 charge each, guess who gets promoted to Lieutenant? Hint: it's Jones.

And they're not stupid. They're trained on techniques that bring in more bad guys. If Officer Jones really wants that Lieutenant rank, he's going to use them. They also don't have to be reasonable, because they can always leave it up to the judge to determine reasonableness. As long as they follow the rules to the letter, if they want to try things like warrantless searches just to boost their own image in the eyes of their boss, they will.

The thing is that many people don't view that as corruption. "He's a go-getter!" "He makes things happen!" Those are compliments. And if a cop uses a warrantless search and uncovers a guy who phoned a drug dealer, then uses that as probable cause to search for and find a joint in his car, politicians will celebrate a victory for the system -- never mind that the search was a fishing expedition launched for selfish corrupt reasons, and that they're prosecuting a guy for a victimless "crime". "He made things happen!" And if the dirt that led to the arrest is ever exposed, the politicians decry it as a "liberal judge legislating from the bench."

It's a corrupt system, yet for the most part it's still better than all the alternatives history has demonstrated.

Not so similar

[loconet]

Worth mentioning in Android's case is only used for caching so the data gets overwritten every so often. Unlike iPhone's

Re:Not so similar

Then why can I type in the BSSID (MAC address) of my WiFi router into http://samy.pl/androidmap/ and via google it will tell me exactly where it is?

Every time my Android phone connects to my router at home it uses 3G data just before doing so. Whether or not the phone's recording the info locally, it sure is sending it to Google.

If if was just kept locally that'd be one thing, but it's going much further and telling a third party the co-ords. That's much worse than what Apple's doing.

Re:Not so similar

[WaffleMonster]

Worth mentioning in Android's case is only used for caching so the data gets overwritten every so often. Unlike iPhone's

When you say "overwritten" does the same transistor array get rewritten or is the operation subject to the wear leveling algorithm like everything else on the file system meaning the data can still actually be recovered leaving it in reality no better than the iphone?

Re:Not so similar

Both are caches, one is bigger than the other. Also, they fail to mention that the file on the iPhone is also not accessible unless the phone is jail-broken (or rooted). People are choosing the words they want to use to make one look worse than the other.

I used to come here for intelligent comments, not having to provide them.

Re:Not so similar

[Nerdfest]

I'm fairly sure that Google (via their Street View cars) and others companies have recorded the MAC address of every router they could pick up. This is what they were doing when they picked up the extra non-encrypted data everyone seems to be up in arms about.

Android

[recoiledsnake]

First, it seems Android shares a similar problem, though the file containing the location data is "only accessible on devices that have been rooted and opened up to installation of unsigned apps

Doesn't Android just store the past few days information unlike years together like the iPhone?

Re:Android

[uniquename72]

So it's degrees of evil? Do you really think the cops will "bust you less" if they only have a few days worth of your data?

That would depend on the time period they were investigating, now wouldn't it?

Re:Android

[Sparks23]

No, Android stores the last 50 unique cell-derived locations (in cache.cell) and the last 200 unique wifi-derived locations (in cache.wifi). In other words, the file /is/ truncated, but based on quantity of data rather than age/time. Apple's logfile is not truncated, whether by design or programming error.

Conversely, Apple's log remains on the device only for Core Location caching; it's stored in iPhone backups, but isn't ever sent back to the mothership (at least so far as anyone has been able to tell). Google truncates the log, but does send the data when you hit a WiFi point and have a GPS signal; they use this to update their WiFi location database for GPS assist, as they use their own service rather than Skyhook. (If your base station advertises itself, open or otherwise, go to http://samy.pl/androidmap/ and enter your local router's MAC address; you can see where Google thinks that base station is, based on how Android devices have paired your station to their GPS data.)

Re:Android

[Drakino]

This particular file isn't sent back to Apple, since all it contains is data provided from Apple already.

The reason the cache exists was explained at WWDC 2010 (and possibly before). Keep in mind that not all iOS devices are cell phones, and some lack 3G data entirely, along with GPS chips. If you have Location Services turned on with an iPod Touch, and do searches in Maps, Apple sends down WiFi location data as part of the request to populate the cache. The idea is that even though an iPod touch lacks a dedicated GPS, it could still function well enough to geotag photos (again only if people opt in), or navigate away from a conference center to some restaurant nearby.

Re:Android

[_xeno_]

Your location most certainly is sent back to Apple. It's in the iOS 4 license and also Apple's privacy policy:

We may collect information such as occupation, language, zip code, area code, unique device identifier, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising.

Emphasis mine.

Part of the reason for Apple to use this data is to build a similar database to Skyhook/Google's - but their privacy policy flat-out tells you that they also keep if for advertising, and that it's identifiable by time and device.

what's the difference?

[v1]

between the cops' ability to subpoena cell phone tower records and this? just a bit more precision? they've been keeping track of this for decades

Re:what's the difference?

[bill_mcgonigle]

between the cops' ability to subpoena cell phone tower records and this? just a bit more precision? they've been keeping track of this for decades

No subpoena required. Did you see the article here a few days ago about Michigan sucking all the data off of phones during routine traffic stops?

Sure, it's patently illegal under the 4th Amendment to the US Constitution, but then again so are suspicionless checkpoints and yet we have Michigan v. Sitz.

Michigan again - no wonder everybody is moving out.

Not tracking your every move

[sanchom]

Also, it's not as cool as first reported... it doesn't actually track your every move: http://sanchom.wordpress.com/2011/04/21/your-iphone-isnt-following-your-every-move/ I wanted to see the paths that I followed around North America San Francisco, Winnipeg, Montreal, Vancouver, Seattle, and lots more of Vancouver. I was disappointed. I rarely saw a little stream of location markers showing “my every move”. I looked closer at the data, and it seemed very sporadic. Sometimes days would go by without a timestamped location. Other times, like when I was using Latitude to update my location during a bus trip from Vancouver to Winnipeg, updates happened much more often, sometimes multiple times per minute.

Re:Senator Al Franken

[bennomatic]

Oh, come on. He's good enough, he's smart enough, and gosh darn it, people like him!

Re:Senator Al Franken

[wall0645]

I voted for him in 2008, because he wasn't GOP and I wanted Obama to have a majority in the Senate. Little did I know he would be one of the biggest supporters of Net Neutrality. I am incredibly happy with my vote and not only can I say "Senator Al Franken" with a straight face, I can say it with pride when I say "I voted for Senator Al Franken, one of the best Senators currently in office."

Yet.

[traindirector]

Its still one of those deals where, as long as you aren't looking at CP or committing financial crime, law enforcement doesn't care about you for the most part.

Yet.

The better question is, why are you so comfortable that the huge troves of information collected about you over years and decades won't be used against you in the future? If the information's there, there is surely someone who would like to use it to their advantage. Just because those people (arguably) aren't in power now doesn't mean it's not one disaster, war, or election away from happening.

It's better all-around just to end these information-collection practices now and head off the future trouble we'll cause ourselves. But information is power, so limiting the information the powers that be have on each of us will be no easy task.

OnStar

[bhcompy]

OnStar records all driver information as well, and has been used in court against drivers. The FBI has also used it to track/bug people.

Re:Senator Al Franken

[plover]

Minnesotans could also say "Governor Jesse 'The Body' Ventura." Apparently they believe in electoral humor.

That's because, when given the choice between a turd sandwich and a poop-burger, we chose the shit-taco. Why settle for average dumb asses when you can have a top-of-the-line dumb ass?

I don't think we ever claimed to be the smartest state in the Union.

Re:Senator Al Franken

[Lord+Byron+II]

I'm not a resident of Minnesota and I'm not even a liberal, but I have to agree with you that just about everything I hear about Al Franken makes me smile. The guy seems honestly interested in improving things for his constituents. I just wish more politicians, on both sides of the aisle, would do so.

Remember the secret deal with printer makers

[colordev]

printer tracking was taking place for a decade before being made public by EFF

More importantly...

[msauve]

Google explains what they're doing, and offers the user a choice. When turning on Google Location Services on an Android phone, you get this message:

Location consent
Allow Google's location service to
collect anonymous location data.
Collection will occur even when no
applications are running.


Agree Disagree

OTOH, it's reported that Apple's location collection cannot be disabled, even if you turn off "Location Services."

According to the original article about the iPhone file, the location info appears to be based off cell tower triangulation.

What Google is doing with is mapping the location of WiFi access points. If you have GPS and Google Location Services on, when an AP is seen, it will tell Google the MAC address of the AP, and the geographic coordinates from GPS. This is what lets location services work even without GPS - when your phone sees a WiFi signal, it will ask the mothership where it's located. So, with Android, the user is providing info which in turn helps other users, and it's all being done with knowledge and consent.

Phones can do something similar based on the cell towers they see, but geographic info on those is available from the FCC and the carriers, so Android doesn't have to collect info on them.

So, Google is using a phone's location to map the location of WiFi APs, while Apple is using cell tower locations to record the phone's position. Those are two very different things.

Must be pinpointed within 100 meters

[traindirector]

I did a bit of research, and it looks like in 2005 a law went into effect in the U.S. that requires a service provider to be able to locate a subscriber within 100 meters when they dial 911. A GPS is not required for this because it can often be obtained using triangulation, but it looks like most providers of even cheap phones started included them anyway.

So no, the law does not require a GPS in every cellular phone. However, it looks like it may have had the same effect.

iPhone the same

[NameIsDavid]

Actually, the iPhone file is a caching file. It retains one entry per cell tower to which it's been connected and overwrites that entry with updated location data (of the tower, not the triangulated location of the user) each time that tower is encountered. So, tracking the user is actually difficult within areas they commonly visit since only fresh data will exist. For places visited only once, that data may live in the cache much longer.

Re:The security issue is similar to others

[Drakino]

The reason the cache exists on both iPhone, Android, and likely every A-GPS equipped device is the A part. Assisted GPS uses the known locations of cell towers (and recently WiFi hotspots) to help seed the real GPS part with rough location data to enable a quicker lock. The data in the caches on both Android and iOS are latitude and longitude locations of the towers, not the device.

Why is the cache a good idea? For the same reason any cache is. In this exact case, the phone doesn't have to use a data connection every time it seeds the GPS to look up coordinates for a tower. Reduces latency for cached lookups, lower power usage due to a skipped radio transmission, and lower data usage overall.

And as I explained in other posts, Apple already talked about their other use for the cache at WWDC 2010. Since not all of their devices have A-GPS or 3G data connections, the cache is helpful to enable those devices to still geotag photos and provide basic location info while away from a data source (such as being out and about not hooked into a WiFi network). The Maps program on the phone intentionally seeds the cache with WiFi access point info for the surrounding area to enable offline use.

Re:This shouldn't be news

[Sloppy]

You're foolish to think that the same information isn't collected by Android, Blackberry and other phones along with your wireless carrier. It's like believing that Google doesn't track searches and click throughs

People know that when they use Google, Google's servers will use everything they learn from the conversation, to Google's advantage. But Firefox and Safari don't report all searches and clickthroughs to Google; the client itself is either neutral or pro-user (ideally). Likewise, people know that the cell tower network can perceive phones moving around, but this happens without the phone being "in on it" (other than the mere fact that it necessarily keeps in touch with the network). When you look at it that way, it is surprising that the client device itself would be keeping logs for serving other parties (e.g. law enforcement or anyone else who might see a use for it).

The real reason this isn't surprising, is that we currently still accept that phones are intended to work for other parties even when their interests conflict with the users'. Our expectations for a cellphone just aren't the same as for a typical Linux PC. The very fact that you have to "jailbreak" most current smartphones to enjoy even a semblance of freedom and mastery (whereas you don't have to jailbreak your new x86 box) is pretty fucked up.

So what this really goes to show, is that phones are still considered a special case. The "personal computer revolution" is limited in peoples' minds to computers over a certain size. Make it small enough, and it's perversely ok if you're suddenly back in the 1960s stuck with whatever IBM choses to let you have.

Re:This shouldn't be news

[WankerWeasel]

Why aren't people upset that GPS units log this same information (TomTom, Garmin and in-car units) and likely with a greater deal of accuracy. This information is used in law enforcement investigations and has been for years. Same information, so why isn't is a big deal there?

How about a reverse look-up?

[NotQuiteReal]

Statistically speaking, nobody cares where you have been.

But there is a reason to see if somebody was in a particular place. I wonder if there is a mechanism for law enforcement to do a "reverse" search for "who was at this location" (rather than where has "user x" been).

This technology would be a great way to start looking for suspects. E.g. "a body was found in the ravine..." So search all cell records with approx locations near the ravine during the time of interest.

Re:The security issue is similar to others

[Captain+Hook]

Timestamps on any cached data serve to indicate due to the data possibly being too stale.

The cache timestamps the first time it sees a cell tower and never updates it. Wouldn't it make far more sense to change the timestamp with the most recent information so that apolications know the data is as fresh as possible?