Discussion about
ryan

Your iPhone is secretly tracking -- and storing -- your location at all times.

Some security researchers have discovered that all iPhones with iOS 4 are apparently keeping a (presumably private) database of all your visited locations, which they've written an app to access and plot on a map. The brief and project is here: petewarden.github.com­/iPhoneTracker/

I just ran this app. It works. (See also: gizmodo.com­/5793925­/your­-iphone­-is­-secretly­-tracki... ). It's more than mildly terrifying -- and completely insane. I'm not usually at such a loss for words, but I don't really know what comes next.

sort by

24 replies
ArmpitOfDeath

I'm on tenterhooks to see the Gruber spin on this.
4 like dislike
ArmpitOfDeath

Well, having seen it, why am I not surprised I see many elements of the boggerati taking a very measured stance to this (which is, in fact, the way to take it but that's beside the point)? If anyone else was doing it (even in the same way) these guys would be losing their minds, as can be seen from their previous output. Applezombies, sheesh.
1 like dislike
dennisfxm

As Apple puts more and more emphasis on "it just works" in the iOS era, I Wouldn't be surprised if this simply helps your device find your geolocation when you fire up your maps app or helps with getting directions quicker. Anecdotally, iPhones always seems to be quicker to figure out where they are compared to my Droid X.

The issue here is that it is an undocumented "feature" which leads too much to the imagination. Just remember, your iOS device doesn't phone home with this info, so it is only on your phone. I don't mean to be an Apple apologist, and for all I know there is no legit reason to keep this data on your phone, but there's no need to jump to conclusions either way.
2 like dislike
tylr

What I wonder is if this is regardless of having the location features enabled or not. I know many people who disable location features for this very reason but I always thought they were just being a little worried about being tracked or something. I guess I was very wrong in my assumption that Apple only used location features for reasons that I allowed.

Also, I wonder what sort of use Apple thinks they can get out of such data without a major controversy on their hands.
1 like dislike
ryan

This is not permission-based (i.e. you are never asked by Apple if you allow this tracking), and it happens with all location disabled as well. It uses cell triangulation, which means even if you keep GPS off, it is still acquiring and logging your location at all times.
1 like dislike
Thomas

Best I can tell, the discovery of this database happened back in mid 2010. Tweakers (Dutch site) wrote about it in June 2010.

tweakers.net­/nieuws­/68127­/apple­-gaat­-locatiegegeve...

There's even a 2010 book that goes into much more detail:

"IOS Forensic Analysis: for IPhone, IPad and IPod Touch" By Sean Morrissey.

Here's an interesting excerpt that demonstrates how the .db file can be used in crime investigations:

https:­/­/skitch.com­/triixxy­/r58r7­/ios­-forensic­-anal...

Strange that Apple news like this could lie dormant for nine months. Shows the power of visualizations, I guess.
3 like dislike
ryan

I think it's also good evidence of how insular the forensics community can be; unlike the security world, when it relates to issues of privacy it seems like maybe there's an incentive not go public with this stuff in the same way.

But yes, very weird indeed that this has been known by a select few and is just now coming to light.
1 like dislike
Derekl

You have actually given Apple permission, it's just tucked away in their Ts &Cs.
2 like dislike
dave

"You have actually given Apple permission, it's just tucked away in their Ts &Cs."

I actually think this is a rather weak argument that people are throwing around, especially considering that no one can be reasonably expected to read through 50 pages of a EULA. Just because something is in a license doesn't make it any less okay.
1 like dislike
gRagib

What we need are laws that compel corporations to provide data they collect about us on request, and have that data destroyed if we so desire.
0 like dislike
StevenWay

Wonder how long til there is an app that constantly wipes this file for you?
0 like dislike
dave

"Wonder how long til there is an app that constantly wipes this file for you?"

Already exists! If you jailbreak:
www.9to5mac.com­/62952­/jailbreak­-utility­-blocks­-ios...
1 like dislike
gRagib

Just for the sake of curiosity, I'll give this a shot. I'll go back to using my iPhone 4, but I'll turn off location services. We'll see in a few weeks' time!
0 like dislike
gRagib

Well, after one day of using my iPhone with location services turned off, it seems to be keeping a log of where I've been anyways. I'll continue this for a week or two.
0 like dislike
dave

This is pretty crazy. I have location data being stored that's at least 6 months old, if not more so. There's location data from Boston, Austin, SF, LA, and even a layover in Las Vegas. It's crazy.

My map of the the Bay Area:
www.flickr.com­/photos­/rockbandit­/5638263046/

Zooming in, the data seems much less accurate, which I thought was interesting. I wonder if it's logging cell tower locations for diagnostic purposes?

Zoomed in view of my data in San Francisco:
www.flickr.com­/photos­/rockbandit­/5638278396/

EDIT: I'm a big idiot. Straight from the project's FAQ:
"To make it less useful for snoops, the spatial and temporal accuracy of the data has been artificially reduced. You can only animate week-by-week even though the data is timed to the second, and if you zoom in you’ll see the points are constrained to a grid, so your exact location is not revealed. The underlying database has no such constraints, unfortunately."
1 like dislike
mike

If I may put on my tinfoil hat for a second...I suppose that if your phone is ever used as evidence in an investigation against you, the authorities will discover that you took a little trip to the middle east while adventuring with your buddies last summer, and BOOM no-fly list for you.

EDIT: yes they'll track you with your passport but they don't know what towns you visit.
2 like dislike
beau

Are we really surprised by this? I wouldn't be shocked if mobile telcos are storing the cell tower location data of every phone on their network, no matter the model. If you don't want to be tracked then don't carry a radio transmitter in your pocket at all times.
1 like dislike
bloodyrids

Does this app work with windows?
0 like dislike
dave

OS X only as the moment, though it's possible to still extra the data and view it, providing you have Python installed and some sort of SQLite viewer available (Firefox has one). That said, I do imagine someone will fork the app on GitHub and build a Windows version soon.
0 like dislike
bobegan

It seems to me that individual privacy began to fade the minute electricity was turned on.
Many inventions: telephones, credit cards, cell phones, the internet not only provided more erosion to the notion of privacy, but also raised the granualarity of the infractions.

The issue it seems, is that the privacy infractions were either invisible or the dots never connected by individuals. Apps like Flury, log files like this one on iPhones become visible and at least temporary backlash occurs in the media.

Or is there more to this I am missing?
0 like dislike
ArmpitOfDeath

Well - read into this what you like. From All Things D, June last year:

His Jobsness: We've always had a very different view of privacy than some of our colleagues in the [Silicon] Valley. We take privacy extremely seriously.... A lot of people in the Valley think we're really old-fashioned about this...

The Man From WallSt Journal, He Say Yes (as long as it has an Apple logo): But aren't you also going to be moving more into cloud-based things? Doesn't that inevitably introd—

Jobs: No! Privacy means people know what they're signing up for, in plain English and repeatedly.... let them know precisely what you're going to do with their data. That's what we think.
2 like dislike
dave

I think that's where a lot of the backlash lay. Apple preaches user privacy and how they require all apps to receive user permission to use location data. Yet they still collect and store user location data for their own purposes (regardless of whether the intentions are decent or not) without explicit permission from the user.
0 like dislike
gRagib

I have stopped using my iPhone 4 as a phone permanently and I've pulled the SIM. I'll stick to my Nexus One till my Xperia Arc arrives.

It is just irresponsible of Apple to leave such data unencrypted on a person's hard disk, while also copying it to other devices synced with that PC when you restore one device using restore data from another device.

What I noticed is that the iPhone logs your location only when you have a SIM inserted. I went on a cross-border road trip a few months back, and to avoid roaming charges, I pulled the SIM from my iPhone. Guess what! In iPhoneTracker, there are no entries for the three weeks when I was on the road! There is plenty on location data before and after the road trip, including up to and from the border, but not during the road trip overseas where the iPhone didn't have a SIM in it.

I pulled the SIM instead of using airplane mode because the GPS doesn't seem to work in airplane mode, and I wanted to use Navigon for offline navigation.
-1 like dislike
gRagib

By the way, what is the exact utility of such tracking data? Location data for serving advertisements is only supposed to useful when the request is made for the ad. There should be no use for it a few months down the road when you might be in a different city, or a different country.

Is Apple using cellular iOS devices as a bug to map out cell sites? If they have my approximate location, and signal strength of various cell sites around me, that would be invaluable data to do geolocation when GPS reception is poor. This is exactly what Skyhook and Google StreetView were doing, but with WiFi.
0 like dislike
share:

16 users following this discussion, including:

  • gRagib
  • ryan
  • tylr
  • StevenWay
  • dave
  • bloodyrids
  • beau
  • Thomas
  • gondoi
  • mike

This discussion has been viewed 3428 times.
Last activity .