U.K. researchers Alasdair Allan and Pete Warden have announced what has apparently been known in the digital security fraternity for some time: That your iPhone logs your movements and stores this data for extended periods of time.
Starting with iOS version 4, the researchers found that iPhones began logging and storing location information in a filed called “consolidated.db.” This file shows the user’s latitude and longitude, and is timestamped to the second. Troublingly, this information is not encrypted on the phone or on the iPhone backups made by iTunes. The file is also persistent, transferring itself to a new iOS device when the old one is replaced. Because data started to be logged in June 2010, the release of iOS 4, it is not known how long the data is stored.
The primary concern, beyond the fact that this data exists at all, is that is apparently not well protected. The data is not encrypted, and were a user’s device or computer to be stolen, the location information could be extracted with relative ease.
The purpose of this log is completely unknown. The researchers say that the data does not appear to be transmitted to a third party, at least not yet. They suggest that it could be a forthcoming feature from Apple, perhaps tied to their iAd software. As we’ve seen before, advertisers are keen to get location data, and Apple may be trying to better target the ads delivered to the phone. The researchers also point out that the geolocation information is not actually GPS data.
As far as we can tell, the location is determined by triangulating against the nearest cell-phone towers. This isn’t as accurate as GPS, but presumably takes less power. In some cases it can get very confused and temporarily think you’re several miles from your actual location, but these tend to be intermittent glitches.
This is the same method for location finding that Apple used in the earlier versions of the iPhone. From my experience with a faux-GPS iPhone, I can say that the information is not consistently accurate, but taken over time it the data can give an observer a clear picture of someone’s movements. Were I a paranoid person, I might think that part of the reason why the phone isn’t using the phone’s GPS capability is because that might be easier for researchers to spot.
Developing sophisticated profiles of people’s movements is a concern we’ve covered in the past. Using even rough location information, the habits of the user do emerge. To illustrate this point, Allan and Warden have released a desktop app for OS X that shows users a glimpse of the information stored in their phone. Accessing the iPhone backups on the computer, the app draws a map of the data. The image above was created using their app and the location data from my iPhone. You can see that in the past year, I traveled from coast to coast, and spent extended periods of time in California and Seattle. Also, my frequent trips to visit Michigan are clearly visible. You can also discern that I spend most of my time in New York — I live there — and used to spend a lot of time in Virginia — I used to live there.
The apps’ creators point out that in an effort to prevent intrusion by unwanted third parties, their app only shows the rough location information and only in discrete chunks. So while this map may be creepy, the data that it is derived from is far, far more disturbing in its size and accuracy. To protect themselves, users can opt to use encrypted backups through iTunes.
In their story on the unfolding debacle, the Guardian quotes from the terms and conditions for iTunes, which should have raised red flags. This was apparently buried toward the end of the 15,200-word document.
Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services.
Frankly, as a long-time iPhone user, reading the EULA in this context was a slap in the face.
Eventually, Apple will have to offer an explanation for why their devices are keeping careful tabs on users. They owe it to their users who were unaware that the devices they trust to carry their personal data were transmitting so much information without their knowledge.
Update: Apple releases a Q&A explaining the situation.
