Sign in / up

back to article iPhones secretly track 'scary amount' of your movements

Apple's iPhone and iPad constantly track users' physical location and store the data in unencrypted files that can be read by anyone with physical access to the device, computer researchers said. The file, which is stored on both the iOS device and any computers that store backups of its data, can be used to reconstruct a …

COMMENTS

House rules Send corrections
This topic is closed for new posts.

Page:

    1. John Smith 19 Gold badge
      Reply Icon
      Happy

      @JohnG

      "It might be interesting to replace the location data in the file concerned with some made up locations and see if the flavour of any advertising changes."

      Nice.

      But to avoid unfortunate mishaps due to accidentally re-locating yourself near some sort of criminal event make sure the rows are reporting your locations are physically *impossible* to move between in the time.

      1 0
      1. JohnG
        Reply Icon

        @John Smith 19

        "... re-locating yourself near some sort of criminal event..."

        Yes - and if this file were modified by some malicious third party who had gained access to someone's phone, the ramifications could be really severe.

        1 0
  2. 7mark7

    HaHa ...

    ... Jeremy Clarkson has been carrying his very own speeding detector.

    Does plod know about this?

    1 0
  3. Phil the Geek

    Your favourite phone hackers

    The gutter press will LOVE this - allegedly... Imagine if you somehow obtained the location databases of a bunch of celebs, sports people and politicians. Then you do a bit of SQLing to find the location/time correlations. If they have a regular schedule, your photographers are there waiting the next time they meet. Conclusion: don't carry an iThingy if you're in the public eye!

    1 0
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Doesn't work

      Because there's not way of figuring out regular schedules from this information. You get one entry per cell tower, that's it. No historical data.

      1 3
    2. opaque
      Reply Icon

      Yes but...

      If you somehow obtained it you'd probably get arrested as you could have only got it from the phone or computer and that would have meant accessing it illegally.

      You're right but having that information would be proof of illegal activities.

      0 0

  4. This post has been deleted by its author

  5. Anonymous Coward
    Anonymous Coward

    MAC addresses

    Hardly exciting, my phone of nearly a year only has 669 distinct timestamps for those. Hardly tracking every second of my life...

    Still it has something similar to Google's Street View cars Wifi grabbing potential.

    At least now I can access some of that data for my own devious purposes, and it's not locked away in some server for Google's elitists to play.

    1 1
    1. amanfromearth
      Reply Icon

      Keep at it mate

      But your efforts are wasted once these commentards get an idea...

      1 1
  6. Anonymous Coward
    Thumb Down

    How many laws does this break in the UK?

    Cyber Stalking for one.

    Also, since this intrusive functionality was part of an EULA and not presented prior to the contract for the purchase of the phone being signed, then it does not form part of the contract and that opens up a can of worms as well.

    2 0
    1. Anonymous Coward
      Reply Icon
      Happy

      @ AC 06:04

      Apparently it's in the Ts & Cs punters sign when they scribble their monicker on the dotted. I know some folks get terribly excited about all this, like they were up to anything interesting that they'd want kept private, but most phones have some way of identifying a user's position, even if only loosely. If one has broadly agreed to this kind of data collection it's probably not breaking any laws at all.

      1 2
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        bs

        Just because its in ts & cs doesn't make it legal. What on earth makes people believe this crap?

        1 1
        1. Anonymous Coward
          Reply Icon
          Anonymous Coward

          Libertarian Bullshit

          seems to be a common feature of contracts these days. The law doesn't matter, because it's in the contract. I've recently watched a company turning a blind eye to a breach of its own T&Cs for about a year, and only reacting when it became apparent that the perpetrator was very likely a computer criminal, who, on his release from prison, pretty quickly started a new fraud through them.

          You can't trust anyone these days. Nobody seems willing to enforce the law, and companies only seem to enforce their contracts when they might be the ones being hurt.

          2 0
  7. bazza Silver badge

    A couple of different view points

    I have a couple of slightly different view points:

    1) Apple must surely know that people might not want their location at all times to be logged. Sure, there may be a benefit (better battery life, smaller mobile data bill or whatever) for users with the phone doing this. But from a PR point of view surely it would be better to tell the users what's going on under the hood, maybe having an option to stop it, etc.

    2) With Apple having servers that dish up the information on request in the first place there is an interesting consequence for the network operators. The networks are traditionally shy about the exact locations of all their cell stations. A network armed with the locations of a rival's cell stations can work out all sorts of things about their rival's network capacity, operating overhead, etc. etc. That counts as priceless commercial information allowing them to accurately undercut the rival..

    So what's to stop Vodafone (for example) buying O2 iPhones and using them to get a complete map of O2's cell network and thereby deriving performance information for O2's entire cell network? Or have the network operators accepted that their competitors know everything about their networks costs and performances?

    And we do need a popcorn icon.

    2 0
  8. Anonymous Coward
    Anonymous Coward

    You guys don't get it...

    ... it's just an automated blog system! Except in better, as whoever (e.g. burglar or hitmen who wants to know your "away from home" habits) accesses it will find something interesting they actually want to know (so as opposed to most blogs).

    Also, I don't know what's all the fuss about, I have absolutely no problems whatsoever with any of Apple products: I don't have any of them.

    2 1
  9. Danny 14
    Joke

    so?

    Just write an application to pollute the database as you go along.

    Oh wait, you cant as it wont be let into the marketplace.

    Never mind then.

    2 0
  10. Anonymous Coward
    Badgers

    Truth

    Whilst this data may look like something, it really is nothing.. its just a way to bloat the phone in a gradual manner such that in a year or two the device is slower than it was they day you bought it.

    hence you buy another. Its just 'good business'.

    A very large number of devices do this kind of inane logging including PC's.

    2 0
  11. Anonymous Coward
    Anonymous Coward

    Is there an app for that?

    Maybe someone could write something for the (expletive deleted)phone - or maybe a PC with the downloaded data files like this http://www.theregister.co.uk/2011/03/30/cell_tracking/

    0 0
  12. Anonymous Coward
    FAIL

    Really?

    I definitely not a member of the Stevie-boy's-biatches club, but second-by-second tracking? Get real.

    Assuming 4 bytes for INTEGER and FLOAT data types, that would be 1.5GB per year (365*24*60*60*52/1024/1024/1024) - excluding the primary key index.

    Don't some of those devices only have like 4GB?

    1 0
  13. Will Godfrey Silver badge
    Happy

    No Problem

    An old fashion tobacco tin is a complete solution.

    0 0
  14. D. Suse
    Jobs Horns

    Wallet location tool

    This is no big deal to Apple...their users are just wallets/purses to be emptied by Apple (& friend$).

    1 0
  15. Daniel Bower
    Jobs Horns

    Anyone read the user agreement?..

    According to Apple's EULA they have the right to track your location and to share this information with third parties.

    That IMHO puts a slightly different slant on why perhaps this data is being stored.

    I'm not a paranoid type, I know that if the cops or MI5 (I wish) or even a half decent PI wanted to track me they could but I do find it a little disturbing that EULA's have this kind of stuff written in them and the consumer has no recourse to remove or amend them - Accept or don't buy the product.

    2 0
  16. Ashley Flynn
    Jobs Horns

    But...

    If you one of those evil people who jailbreaked there iDevice, there was a fix relesed in under 24 hours

    http://www.9to5mac.com/62952/jailbreak-utility-blocks-ios-from-recording-iphones-location-data/

    1 0
  17. Anonymous Coward
    Jobs Horns

    +++ath0

    How much are Apple paying you or has the RDF done a really good job melting your brain?

    Or maybe you are MichaelC in disguise?

    2 2
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      LOL

      I wish Apple would pay me something for putting up with all the nonsense in this thread. They don't however.

      I just enjoy doing my research - it's actually fun to understand why things are they way they are you know - and not just spouting the old rubbish of others.

      3 0
    2. Anonymous Coward
      Reply Icon
      FAIL

      Why don't you use your name?

      To post an accusation like that you moron...

      Looking at the posts he has made he does indeed come across as fanboi number 1, but on this occasion I think you will find it is with good reason. He is correct, look at the data for yourself, it is not as accurate as the researches are making out. Or certainly not in my case.

      1 0

      1. This post has been deleted by its author

        1. Anonymous Coward
          Reply Icon
          Anonymous Coward

          The moron bit wasn't aimed at you...

          but the AC...

          0 0
  18. Select * From Handle
    Thumb Up

    Makes me laugh

    "The researchers were quick to point out that there is no evidence Apple or anyone else has accessed the information"

    This just means apple have done a good job not getting caught....

    2 0
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Really smart

      So you really think if Apple would want to hide this they would store a cache file in your own device, as opposed to just using those convenient wireless connections to send it back to their servers and not leave any trace?

      0 0
    2. s. pam Silver badge
      Reply Icon
      Grenade

      But SONY surely got caught

      and Apple's no different and deserves to be summarily fucked over this!

      1 0
      1. Ilgaz
        Reply Icon

        Sony music had some real bad luck

        They got busted almost instantly (good for them!) because World's most advanced NT kernel hacker (now at ms) turned out to be fan of poor band that got cd rootkit.

        Now imagine, one guy at top 10 league, millions of albums and still a fan of buying audio cds.

        0 0
  19. John 62
    Jobs Horns

    how accurate?

    often my phone thinks I'm several miles from where I actually am.

    0 0
  20. opaque

    I don't have a problem with the information being gathered

    as we all know this is a legal requirement on the case of the networks, and I can see why many elements of the iphone app's and services need the information, not least for the ability to use the phone and wifi.

    I can see how legacy information might be useful so it is left on the phone (although more likely that it takes up so little space it doesn't matter).

    For me it's more the matter that it is available on the pc you sych to.

    And also the fact that the app to look at it is Mac only! I want to see where I've been!

    0 1
    1. Anonymous Coward
      Reply Icon
      Thumb Down

      aaarghhh - you cannot be serious!!

      so many faults in your post.

      1) the network stores your tower ID and any calls. it does not triangulate nor does it log WiFi MAC addresses.

      2) running applications might want to use the data, maybe to suggest the nearest polo-neck experience. They do not need storage for the last x years.

      3) the phone does not need any of this stuff to "work"- it needs to talk to the mast but has no need to log the ID nor even store it temporarily, outside of the 3G stack itself.

      4) similarly the WiFi MAC address, yes it is needed to connect, yes it needs to be stored if there is a password to remember, but not if no connection is attempted.

      5) "so little space it does not matter" - that is SO not an argument. Murderers kill so few people...

      1 0
  21. John Smith 19 Gold badge
    Jobs Horns

    "Legitimate"* reasons to record this information

    1) Apple want to know where you are so they (or their "partners") can supply targeted advertising.

    2) Bloat up the memory so you need to replace/upgrade faster than if this "feature" were disabled (can it *be* disabled?). A time honoured MS tactic.

    3)Enable the offering of a "people tracking" service to "authorised" customers that offers them useful information from day 1 rather than waiting for the suspect (because clearly you are doing *something* suspicious by someones yardstick) to do something interesting.

    I was originally going to ask "why?" but there are plenty of reasons why. It's just that, had I bought one of these things, *none* of them are reasons that help *me*.

    *As in legitimate ways to get more money out of our customers that is.

    1 0
  22. Dave Bell

    And also this report from Michigan

    It seems that none of these phones are secure.

    See this URL, and note that the situation dates back to 2008.

    http://www.thenewspaper.com/news/34/3458.asp

    The device that is being used is claimed, by the manufacturer, to be able to access all the data on your phone, bypassing the password protection.

    0 0
  23. Ilgaz

    Nobody can fix it

    The owner community of the device already started to apologize for Apple. The owners themselves.

    So, really don't even bother to comment about it. It is like trying to argue with some cult. Pointless...

    2 0
  24. Richard Fletcher
    Alert

    Not quite true

    On my iphone 3g I extracted the raw data and found there were only data points collected once every 5 days or so. Which is rare enough for it to be caused by user interaction....

    More here for those interested.

    https://github.com/petewarden/iPhoneTracker/issues/16

    0 0
  25. s. pam Silver badge
    Flame

    iPhorm iApple iAm

    Your worst fucking nightmare, if you thought the gubmnt should have done something about Phorm and didn't do enough, who's gonna fucking fry Apple over this.

    Only way around it is to encrypt your backups kids, otherwise, your back passage i wide open

    1 0
  26. Anonymous Coward
    Anonymous Coward

    Well...

    I've had a look at my phone using the tool that was published on the blog (link from the article) and all I can see is a nice grid showing me the cell towers in the vicinity that my phone was in. I don't see any specific locations, my house isn't even on there, just a bunch of pins showing masts in the area.

    Not too bothered about it having looked for myself at the data, I think this has been rather blown out of proportion. Take a look for yourselves and you will see. Maybe your data is more concerning but no problems with mine.

    0 0
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Also looked...

      Using the SQL tools and still no issue.

      0 0
  27. Anonymous Coward
    FAIL

    This is not a new revelation

    Please spend a few minutes reading:

    https://alexlevinson.wordpress.com/2011/04/21/3-major-issues-with-the-latest-iphone-tracking-discovery/

    which shows this has been known about for a long time, already researched and published (even in a book on iOS security), and Apple is NOT collecting the data.

    2 0
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Finally

      Finally some sensible comments and truly useful information!

      Thanks a lot AC, I've been trying to point this out to people all along this thread but apparently most of their brains go numb as soon as they hear the word Apple.

      And people say Apple has an RDF field... it seems that field is in fact on the other side of the court...

      1 0
      1. Ilgaz
        Reply Icon

        As Apple desktop user myself

        It became really hard to defend Apple because of their rude, sometimes swearing cult like fanatics. Apple is being driven to very bad decisions because they are listening to their noise. Some flaw like this, happened to any company except Apple could drive the CEO or very high level staff "retire" because they have healthy people who critize their bad actions.

        anyway, blame fanatics.

        0 0
        1. Anonymous Coward
          Reply Icon
          Anonymous Coward

          Ohh let's see @llgaz

          Do you mean like when Google captured and stored actual network traffic using their spy cars?

          Or maybe when Microsoft admitted Windows Genuine Advantage phones home?

          to name just a couple of examples.

          What "high level staff" did retire then?

          Keep living in your dream world.

          0 0
  28. Anonymous Coward
    Anonymous Coward

    It's funny

    Seeing all the really nasty crap that goes on which people don't complain much about eg:

    * Pandora radio transmitting real location of users

    * Online tracking such as the Facebook like button or that done by ad networks (remember the recent "do no track" option in some browsers?)

    etc..

    people choose to pick on a harmless little file that only caches the cell phone masts the phone has seen, used for the phone's own location services to work.

    The police can get a lot more than what's in that file just by calling up the mobile company.

    Don't want to risk other people finding out which cell towers you may have hanged around? Just check "encrypt backup" in iTunes. There's a lot more valuable information in your phone than this if it fell into the wrong hands.

    0 1

    1. This post has been deleted by its author

  29. yossarianuk
    Linux

    To avoid the sync'ing with your computer bit..

    You can use Linux...

    0 0
  30. Steve Davies

    Not the sharpest tool in the box

    "I've had a look at my phone using the tool that was published on the blog (link from the article) "and all I can see is a nice grid showing me the cell towers in the vicinity that my phone was in. I don't see any specific locations, my house isn't even on there, just a bunch of pins showing masts in the area."

    Err, that package has been neutered so there will be less detail..

    "The researchers have released open-source software that makes the entire process a snap. It also plots the information to a map that shows the movements of the user. While the locations are stored down to the second, the researchers said, their software intentionally reduces the time to weekly increments to make the data less useful to snoops."

    Has anyone here given it a full analysis that stands up.

    0 1

Page:

This topic is closed for new posts.

Other stories you might like