« Portal 2 twice as fun as the original | Main | Careful what you tweet, post on Facebook on election night »

04/21/2011

Your iPhone 4 and iPad are tracking your every move.

iPhone and 3G-enabled iPad users beware: your device is tracking your every move, and keeps a record of where you are, all the time, in a file that it stores unencrypted on the device, and on your computer.


042011-iphonetracker News of the secret file, stored as 'consolidated.db' on your iPhone 4, hit the blogosphere this week, although forensics experts have been discussing it for far longer. The phone gathers information on your whereabouts, storing latitude and longitude co-ordinates, linked to timestamps, along with cellphone tower IDs. The data points have been collected in this file since the launch of iOS version 4, which means that your phone could contain almost ten months of data on your movements. On average, it is collecting 100 points each day. On top of that, it is also collecting information on the WiFi networks that the phones connect to.

The data gets backed up to your computer when you synchronise it, and it also survives across multiple devices when you restore backups on new iPhones.

The researchers that discovered the data produced an application called iPhoneTracker, which reads the consolidated.db file and plots the information on a map. For many, it will be an interesting record of their own movements over the past few months. 

The question is, is anyone else going to use that information? Researchers say that there is no evidence that the data is being sent out of the user's custody, back to some secretive, shady location somewhere. The data is most likely used for developers wanting to use the information for their own apps. However, there are two caveats here. 

Firstly, the data is backed up, unencrypted, on your computer. If your machine is stolen, (as happened to me last December), or it gets hacked, then someone else will have access to that machine. Mobile telcos already store your cell ID data anyway, meaning that they can track you, but you'd need a court order to get at that information. You can see an example of the data that mobile telcos collect here. However, this file is out there in the clear.

Secondly, there are interesting reports of mysterious data uploads from iOS4 devices in the early hours of the morning. I'm not directly drawing a connection, but it does make me wonder. If anyone figures out a way to sniff what data iPhones seem to be routinely sending across 3G networks at 2am, it'd make interesting reading.

Simply by using the phone, you are giving Apple the right to do this. In a letter to US congress outlining its privacy policy, it explains that it updated the privacy agreement - the thing that you automatically say yes to by clicking 'Agree' on when you use Apple products - to give it the right to use your location data:

Privacyjpg

Whether or not the file reaches Apple or not, it is playing fast and loose with your location data, which while may not contain information that personally identifies you, is nevertheless stored on your phone, and your personal computer. Yet another reason, then, to treat Apple with suspicion. I use an iPhone 4. My next phone won't be an iPhone 5.

If you want to kill the file, you'll have to jailbreak your phone

Danny Bradbury, MSN Tech & Gadgets

 

TrackBack

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.

advertisement

Danny BradburyDanny Bradbury

Danny Bradbury is a technology journalist with 20 years' experience. He writes regularly for publications including the Guardian, the Financial Times, the Financial Post, and Backbone magazine. Danny also writes and directs documentaries.

Maurice CachoMaurice Cacho

Maurice Cacho is a Toronto-based journalist mixing his love for tech with a passion for news. He's also CP24's Web Journalist and appears daily on CP24 Breakfast and weekly on the channel's tech show, Webnation, discussing tech news and trends.

FACEBOOK
HP on FACEBOOK