Wednesday, April 20, 2011

iPhone Tracks Your Every Move, and There’s a Map for That

iPhone Tracks Your Every Move, and There’s a Map for That: "

An unencrypted file stored in iPhones and iPads constantly records a user's location data. An open source application was used to plot the location data from an iPhone belonging to a Wired.com reporter.


Your iPhone or 3G-equipped iPad has been secretly recording your location for the past 10 months.


Wired.com can confirm that fact: The screengrab above shows a map containing drop pins of everywhere yours truly has been in the past year.


Software hackers Peter Warden and Alasdair Allen discovered an unencrypted file inside Apple’s iOS 4 software, storing a long list of locations accompanied with time stamps. The file is labeled “consolidated.db.”


“Ever since iOS 4 arrived, your device has been storing a long list of locations and time stamps,” Warden and Allen wrote. “We’re not sure why Apple is gathering this data, but it’s clearly intentional, as the database is being restored across backups, and even device migrations.”


Warden is providing an open source program “iPhone Tracker” for iPhone and 3G iPad customers to output their location file into an interactive map, like the one above, so they can see for themselves. All you have to do is plug in your iDevice through USB and run Warden’s application. The software requires OS X 10.6 (Snow Leopard).


The iPhoneTracker application features a sliding bar for users to see where they were in specific times of the year.


Apple did not immediately respond to a request for a comment. Apple has not previously disclosed that iPhones and iPads are constantly tracking and storing user location.


The discovery is the latest in a series of alarming incidents that serve as cautionary tales about privacy in the always-connected mobile era.


Recently, German politican and privacy advocate Malte Spitz sued his phone carrier Deutsche Telekom to get every piece of information it had about him. The carrier delivered to him a gigantic file containing 35,000 data points of his location for six months. Later, a German publication plotted Spitz’s data onto an interactive map.


This iPhone and iPad privacy leak is eerily similar, and creepier, considering that Apple has sold over 100 million iPhones and 15 million iPads.


The location data stored inside “consolidated.db” cannot be accessed by Safari or any apps, said Charlie Miller, a security researcher known for discovering vulnerabilities in the iPhone. However, the data file is sensitive because a thief who gains physical access to an iPhone or iPad could look at the file and see everywhere a customer has been, or a hacker could remotely break in and read the file, Miller said.


Sharon Nissim, consumer privacy counsel of the Electronic Privacy Information Center, said it is possible Apple is violating the Wireless Communications and Public Safety Act, which allows telecom carriers to provide call information only in emergency situations.


“By asking for permission to collect location data, Apple may be trying to get around its legal obligations, by asking people to give up privacy rights they don’t even know they have,” Nissim said.


She added that a potential privacy concern is that law enforcement would be able to subpoena these types of records from people’s iPhones or iPads.

"

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...