Two security researchers in the UK have uncovered a disturbing truth. It appears iPhone 4's everywhere have been tracking their users movements with startling accuracy (unbeknownst to the users) and what is more, the ease at which this information can be deciphered is apparently as easy to open as say, a JPEG.
To some this might not seem like so much of a problem, but invasion of privacy and secret data collection can be a serious issue. The seemingly undocumented tracking abilities appear to have started logging data since the iPhone 4's June 2010 update and haven't stopped since. The location tracking doesn't use GPS so allowing or disallowing your location services won't really make a difference. Instead the phone uses more traditional triangulation to pinpoint the phone's whereabouts. Although Apple don't really want to shout about it, some appear to have known about this for a while, mainly those in the computer forensics business, but still.
The innocuously named file in question - consolidated.db - records the phones location data, time stamping each log as it goes. Ever synced you iPhone to a PC or Mac? Of course you have and that means this file is there too, and as such, easy to locate and open up. Even restoring or pulling a backup to a new device will keep the logs going. Apparently the way in which the handset records data is unique to the iPhone, although carriers have been able to log location information for some time, as have the police. The data itself does not however transmit back to Apple so its use at this point in time is unclear.
Apple's stance on matter appears to be covered under their iTunes Terms and Conditions, simply stating, "Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services."
Scary stuff and for the conspiracy theorists among you and another step towards Big Brother watching over us all.
Source 1 • Source 2
To some this might not seem like so much of a problem, but invasion of privacy and secret data collection can be a serious issue. The seemingly undocumented tracking abilities appear to have started logging data since the iPhone 4's June 2010 update and haven't stopped since. The location tracking doesn't use GPS so allowing or disallowing your location services won't really make a difference. Instead the phone uses more traditional triangulation to pinpoint the phone's whereabouts. Although Apple don't really want to shout about it, some appear to have known about this for a while, mainly those in the computer forensics business, but still.
The innocuously named file in question - consolidated.db - records the phones location data, time stamping each log as it goes. Ever synced you iPhone to a PC or Mac? Of course you have and that means this file is there too, and as such, easy to locate and open up. Even restoring or pulling a backup to a new device will keep the logs going. Apparently the way in which the handset records data is unique to the iPhone, although carriers have been able to log location information for some time, as have the police. The data itself does not however transmit back to Apple so its use at this point in time is unclear.
Apple's stance on matter appears to be covered under their iTunes Terms and Conditions, simply stating, "Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services."
Scary stuff and for the conspiracy theorists among you and another step towards Big Brother watching over us all.
Source 1 • Source 2
No comments:
Post a Comment