British security researchers have figured out that iPhones keep track of where their owners go, saving data to the device and uploading it to a user's computer when the phone is synced with iTunes. The data includes the phone's latitude and longitude and is timestamped to the second, all of which is recorded in a hidden file--which is very much not secure.
This could theoretically be useful for anyone interested in knowing where an iPhone owner spends his or her time — advertisers, employers, spouses, parents.
"Apple have made it possible for anyone from a jealous spouse to a private investigator to get a detailed picture of your movements," according to researcher Pete Warden.
To be clear, such a snoop would need access to your phone or computer and a way to extract and refine the data. It is not sent to Apple nor any third parties, as far as the researchers can tell — it's just stored on an individual user's devices. But it is apparently not very difficult to extract the location data from a user's computer.
Warden and Alasdair Allan say they tried to find similar location tracking code on Android phones, but could not find anything. "We haven't come across any instances of other phone manufacturers doing this," Warden tells the Guardian.
Given Google's penchant for location tracking and mapping, the alarm is perhaps surprising — Google's "Latitude" app lets users see their friends on a map, for instance. But Latitude requires that users actively choose to track their location information; in this case, the user is unaware of the data collection. The Guardian reports that Apple did not comment on why the file was created or whether it could be disabled. If you upgrade to a new phone, the file is transferred to that next-generation device, which the researchers say means the data collection is not accidental.
Warden — who has previously worked for Apple — and Allan created their own app that finds the hidden file among the stored backup files on a Mac and turns it into a map. If you don't care to visualize your travels, Warden explains how to find the file on his website.
The researchers believe the location data is obtained by triangulating the phone's position against the closest cell phone towers, which uses less battery power than GPS. It also explains why some of the data is incorrect, as triangulation is much less precise than GPS. But the data is still alarmingly accurate, tracking your history as an iPhone owner through the months and years. Forgot that you took that trip to Boston last summer? Your iPhone didn't.
It's not clear how this information would be used, but there are several possible explanations, including targeted mobile advertising, synchronization for location-based networks like FourSquare, understanding commuter habits, and so on.
Allan found the file while the pair were working on how to visualize mobile data, having already collaborated on other data-visualization projects including a radiation map for Japan. At first the researchers weren't sure what it was, Warden explains on his website.
"After we dug further and visualized the extracted data, it became clear that there was a scary amount of detail on our movements," he writes.
There is no real way to disable this logging at the moment, though you can encrypt your data to make it harder to read once it's synced to your computer. This is a big enough problem that we expect Apple will respond at some point, so we'll keep you updated if and when that happens.
Big Brother is watching
- Darth Lithicus
I knew Apple was evil. I knew it! I will not be a Lemming and get an iPod, iPhone, iPad like the rest of the world.
I really, really hope this brings a heap of negative press and attention crashing down on Apple.
... Unfortunately, I get a sense that iOS users have already decided to value convenience over freedom, and doubt this will have much impact on their market share. With luck, though, the media will do what they does best: sensationalize, maybe even enough to spook the otherwise complacent masses.
They exercise this power to screw with the sense of well-being of the public so often, it'd be a shame for them to miss this opportunity to use it appropriately.
im glad I've never been a fan of apple. they are really sneaky. as for the idiots that spend so much money on ipads and other crap they deserve to get tracked lol. next thing you know they will say that they do it to track terrorist movements.
great, the machines have taken a head start...
Its kinda like browsing history on your pc but on your iphone and were you go to....well, it is the information age
No way criminals would use this information to determine when I'm not home so they know the best time to break in and steal everything. That would never make any sense. At all.
to Shudder bot
you are an idiot, who cares? I CARE!!
I hate apple and have a vendetta against them anyway but still this is unacceptable some of you may be law abiding citizens that never question what the goverment tells you but I am not and I do not always listen to the Rules, and I will most certanly not be letting just anyone know exactly where i have been and where I went with my phone.
if your ever in a rebellion against your goverment because it is corrupt, you will need to communicate, being tracked will not help you
So I see the Apple haters orgy has already kicked off. The article states that the information is only loaded to the users computer and not to a 3rd party. Should Apple remove it? Yes. Or at least give us a way to disable it. But if any of you think your normal non smart phone isn't tracking your every movement already you are very wrong. This program on the iPhone just makes it easier to see and analyze the data. But you know, hater gonna hate.
I'm an idiot? Phones have had location services for years, and now it's all Apple's fault? You hate Apple? Big deal, Don't Buy Their Products.
The fact that the file is transfered when you get a new phone scares me because it clearly says it is an intentional feature.
They say they couldn't find if it was sending out the info anywhere, but if it sent that info while the software was updating (who updates while they work?) then they would never see it, and you'd assume the upload was something to do with the update.
Hopefully this shows some iLemmings that Apple are not the saviours from 'corruption' that they thought it was. Now all that Apple products have over the competition is the shiny silver casing and the elitist factor (oh, you spent double what I did for the same hardware? You must be important/rich).
Apple products have better support, that in itself is worth twice the price (not that that's realistic), because it sucks to buy something and not get decent support for it.
the file is transferred to that next-generation device so wouldnt that mean that it would be sent to a third party ?
And *this* is why I use open-source. = P No bloody "secret features."
Honestly, who cares if it tracks where you are? Ok, giant revolution occurs, government cracks down blah blah blah...throw away the dang phone, not very complex. Also for anyone that thinks Apple customers are "sheep" I mean give me a break, they are functioning stylish products that integrate with one another very seamlessly and award winning support so you don't even really need to figure it out on your own. I for one am glad say a Surgeon calls for some help rather than spend their day tinkering with a range of products that all look and work differently when they should be learning more about surgery. Oh and the fact that you need to state "look at me, I don't like Apple or buy their products because I am different than everybody else," well your not, cheaper yes, you are cheaper than other people, but other than that you are just publicly stroking your own ego to try and tell yourself your special. You are not, neither am I, technology makes the world better, location tracking of everything is an inevitability, deal with it.