+splashy Posted April 20, 2011 Share Posted April 20, 2011 (edited) Read this http://petewarden.github.com/iPhoneTracker/ It stores all your movements for about 1 year. Edited April 20, 2011 by splashy Quote Link to comment
+CacheFreakTim Posted April 20, 2011 Share Posted April 20, 2011 Ya I saw that. Its scary but at the same time not a big deal. The data is stored on your machine so unless someone breaks into your house I think you will be ok. I installed it on my machine and it does show everywhere I have been for the three years. It was interesting to go back and see all the places I Geocached in with my iPhone over the last year too Quote Link to comment
+Gushoneybun Posted April 21, 2011 Share Posted April 21, 2011 (edited) Ya I saw that. Its scary but at the same time not a big deal. The data is stored on your machine so unless someone breaks into your house I think you will be ok. I installed it on my machine and it does show everywhere I have been for the three years. It was interesting to go back and see all the places I Geocached in with my iPhone over the last year too According to the news here in the UK when you sync your iphone it uploads the data to Apple's website! I have no idea how many iphones are out there but I really doubt anyone at Apple will sift through all the data to find out where you have been. But then what do they do with it Edited April 21, 2011 by Gushoneybun Quote Link to comment
+user13371 Posted April 21, 2011 Share Posted April 21, 2011 (edited) Reality check -- are you terrified yet? I downloaded the example app and looked at my phone's stored data -- and can see that anyone with access to my phone or computer could tell at a glance that I live and work in Portland Oregon. With a little deeper analysis, that I live in the outer southeast and work downtown -- and go down to the coast sometimes. It doesn't look like the database could pinpoint my house, office, or where to get the best Ethiopian food in town -- but my contact list could tell you that. But you don't need to grab my phone to know that -- I just told you and it's a low-risk disclosure. Truth is, if you DID get your hands on my phone, computer, or even my wallet, you'd have access to a lot more useful (or damaging) stuff than just where I hang out. The only difference is that everybody KNOWS what kind of stuff we carry in our wallet and what to do if we lose it. It comes as a bit of a surprise to some folks what's in our cell phones, and not everyone knows how to protect it. Lose your wallet? Call the credit card companies and bank to freeze/or cancel the account numbers. Lose your phone? Locate or wipe it. Apart from a reminder that you have to protect their phone as closely as your wallet -- is this really a worry to anyone? Edited April 21, 2011 by Portland Cyclist Quote Link to comment
+northernpenguin Posted April 21, 2011 Share Posted April 21, 2011 (edited) Ya I saw that. Its scary but at the same time not a big deal. The data is stored on your machine so unless someone breaks into your house I think you will be ok. I installed it on my machine and it does show everywhere I have been for the three years. It was interesting to go back and see all the places I Geocached in with my iPhone over the last year too According to the news here in the UK when you sync your iphone it uploads the data to Apple's website! I have no idea how many iphones are out there but I really doubt anyone at Apple will sift through all the data to find out where you have been. But then what do they do with it I seriously doubt that. iTunes connects to Apple if you have it set to check for updates automatically: Edited April 21, 2011 by northernpenguin Quote Link to comment
+user13371 Posted April 21, 2011 Share Posted April 21, 2011 (edited) According to the news here in the UK when you sync your iphone it uploads the data to Apple's website! Nope. The article cited at the beginning of this thread deals with a data file that resides on the phone only, and gets backed up to any computer you sync with. Doesn't go anywhere else. As far as anyone can tell so far (cue sinister chuckle). EDIT: Correction -- your phone's location history gets uploaded to Apple twice a day. In an anonymized form -- that is, Apple know that "an iphone" was at specific locations and they use this to build a location database. Apple does NOT retain the specific device or user info. See also: http://www.f-secure.com/weblog/archives/00002145.html Edited April 22, 2011 by Portland Cyclist Quote Link to comment
+user13371 Posted April 21, 2011 Share Posted April 21, 2011 ...I installed it on my machine and it does show everywhere I have been for the three years... Really? The 'feature/bug/exploit' discussed in the linked article has only been around since iOS 4 was released in June. Quote Link to comment
+CacheFreakTim Posted April 21, 2011 Share Posted April 21, 2011 ...I installed it on my machine and it does show everywhere I have been for the three years... Really? The 'feature/bug/exploit' discussed in the linked article has only been around since iOS 4 was released in June. Your right. Now that I look again it goes back to mid last year. I saw it had me in Detroit and i assumed it was from a trip 3 years ago. Now that i look at it the date was more recent. I will say it did not start with the iPhone 4 because it has the data from when I still had my iPhone 3GS. Unless this changes it looks like the data is collected no matter what iPhone you use. Quote Link to comment
+user13371 Posted April 21, 2011 Share Posted April 21, 2011 (edited) I will say it did not start with the iPhone 4 because it has the data from when I still had my iPhone 3GS. Unless this changes it looks like the data is collected no matter what iPhone you use. Actually, it has ALWAYS collected (and backed up) this data, from day one. But prior to iOS version 4 released last June, older data was routinely cullled and it only kept a fairly short/recent history. There's some discussion in other tech blogs whether this is on purpose, or if someone Apple programmer just made a change that goofed up the code for purging old data. As for being able to see the data on your older model 3GS, this would happen if you have the newer iOS version on it. The issue is in the operating system, not the phone hardware. Edited April 22, 2011 by Portland Cyclist Quote Link to comment
+dakboy Posted April 21, 2011 Share Posted April 21, 2011 (edited) In addition to Portland Cyclist's on-the-ball observations: Your cell phone carrier knows where you are, within a few blocks, regardless of how "smart" or dumb your phone is. Whether it's an iPhone, the latest HTC Thunderbolt, a Crackberry, or the cheap 4-button phone you give your 8 year old with 4 emergency numbers pre-programmed into it. And they've had the ability to keep a log of those movements for at least a decade. People are worried about a little location data being stored on the phone? Your contact list is far more useful to someone with nefarious purposes than knowing where you were. If the software used to cull the data on a more regular basis, it's quite possible that someone simply flubbed the units while changing the interval to a slightly longer, but still reasonable duration. Edited April 21, 2011 by dakboy Quote Link to comment
+northernpenguin Posted April 21, 2011 Share Posted April 21, 2011 If you want the information removed, you can do that on a Jailbroken iPhone. TiPB reports it is simply a bug that will be fixed. Also, as the original article points out, you gave permission for Apple to do just that when you skimmed over the terms and conditions for your iPhone: Apple can legitimately claim that it has permission to collect the data: near the end of the 15,200-word terms and conditions for its iTunes program, used to synchronise with iPhones, iPods and iPads, is an 86-word paragraph about "location-based services". Quote Link to comment
+CacheFreakTim Posted April 21, 2011 Share Posted April 21, 2011 I cant image this is a bug. That might be the way Apple's PR department decides to spin it but I am thinking this was intentional. For what purpose? We may never know now. Quote Link to comment
+user13371 Posted April 22, 2011 Share Posted April 22, 2011 I can't image this is a bug. ... I am thinking this was intentional. Of course collecting the data is intentional. What's getting attention at the moment (and may indeed be a bug or oversight) is that it's in an unencrypted file that never gets purged. For what purpose? We may never know now. Apple makes no secret about how and why they collect the date. Good reading here: http://www.f-secure.com/weblog/archives/00002145.html Quote Link to comment
+Team Pwiiq Posted April 22, 2011 Share Posted April 22, 2011 Collecting is not a bug. Lack of a secure file could be a bug and expect to see this patched quickly. I do IT support and have already had a couple employees come up acting like the world is ending because Apple is tracking them! Most of the articles that are comming out about this are written to scare the public. People would rather read a story with drama than just that Apple gets anonymous information from your phone which you give it permission to when installing iTunes. With the ease of setting up the findmyiphone app if you lose your phone you can easily lock and wipe it. If you dont take the 5 minutes to set this up then its your own fault. Besides if I wanted to know where you lived there are a heck of a lot easier ways to find that out other than stealing your phone. Sometimes it takes nothing more than a Google search or a phone book. Quote Link to comment
+DanOCan Posted April 23, 2011 Share Posted April 23, 2011 My reaction was "Meh." Anyone who wants to know where I am can simply check my latest check-in on foursquare or can simply check the Social Media section of my website. It's like I told Mrs. DanOCan -- if someone gets physical access to my phone or my computer then the location data is the least of my worries. Quote Link to comment
+dakboy Posted April 23, 2011 Share Posted April 23, 2011 Anyone who wants to know where I am can simply check my latest check-in on foursquare or can simply check the Social Media section of my website. Difference is, those are places where you voluntarily post your location. This tracking isn't. But this tracking is less specific than you checking into Starbucks via FourSquare. Quote Link to comment
+user13371 Posted April 23, 2011 Share Posted April 23, 2011 (edited) Difference is, those are places where you voluntarily post your location. This tracking isn't. ... but this tracking is less specific ... To expand on that "less specific" point -- Apple's tracking is anonymized (at least they say it is). While the detailed data is certainly on your phone and backed up to your computer, what gets sent to Apple doesn't retain the device and user information. In other words, Apple says they're only collecting info like "An iPhone was at these locations, and here are the details about WiFi hotspots in relation to cellphone towers." That's useful for Apple to build their their location database; constantly polling millions of iPhones in use is a lot cheaper and better for them than paying Skyhook for a similar location service. It's also quite a bit different and less worrisome than transmitting specifics like "Lee's iPhone was at SW 3rd and Pine at 0700, and at SW 1st and Oak 15 minutes later." Of course, myriad other apps (like the Geocaching app) DO send device and user-specific data back and forth. iDevices would be a lot less useful without this! And as Dakboy points out, they're all voluntary, you opt-in to use them. And you can uninstall or shut them off in Location Services any time you want. Guess I just said the same thing as Dakboy, but with a lot more words. Dakboy, I commend you on your economy of style Edited April 23, 2011 by Portland Cyclist Quote Link to comment
+ecanderson Posted April 23, 2011 Share Posted April 23, 2011 Ready for that warrant or grand jury subpoena for your iPhone so that your whereabouts on December 14th, 2010 can be verified? That's the problem of tracking for unnecessarily long periods and not encrypting the data. My TomTom GPS tracks both location and speed information for purposes of acting as a "probe" for traffic info gathering and since it's a Live model, for live traffic information redistribution to users. But not only is the data anonymous, it's cleared after transmission, and is encrypted to boot. Best practice is understood in the industry, and Apple should have used the same methods. Quote Link to comment
+CacheFreakTim Posted April 24, 2011 Share Posted April 24, 2011 I think the difference is Tom Tom probably tells its users this up front. Also I think the main reason people are scared is because phones are much more personal. It has access to their address book, photos, email, phone numbers, passwords, etc, etc, etc.... Quote Link to comment
+northernpenguin Posted April 24, 2011 Share Posted April 24, 2011 Another link on the subject, with emphasis on the lack of accuracy of the data - there is a LOT of false locations in it. It updates Apple twice a day -- if you opted in to send anonymous usage data: http://caffeine.shugendo.org/2011/04/21/iphones-and-location-lets-not-get-hysterical/ Quote Link to comment
+user13371 Posted April 24, 2011 Share Posted April 24, 2011 (edited) Tom Tom probably tells its users this up front. So does Apple. It's just that nobody reads all of the fine print -- or even think about it too closely. GC.com knows exactly where you are when you query for nearby caches. The local transit company knows exactly where you are when you check nearby bus schedules. Every location-specific ad you get embedded in your web browser or other app knows where you are. And at deeper level most people don't really think about -- a lot of other iPhone location-aware magic works simply because Apple IS querying location data from millions of phones in use, updating their own location databases constantly. It's magic because it just works and you don't HAVE to think about it. On the one hand, the thing would be a lot less useful if it couldn't do all that. But on the other hand -- someone frames it as a privacy issue and suddenly a bunch of folks blink and go "Huh?! My phone is telling Apple &c where I am? How dare they!" This sort of trade off has been obvious -- for decades -- to anyone who really thought about it. John Brunner envisioned it in 1975 (Shockwave Rider). Among other things, he foretold people suffering breakdowns from worrying about how much "the net" knew about them and that someone else might gain unfair advantage from it. You have zero privacy anyway. Get over it. Edited April 24, 2011 by Portland Cyclist Quote Link to comment
+ecanderson Posted April 24, 2011 Share Posted April 24, 2011 I think the difference is Tom Tom probably tells its users this up front. Also I think the main reason people are scared is because phones are much more personal. It has access to their address book, photos, email, phone numbers, passwords, etc, etc, etc.... Actually, TomTom doesn't say what exactly they're collecting nor how it will be used, only that it will be collected anonymously. However, if you dig deeper, it is then you find that they are good enough to not only encrypt the data, but delete it from your unit after transmission. As I say, if Apple had been swift enough to have done those things, people might be far less concerned. As it is, you might as well carry a GPS tracker on your person. Until recently, the average Joe would have had no clue that he was carrying around a tracklog that could be obtained either legally or illegally if another party could get access to his phone. That's NOT the case with TomTom, so there's no comparison. Whether the fine print explains it at all well for either company (and it doesn't in either case), at least TomTom takes some care with the tracking data stored on its users devices. Apple does not. Quote Link to comment
+user13371 Posted April 24, 2011 Share Posted April 24, 2011 (edited) You're unfairly singling out Apple here. If anyone (police or bad guys) gets their hands on your smartphone or your personal computer, you are pwned. Doesn't matter what make or model the device is. That's neither a defense of Apple nor a criticism of any other manufacture -- it's just a fact of life. Even though Apple should do more to protect data security (as in, consolidated.db should be encrypted by default), the reality is that no matter how secure you think a device is, there are forensic tools that'll open it up. True of every consumer device available now and I don't expect that to ever change. Consumer devices are not built to military specs and you couldn't afford them if they were. Edited April 24, 2011 by Portland Cyclist Quote Link to comment
+northernpenguin Posted April 24, 2011 Share Posted April 24, 2011 The physical access point is moot to most people I this forum. Complaining about your smartphone keeping your location history, while saving your Garmin tracklogs to the same computer .... And if you use a Colorado, Oregon or 62 series - it has been recording everywhere it went in /Garmin/GPX/Archived - unencrypted! Quote Link to comment
+user13371 Posted April 24, 2011 Share Posted April 24, 2011 100% correct Greg. Shoot, we don't even need your GPS or your phone, a prolific cacher like you leaves trails online of where you've been. Likewise for the less prolific cachers like me. And Geocaching is a pretty weak tracking tool compared to many other social networks and online communities. I suppose if you were a hermit named John Smith living completely "off the grid," you might be untraceable. Good luck with that. Quote Link to comment
+dakboy Posted April 24, 2011 Share Posted April 24, 2011 Ready for that warrant or grand jury subpoena for your iPhone so that your whereabouts on December 14th, 2010 can be verified? That's the problem of tracking for unnecessarily long periods and not encrypting the data.Wouldn't they need a password to access that, and isn't witholding passwords protected by the 5th Amendment? Quote Link to comment
+kunarion Posted April 24, 2011 Share Posted April 24, 2011 (edited) Your cell phone carrier knows where you are, within a few blocks, regardless of how "smart" or dumb your phone is. Whether it's an iPhone, the latest HTC Thunderbolt, a Crackberry, or the cheap 4-button phone you give your 8 year old And that location data's likely stored by the cell phone carrier. If it's not a Federal requirement to save that info, which it probably is (for *ahem* "patriotic" purposes), it's at least kept for resolving billing disputes. At least with iphone, maybe you can see what the phone company sees. Edited April 24, 2011 by kunarion Quote Link to comment
+user13371 Posted April 24, 2011 Share Posted April 24, 2011 (edited) Wouldn't they need a password to access that, and isn't witholding passwords protected by the 5th Amendment? A password is about as secure as the cylinder lock on the front door of your house. It just slows down folks who weren't serious about breaking in anyhow. Someone wants in, they'll find a way in. See Cellebrite for example. As far as ECAnderson's dire warning that someday the police might get a warrant to sniff your phone and computer -- that's already been happening for years. And lately the ACLU is upset that Michigan State Police have got been using such Data Extraction Devices with questionable lack of regard for due process. Edited April 24, 2011 by Portland Cyclist Quote Link to comment
+user13371 Posted April 27, 2011 Share Posted April 27, 2011 (edited) At last Apple has something to say on the subject: http://www.apple.com/pr/library/2011/04/27location_qa.html Believe them? And if so, do these explanations satisfy your curiosity and concern? Edited April 27, 2011 by Portland Cyclist Quote Link to comment
+CacheFreakTim Posted April 27, 2011 Share Posted April 27, 2011 At last Apple has something to say on the subject: http://www.apple.com/pr/library/2011/04/27location_qa.html Believe them? And if so, do these explanations satisfy your curiosity and concern? It sounds reasonable to me. The only thing that came off like BS is where they said it was a bug causing it to hold a year of data instead of 7 days. This is on par for what I expected Apple to say about the issue. It looks as if an update will be put out to fix this "bug" so it seems this will not be as big of a deal as what everyone is making it out to be. Quote Link to comment
+A & J Tooling Posted April 27, 2011 Share Posted April 27, 2011 Wait to you find out that everything you say on your cellphone is recorded....oopps! Quote Link to comment
+ecanderson Posted April 27, 2011 Share Posted April 27, 2011 As far as ECAnderson's dire warning that someday the police might get a warrant to sniff your phone and computer -- that's already been happening for years. It wasn't a warning that it might happen someday - it was a warning that there's no reason to think it can't happen to you. I read the news. My warning is that we now know of yet another source of data that shouldn't be available to anyone but the owner. And your statement that all consumer electronics can be cracked... if an SSL layer encryption can be cracked (within anything close to a reasonable length of time), then yes, the data on a recent model TomTom can be gathered before it is transmitted. Let me know which LEO has the computer to crack that, will you? Yes, they're using SSL to communicate with the units now, on top of encrypting the data on the unit (something they've done on previous models as well). As I say, TomTom seems to have got it right. Apple has not. Not too complicated. Quote Link to comment
+ecanderson Posted April 27, 2011 Share Posted April 27, 2011 At last Apple has something to say on the subject: http://www.apple.com...ocation_qa.html Believe them? And if so, do these explanations satisfy your curiosity and concern? Whether I believe their rationale is irrelevant. It's action, not intent, that's important here. The content being held on the unit in unencrypted form is relevant. It seems that they are acknowledging only that the excessive retention period of the log data needs to be corrected. Well, that's a half-arsed attempt to solve the problem, but still isn't state-of-the-art by any means. Quote Link to comment
+splashy Posted April 27, 2011 Author Share Posted April 27, 2011 It's important to KNOW what really happens to your given data. In my opinion it's a bit childish to say "I've nothing to hide", well they make you sooner or later. The collected user data from Tom Tom to avoid traffic jams is used (sold) to a thirdparty, who is selling it to police, so they know where to setup a traffic/radar trap. CEO of Tom Tom was not aware of this and is trying to stop this. Quote Link to comment
+user13371 Posted April 27, 2011 Share Posted April 27, 2011 (edited) ...The content being held on the unit in unencrypted form is relevant. It seems that they are acknowledging only that the excessive retention period of the log data needs to be corrected..... You must have stopped reading the release a paragrah a few bullet points too soon; Apple does plan to address both the retention time (minor update coming soon) as well as encrypting it on the device (next major release). I have no crystal ball but I'd guess the next major iOS release between June and September, the rumored time frame for the next iPhone hardware release. As far as it not being encrypted originally, I suppose Apple figured requiring root access would be enough of a protection against casual access. But encrypted or not, if you lose your phone -- to the police or the bad guys -- I think the contents of this database are the least of your worries. Edited April 27, 2011 by Portland Cyclist Quote Link to comment
+CacheFreakTim Posted April 27, 2011 Share Posted April 27, 2011 As far as it not being encrypted originally, I suppose Apple figured requiring root access would be enough of a protection against casual access. But encrypted or not, if you lose your phone -- to the police or the bad guys -- I think the contents of this database are the least of your worries. That is a very good point. If someone can get close enough to me to steal my phone or my computer I have bigger problems then them finding out where I drive. I also think it would be funny if someone lost their phone and used the data to find out where I live and deliver it back to me. Quote Link to comment
+northernpenguin Posted April 27, 2011 Share Posted April 27, 2011 Apple is about to launch a traffic service. The data transmitted to Apple most likely powers the traffic reports, just as Google powers their real-time traffic with location data from opted in mobiles and Latitude. Quote Link to comment
+user13371 Posted April 27, 2011 Share Posted April 27, 2011 I also think it would be funny if someone lost their phone and used the data to find out where I live and deliver it back to me. The wallpaper on my lock screen reads "If found, please call ###-###-####" with my Google Voice number displayed. I can also use Find my iPhone / Mobile Me to locate the phone, send a message to the lock screen, or wipe it. So in my case, the only way your funny scenario could play out is if someone got it back to me before I noticed it was missing Quote Link to comment
+user13371 Posted April 28, 2011 Share Posted April 28, 2011 (edited) ...the collected user data from Tom Tom to avoid traffic jams is used (sold) to a thirdparty, who is selling it to police, so they know where to setup a traffic/radar trap. Y'know, I see no problem with that at all. The data TomTom was selling to third parties was not specific user or device information nor related to tracking any private activity -- it was bulk data about traffic patterns. Completely fair game for the police to use that (or any other public or commercial data source) to figure out where to step up speed enforcement activity. Of course, I also think it's completely fair for motorists to download crowd-sourced updates about where the speed traps are, too. Edited April 28, 2011 by Portland Cyclist Quote Link to comment
+CacheFreakTim Posted April 28, 2011 Share Posted April 28, 2011 Steve Jobs & friends have officially spoken out in a phone interview about the iphone location issue. Check it out here at the all things d site Quote Link to comment
+northernpenguin Posted May 4, 2011 Share Posted May 4, 2011 iOS 4.3.3 is out now, and fixes the location database bugs: The update contains changes to the iOS crowd-sourced location database cache including: Reduces the size of the cache No longer backs the cache up to iTunes Deletes the cache entirely when Location Services is turned off You may now return your Tin Hats to storage. Unless you own a PlayStation 3. Quote Link to comment
+TL&MinBHIL Posted May 5, 2011 Share Posted May 5, 2011 I downloaded one of the programs today that allows you to see the stored data on a Windows PC (the first one that came out was for a Mac). There's really not too much to be worried about. Apple had said that it uses cell towers & WiFi hotspots when collecting this data and that it could actually use a tower that's 100 miles from you. I see this to be quite true because the map of my "locations" shows places that I was nowhere near. It even showed that I was in places today 20-30 miles from home when in fact I had never left the house. It was merely bouncing off cell towers. So people shouldn't worry too much about this being pinpoint accurate. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.