iPhone Tracking Is All A Big Mistake, Says Researcher

iPhone Tracking Is All A Big Mistake, Says Researcher

The iPhone tracking issue that’s causing a big privacy stink isn’t new and isn’t really tracking users, says an iOS forensics researcher.

It’s actually a data file that is used internally by the iPhone to do things like geo-tag photos, and it’s been in iOS for a long time (in a different form).

What’s new is a nifty extraction tool called iPhoneTracker that pulls the data off your hard drive and makes a striking map out of it. iPhoneTracker was released this week at O’Reilly’s Where 2.0 conference, causing a huge outcry about privacy and prompting U.S. Senator Al Franken to write to Steve Jobs.

In addition, the file has become more accessible than it used to be because it’s now used by third-party apps that require location data.

“It is not secret, malicious, or hidden,” writes Alex Levinson, an iOS forensics researcher.

iPhone Tracking Is All A Big Mistake, Says Researcher

iOS forensics expert Alex Levinson

Levinson is a senior engineer for Katana Forensics, which publishes Lantern, an iOS forensic application.

According to Levinson, the offending file, consolidated.db, is a database of radio logs that includes geolocational data.

The file used to be known as h-cells.plist, and was hidden away from users and applications inside the inaccessible Library folder (Levinson said he used to access this file forensically for police looking for location evidence).

But when Apple added multitasking to iOS 4 last year, this file was made accessible to third-party apps to operate in the background. It moved out of the hard-to-access Library folder and became part of iOS’s Multitasking and Background Location Services.

“Because of these new APIs and the sandbox design of 3rd party applications, Apple had to move access to this data,” Levinson writes.

He notes that on the iPhone or 3G iPad, users still have full control of their location data. They are able to turn location on and off for individual apps using the Settings menu on their device. “That does not stop the generation of these logs, however, it simply prevents applications from utilizing the APIs to access the data.”

Levinson, notes that Apple isn’t collecting the data. It sits on the user’s machine in a file that is still pretty inaccessible. He’s checked with networking sniffing tools — the data goes nowhere.

It is still unclear, however, why the iPhone stores so much data and never expires it. In many cases, users are able to access almost a year’s worth of data stretching all the way back to the date when iOS 4 was installed on their device.

Via Scobelizer and Parth Dhebar.

  • Brett Coombs

    Original reporting probably released by crappysoft.

  • Chenalive

    Well now, there ya go..

  • CharliK

    Nope. More like two software geeks that wanted some free press. Their next step was likely to release some kind of scrubber app that would block the recording of said info. At the low low price of $20. Course you’ll have to jailbreak your phone to use it cause they are going o bother trying for Apple approval on it. Never mind that jail breaking opens up all kinds of security holes that most users don’t bother to correct

  • Il

    Wow! The head in sand act is AMAZING.

  • Mallard

    What kind of idiot editing approves a phrase like ‘pretty inaccessible’? Like, you can find it on Tuesday 11:30PM, but not Sunday? If something is accessible ever, at all, it is accessible. Period. This is like saying ‘she isn’t really all that pregnant.’

  • jon shipman

    Well only accessible to jailbreakers.

    That would define ‘pretty inaccessible’ quite well.

  • ChicagoRay

    Can’t put the toothpaste back in the tube ……see what happens when people look to make themselves a name by speaking to reporters about things they aren’t fully versed about like this one did.

  • Lorelei Mission

    Fact remains the data is never deleted, and is accessible by anybody who handles your phone, which means your parents/spouse/whoever can process that data to find out where you’ve been and invade your privacy. Articles should continue to warn people, instead of articles like this that bleat “nothing to see here, move along, pay no attention to this travesty…”

  • Jonny Smiles

    wow, people that think this is nothing really have got their heads way up their bleeps. Im tired of people saying, if you have nothing to hide them what are you afraid of, thats the same kinda of creeping loss od freedom that allowed germany to become the place it was during ww2. and i dont say this as some kinda anti gvmt nut, i have 12 yrs active duty, some of that in areas this touch on and the amount of control the government seeks to have over the people is scary and grows every day. granted this wasnt the gvmt but with the way the gvmt nd pvt industry is funding each other and bailing each other out every other day, how long till someone asks someone to scratch their back cuz they had theirs?

  • Tr

    It is a big mistake. It was a big mistake for Apple to cause files to be created on the iPhone, and on the computer that the iPhone sync’s with, that shows the entire gps history of the phone, whether or not location services is enabled, without including a description of it in the documentation. The fact that there is no way for the end user to prevent this information from being created, is a mistake. Sorry, cult of mac, but that is a creepy, creepy mistake. It is not a mistake to raise awareness of this, so that all iPhone users know that their phone and computer will show anyone with access (including police, as admitted in this article,) everywhere they’ve been, and when, with a relatively useable level of detail and accuracy.

  • jen

    The phone specifically says “such and such an app wants to use your current location” and you can choose “allow” or not. It’s done that for ages. So obviously it had a way to KNOW the location. Personally, i don’t go anywhere that I would worry about anyone knowing…

  • Adrian Sanabria

    We don’t really care if it is new, who gets credit for first noticing it, blah blah. The point is that it IS a big privacy issue, especially given that apps can potentially get access to it, and the file is now more widely publicized. The opportunity for this data to be misused is ripe.

  • George

    Whew, that was close…ALMOST got the iPhone a few days ago. I was leaning strongly toward either the iPhone or the Droid Pro. Decided against any smart phone because of the additional 30 buck per month data charge. I really don’t want anybody getting hold of my phone and tracking where I’ve been. They may claim it’s inaccessible but somebody found it so how “inaccessible” is it?

  • Haggis for all.

    As if your parents or spouse would be able to get to the file let alone use it..

  • Carl Levinson

    http://alexlevinson.wordpress….
    Alex’s MAIN blog post has had 50,000 visitors in just 12 hours.

    http://alexlevinson.com
    Alex’s personal website.

    He’s 21 yrs old, published a book, and IEEE paper – and has turned down jobs at Facebook, Apple, and the NSA (America’s top cybersecurity agency).

    Alex has researched very diligently – and is about America, democracy, and freedom.
    “Hard work, and earn truth with your own two arms.”

  • czvet

    … for crying out loud people …. grow up …. unless you are a terrorist … a CIA mole … or some other clandestine subject… or are having a wild affair …. get over it … everything is becoming traceable … every time you use a credit card or if you use a grocery discount card they know how much beer you buy and how often … and if attorneys had access it could be used in court for a DUI case…. you probably post more info about yourself on Facebook or in email … start worrying about the “freedoms” that are really being taken away …. and how…

  • Payme

    um no. the released app to clear the location db is free. and jail breaking does not make the phone more vulnerable. Ignorant users installing dubious software makes the iPone vulnerable from security holes in dubious software. And I’m a droid user becasue I dislike iTunes.

  • GH

    Holy shit, You’re so stupid!

  • FredC

    Get rid of your Eazy Pass…they can track you with that data too!

  • Bob077

    Only pay cash for EVERYTHING! Leave No credit trail!

  • Betty12tree

    Limbo is right…a huge plan to map where every American is at every minute. No freedom from the Dems either.

  • Me

    Apple is a large company, 99.999% of us do not merit even a faint blip on their radar so you can ratchet down the paranoia about a dozen notches. Seriously this is yet another tempest in a tea cup so can folks just calm the hell down now. Good lord no matter what your parents told you you are NOT THAT special so NO Apple has zero interest in spying on you.

  • Ilsnowboard

    Here’s the thing. If this file is of big concern don’t use the iphone for the apps. No one is saying you must download this particular app. Don’t do it. If the iphone is of concern in general don’t have a cell phone. That’s the thing in this country, everyone forgets about free choice. It is not mandatory to have a cell phone, it is not mandatory to have internet, it is not mandatory to have auto insurance, you don’t have to own car. In short, if you don’t like what the apps are doing don’t use them/download them.

  • czvet

    … gee someone with brains and common sense … who doesn’t need group-think or the government…. to tell him what to do …. many many more like you are needed these days …. unfortunately … there are not nearly enough

  • Obamistake

    Free choice…as long as The Obama allows us to have it.

  • czvet

    … hey people … someone else is awake out there … you …. my friend …. are singing my song ….

  • Ogvor

    It is not only accessible to Jailbroken iPhones (at least the file that gets saved to your computer). Anyone with an iOS4 iPhone can download the program, run it on the computer that that iPhone syncs with and see their map (unless they delete all their iPhone backups). The privacy issue comes from the fact that if someone steals your iPhone or computer, they can easily get this data (though you probably have a ton of other privacy issues to worry about at that point).

  • Anna@ Turtle trading

    Its a privacy issue, but also it can be used for something helpful in different circumstances. I don’t have an iPhone, but I know people who use it really love it.

  • Horseman

    the point is privacy… if you dont understand that, then perhaps you dont deserve it either

  • czvet

    … uh … well …. guess you didn’t read or comprehend what I wrote … so … I guess for that I must be the stupid one ….. so I’ll give up my privacy and you sir can give up credit cards … discount cards … putting your return address on envelopes … buying things online …. using any cellphone …. carrying a driver license … driving a car with a navigation and GPS guidance … and you can wear disguises while out in public so the cams don’t get you ….. or find a time machine to take you back about fifty years where you’ll be safe and far less paranoid … I think….

  • czvet

    …oh… two more things… have your finger prints removed and wear a rubber suit so no DNA gets out ….

  • czvet

    … we have drug cartels flowing across our southern border like chili peppers to a taco and people are all flustered about a cellphone app they don’t even have to use …. to all you sane, rational, common sense people out there… I say enjoy your iPhones …. to all the paranoid …. I say …. hope you’re not spending too much on shrinks … and be sure to carry lots of quarters for those pay-phones… as for me … I’m cutting this thread … I have enough junk flooding my inbox and way too much stuff for the spies at Google sort through….

  • R. Mansfiel

    I downloaded the app and looked at my locations. Pretty interesting except for the Las Vegas points I can’t explain to my wife. I’m curious–does anyone know how far back this data goes?

  • Pad-o

    The thing that really scares me about this is that if my phone ever gets stolen, the person who gets it will know where I live, where my kids go to school, and what my general patterns of movement are. I don’t have anything to hide from the police or government but thieves, rapists, and pedophiles should not have that information! Now that method to map this info is out there, anyone interested enough to steal an iPhone would probably be smart enough to jailbreak it and put the data on a map. Scarey stuff!!! Apple needs to give us a way to delete the history data – why the heck can’t they just collect it real-time only!

  • czvet

    … so if a thief steals your iPhone (kind of redundant sounding) they will use the info on it to victimize you…. ( Charlie Manson will get paroled and find your phone) ….uh … if a thief gains access to “anything” personal … like maybe a wallet or purse … with ID, credit cards, pictures, vehicle registration, keys etc…. it can be used …. also try looking in the rear view mirror… he/she may be following you around…. a sick mind is a sick mind with or with out the aid of a lost phone… and like one person commented … if you don’t like it don’t use it… turn it off … in fact don’t use any cell phone … don’t carry ID … ware a different disguise every day and change your name and address often… the media is causing more and more paranoia everyday… for one reason…. to control you… wake up..

  • Imaginativeone

    That is THE ESSENCE of PRISON. Having your movements restricted by a third party.

  • czvet

    … good grief …. now I have to wonder …. can people be such fools or is this an actual attack on Apple…. running the gamut from being called some sort of “gate” to making people feel like they are in “prison” …. I almost hope it is some sort of attack because if so many people are that ill informed and naive it really explains more about why the Nation and the world are such a mess…. and that in “ain’t gonna” get any better anytime soon…

About the author

Leander KahneyLeander Kahney is the editor and publisher of Cult of Mac. He is the NYT bestselling author of Jony Ive: The Genius Behind Apple's Greatest Products; Inside Steve’s Brain; Cult of Mac; and Cult of iPod. Leander has written for Wired, MacWeek, Scientific American, and The Guardian in London. Follow Leander on Twitter @lkahney and Facebook.

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in News, Top stories | Tagged: , , , , , , , , |