It's a non issue for me. I have nothing to hide and there's nothing I do that I need to be paranoid about someone finding out.
I don't want to pick on you in particular, because you seem like one of the non-obnoxious commenters here, but that's a standard privacy comment that's universally not true. Just because you're not doing anything "bad", doesn't mean that you're willing to share everything will everyone. A simple example: to take you at your word ("I have nothing to hide"), please post your full name (including full middle name), your address, your social security #, and your birthdate. I trust you won't do that, and I won't blame you for having to backtrack on your statement above.
So with the mutual understanding that you DO have things to hide, i.e. you don't want out in plain sight, instead the real issue is to decide where the lines should be drawn. You might be the most law-abiding citizen around (as I am, no joke), but do you want a web cam running in your bedroom 24/7? Probably not, and it has nothing to do with having anything to hide, it's just basic privacy. As is letting someone monitor your physical location 24/7, without providing any legal protections over that data.
Yes, Apple may (we hope) be a "good guy" right now, and they probably aren't doing anything nefarious with this information, but there's nothing more than a Privacy Policy between your data and other parties. That privacy policy can be amended at any time, and how many people are going to (be able to!) just stop using their phones? And who's to say any other smart phone will be any better?
Sadly, a bunch of you are making ignorant comments comparing this to E-911 compliance. Not.The.Same. Telcos are required to make location data available in real-time upon request, but they have LEGAL restrictions as to the use and release of location data. Apple, Google and the other manufacturers and service providers have no such restrictions. You're just hoping they're going to play nicely -- and that they will continue to play nicely in the future. The fact that the devices can autonomously gather and send this data back to someone other than the telco is a relatively new phenomenon, and the laws need to be updated to reflect what the original intent was when the E-911 laws went into effect, i.e. your location data is private unless you make the explicit choice to share it.
Not at all. The data in "consolidated.db" is not sent to Apple, whereas that document is talking about how Apple uses data sent to it.
My original comment had been "This doesn't relate...."
But I figured there'll be some overlap in a database showing wifi and cell tower locations and GPS data, and the system which gets location data from Apple and uploads data to Apple.
The controversy is really their reason for not deleting that information once sent to Apple. So congress is asking "why are you keeping it, what does it contain". Fair enough.
Hey, you edited while I was trying to quote you! :-)
Your original comment said something that I wanted to expand on just a bit.
People throw around the word "anonymous" pretty freely these days, but just because a hunk of data doesn't explicitly have your name on it does NOT mean it's anonymous! This has been proven time and time again, but people don't seem to learn.
Everyone listen up: if data is being sent from YOUR phone to Apple, then THEY absolutely know who the data is from. Or at least they know which device it's from, so they might not know if it's you, or your spouse, or your kids, but they know where that data came from. So from the start you need to trust that Apple is doing the right thing and not pulling UIDs around with that data. Parts of the Markey document reply from Apple seems to indicate that they (at least say they) do remove that data in some cases, which is good. But:
1) Unless the laws change, Apple can change their mind at any time about that. Sadly, Steve isn't going to be CEO forever, and money talks.
2) It's been shown that location data alone can very often be correlated to individuals, sometimes based on little more than commute patterns.
It's obvious that some of you don't care if your location data is completely public. That's fine, I don't begrudge you anything at all. Share away. Just don't expect any sympathy when bad things happen (http://pleaserobme.com), etc., and DO NOT EXPECT EVERYONE ELSE TO SHARE YOUR CAVALIER AND INJUDICIOUS ATTITUDE!
Hey, you edited while I was trying to quote you! :-)
Yeah, I realised what I said about anonymity wasn't clear enough, and left open something (which you've discussed).
Quote:
It's obvious that some of you don't care if your location data is completely public. That's fine, I don't begrudge you anything at all. Share away. Just don't expect any sympathy when bad things happen
I actually think Apple will be having a new social service showing where you are (with opt out options). A lot of people want that and value that. As long as I can restrict who sees me I'd be happy with that.
Last week my wife had a baby and we use HeyTell to transmit the first cry to both our families. When people voice-messaged back it showed where they all were on the map (for those with GPS activated). Very powerful app but also quite intrusive into that kind of information - for those who care about it.
If you take a look at the link nvidea2008 provided, http://petewarden.github.com/iPhoneTracker/ you'll see they're saying the file does track your location. It's not tracking cell towers and the granularity they show in the video seems to be within a block or two, not the mile or two, 45 miles, or half a continent away others have said.
And again, the claim that Apple discloses this usage is someone's guess on what's going on and their interpretation of a dialog box. And it's a guess that make no sense what so ever as the data isn't sent to Apple but the dialog box talks about sending data to Apple.
The point to me posting this isn't to try to pick argument with you, but to point out the people who should be describing Apples policies and practices is Apple, not random guys on the net.
If you take a look at the video, "Washington DC to New York via Amtrak," on that site, it seems clear that the locations saved in the file are not the location of the phone itself... since it would require the phone to be in multiple locations at once.
I assume they're cell tower and wi-fi locations, but that's of course just a guess.
It also seems fairly clear from what I've seen of posted Apple user agreements and previous statements to congress that their policy is to collect location information if the user elects to and not to otherwise. I haven't seen any indication that they are doing otherwise, but it wouldn't hurt for them to reiterate that.
I'm not sure why the iPhone would collect the data even when the user opts out (assuming it does)... possibly in case the user changes their mind at some point and decides to opt back in. In which case the data is already there. Or it might just be lazy programming.
If the iPhone did actually accurately record your location at regular intervals, that'd be pretty cool... you could track runs, biking, hiking, etc. Apple should give the user a nice UI to access the data and control it. Heck, I might even buy an iPhone then...
Note: The data is anonymized. It is NOT transmitted if you opt-out.
That is actually a very good article on how Apple locates your position so well in WiFi-only iPads... Something I always assumed was just done through Skyhook, but it's Apple's own location database that is probably doing most of the grunt work matching everyone's GPS data with scans of WiFi signals.
For example here in South-East Asia I don't reckon Skyhook can give the granularity of location pinpointing that I see on WiFi iPads.
Turns out Apple may be relying much less on Skyhook than we ever imagined.
That is actually a very good article on how Apple locates your position so well in WiFi-only iPads... Something I always assumed was just done through Skyhook, but it's Apple's own location database that is probably doing most of the grunt work matching everyone's GPS data with scans of WiFi signals.
For example here in South-East Asia I don't reckon Skyhook can give the granularity of location pinpointing that I see on WiFi iPads.
Turns out Apple may be relying much less on Skyhook than we ever imagined.
Yeah, I was pretty amazed at that... I initially had some buyers remorse after getting an iPad without GPS, but the wi-fi location is pretty darn good. It varies over time at my house (or maybe it's my exact location within the house)... sometimes it might be a half block off, but usually it's within 50ft or so.
If the iPhone did actually accurately record your location at regular intervals, that'd be pretty cool... you could track runs, biking, hiking, etc. Apple should give the user a nice UI to access the data and control it. Heck, I might even buy an iPhone then...
There are inexpensive apps that do exactly what you're talking about. (Maybe even free ones, but not something I'm personally interested in, so I'm not following that closely). So go buy your iPhone!
The key is that these apps are 100% opt-in. If YOU want to have your iPhone track your location and send that back to whatever servers, great. But gathering, storing and transmitting that data with no (reasonable) way to access, delete, opt-out, etc., is appalling and unnecessary.
There are inexpensive apps that do exactly what you're talking about. (Maybe even free ones, but not something I'm personally interested in, so I'm not following that closely). So go buy your iPhone!
The key is that these apps are 100% opt-in. If YOU want to have your iPhone track your location and send that back to whatever servers, great. But gathering, storing and transmitting that data with no (reasonable) way to access, delete, opt-out, etc., is appalling and unnecessary.
Heh, cool that there are apps for that... immediately after I wrote my post I realized that since the GPS data is available, there probably were third party apps that could save it, send it, etc.
If Apple were doing all that you list, then that would give one pause for thought. I haven't seen anything to suggest they are, but that doesn't mean they are not... they are not providing a reasonable way to access and delete what appears to be cell tower and wi-fi location data on your iPhone, which I could see as being annoying to some... doesn't really upset me.
...I really think everyone should be aware of what information is both on your computer (backups) and on your iPhone.
I searched here on AI first to see if anyone else has linked to this video here at YouTube. No conspiracy theories, just a plain old security conference video from ShmooCon.
The video is old and references the 3gs and shortly after the iPhone4 was released. It is STILL very relevant to the information that can be obtained within "30 seconds(!)" (direct quote) of obtaining a non-password protected iDevice, and/or access to your Mac/MBP that you sync to.
These are forensic experts, however any kid or bad guy could easily within a few hours of NEVER cracking anything, get a mountain of info about you. At the very least, they could hijack your identity and make damaging posts to Twitter, Facebook, etc.; use your email address to send spam or Malware/Trojan infected mails; post or mail sensitive pictures of yours, or anything (child porn) to Flickr, Picassa, etc. under your name and address.
Some pretty scary stuff for the "I have nothing to hide" crowd to deal with after the fact if your MB or iDevice is stolen, dontcha think?
And you guys are worried about "location services"?
BTW: I'm a huge Apple fan. See my assorted posts. I am not picking on Apple. The researcher (who battled through heroically with a cold I might add), at the outset mentioned that this is not unique to Apple, it's just her area of expertise.
After seeing the vid... I think anyone with sense, will and should, check that little box to "encrypt your back-ups" from now on.
I guess I still disagree with your interpretation. I think you have to read C.1.a in its entirety to see the restrictions, which I think do prevent transmission if location services are off:
First, when a customer requests current location information, the device encrypts and transmits Cell Tower and Wi-Fi Access Point Information and the device's GPS coordinates (if available) over a secure Wi-Fi Internet connection to Apple.
Second, to help Apple update and maintain its database with known location information, Apple may also collect and transmit Cell Tower and Wi-Fi Access Point Information automatically. With one exception Apple automatically collects this information only (1) if the device's location-based service capabilities are toggled to "On" and (2) the customer uses an application requiring location-based information.
The exception referred to is:
For GPS-enabled devices with location-based service capabilities toggled to "On," Apple automatically collects Wi-Fi Access Point Information and GPS coordinates when a device is searching for a cellular network, such as when the device is first turned on or trying to re-establish a dropped connection. The device searches for nearby Wi-Fi access points for approximately thirty seconds. The device collects anonymous Wi-Fi Access Point Information for those that it can "see." This information and the GPS coordinates are stored (or "batched") on the device and added to the information sent to Apple. None of the information transmitted to Apple is associated with a particular user or device.
Except it's already been shown that it does this when location services are turned off. Therefor, what I said is correct, and reading Apple's response does show that.
Again, this is just speculation on the part of the folks who wrote that article. It's not a policy statement from Apple. And it's speculation that, on the face of it, does't make a lot of sense. Why would Apple be collecting that information in consolidated.db if consolidated.db is not sent to Apple? They can't build a database from data they never receive.
It was a policy statement from Apple, as you would have seen if you carefully read the response Apple sent Congress, that I posted. They make it clear that it is anonymous. As we can see from Apple's statement today, this isn't what you insist it is.
Wow. Pretty damn cool, actually. But certainly frightening for some people. I think the issue that Apple has to address, and soon, is why it keeps this data on a permanent-cache basis and why it does it continually rather than on-demand by certain apps or what not.
The other point it raises is that it is able to pull location data even when many apps and the Maps app says "location cannot be determined". I suppose there is a filter on these apps that determine the accuracy of the location and decides how valid the location is. What is interesting and concerning is that this location is tracked regularly behind-the-scenes.
Fascinating indeed. Now to log on to Cydia and zap the file. (untrackerd by Ryan Petrich)
I'm sorry it's being shortened. It's very helpful information, as it enables my iPad GPs app to locAte in a few seconds, and to allow it to begin while driving.
There is SO much bad information in here it isn't even funny.
The data collected is stored on the phone and synchronized through iTunes to your computer.
The file on the computer can be encrypted, but it is not by default.
The file on the phone is inaccessible to regular apps, but totally accessible to apps that have been installed on jailbroken phones.
The logging of data on the phone cannot be turned off, even if Location Services are disabled.
The log file on the phone cannot be reset or deleted.
The current file format (unencrypted plain text) is new with iOS 4.x, but the iPhone has been doing this in the last several major releases.
If a phone is jailbroken, the data file can be obtained remotely via SSH.
If a phone is lost or stolen, a quick jailbreak can make the file accessible to anyone.
Apple stated last year that they collect location information, but this can be turned off by disabling Location Services. This does NOT apply in this situation.
If you replace your phone, prior location information is copied to the new phone, creating a log going back much longer than you have had the replacement phone.
Apple has made no comment on this issue.
This has nothing whatsoever to do with the FCC mandate that callers to 911 must be triangulated.
The phone does not need a huge log of everywhere you have been, along with when, to locate your location quickly. This can be done much more easily with a much simpler data format.
The utility you can download that shows you your historical location information intentionally obfuscates and reduces the accuracy of location information. The author states this on the home page. If this is used to come to the determination that the recorded location isn't accurate enough to mean anything, this is just wrong. The information recorded is good enough for E911.
Android location tracking is disclosed when you setup the device (or application), and it can be disabled.
The iOS devices are the only ones that keep a running log of location.
Personally, I wouldn't want someone to be able to track my location remotely. Through a jailbreak hack, or even a known security exploit of the phone, it is entirely possible that someone could target an iPhone owner remotely and download the data. Also, for those running computers infected with malware such as spyware, trojan, or bot, it would be very easy for someone to grab this information.
When you start to take things like the safety of your family into consideration, this is pretty bad stuff. I don't have anything to hide, but I certainly don't want an anonymous stranger being given access to my historical location information, let alone my current location.
Apple needs to turn this off, or at least give end users a way of doing so themselves.
You are really overdoing it. This isn't a tracking file. While police have attempted to use it in court, they haven't been successful, because some of the info is so far from where the basic track is that it's useless for that purpose. And the track isn't very close to your route anyway. In most cases, the info in the file is only telling within hundreds of yards of where you've been, and it could be a hundred miles. It doesn't have your current location either.
Folks, this isn't Tv or the movies, where they find out exactly where you are from these files. They'd be lucky to know which town you were in most of the time.
If you take a look at the link nvidea2008 provided, http://petewarden.github.com/iPhoneTracker/ you'll see they're saying the file does track your location. It's not tracking cell towers and the granularity they show in the video seems to be within a block or two, not the mile or two, 45 miles, or half a continent away others have said.
And again, the claim that Apple discloses this usage is someone's guess on what's going on and their interpretation of a dialog box. And it's a guess that make no sense what so ever as the data isn't sent to Apple but the dialog box talks about sending data to Apple.
The point to me posting this isn't to try to pick argument with you, but to point out the people who should be describing Apples policies and practices is Apple, not random guys on the net.
It's just random if it has you within a block or two of where you are. The problem with that is that it's so often only coming within a few miles means that any other data is suspect, as it isn't actually tracking you, but rather the towers that are within certain limits, which may, or may not actually be on your path.
Because of that, using this to track people is useless, and hasn't been allowed in court so far.
At any rate, as we can see today, Apple has explained it very well, and will be eliminating most of it and encrypting the rest.
I don't want to pick on you in particular, because you seem like one of the non-obnoxious commenters here, but that's a standard privacy comment that's universally not true. Just because you're not doing anything "bad", doesn't mean that you're willing to share everything will everyone. A simple example: to take you at your word ("I have nothing to hide"), please post your full name (including full middle name), your address, your social security #, and your birthdate. I trust you won't do that, and I won't blame you for having to backtrack on your statement above.
So with the mutual understanding that you DO have things to hide, i.e. you don't want out in plain sight, instead the real issue is to decide where the lines should be drawn. You might be the most law-abiding citizen around (as I am, no joke), but do you want a web cam running in your bedroom 24/7? Probably not, and it has nothing to do with having anything to hide, it's just basic privacy. As is letting someone monitor your physical location 24/7, without providing any legal protections over that data.
Yes, Apple may (we hope) be a "good guy" right now, and they probably aren't doing anything nefarious with this information, but there's nothing more than a Privacy Policy between your data and other parties. That privacy policy can be amended at any time, and how many people are going to (be able to!) just stop using their phones? And who's to say any other smart phone will be any better?
Sadly, a bunch of you are making ignorant comments comparing this to E-911 compliance. Not.The.Same. Telcos are required to make location data available in real-time upon request, but they have LEGAL restrictions as to the use and release of location data. Apple, Google and the other manufacturers and service providers have no such restrictions. You're just hoping they're going to play nicely -- and that they will continue to play nicely in the future. The fact that the devices can autonomously gather and send this data back to someone other than the telco is a relatively new phenomenon, and the laws need to be updated to reflect what the original intent was when the E-911 laws went into effect, i.e. your location data is private unless you make the explicit choice to share it.
Understand something. The only right, and expectation we have of privacy is in first class mail, and our home. Nowhere else. We don't have an expectation of it when in public.
I'm not saying that if some entity is deliberately tracking us so that they know exactly where we are at all times, it would be good, or ok. I'm not. But once outside, it can be difficult to hide where we've been. Get gas for your car. Use a credit card or ATM card. Make a phone call from just about anywhere, use some automatic payment toll card for highways, or any of a multitude of things, and they can find you.
If you want to be entirely off the system, it's difficult these days, and getting more difficult. If this is people's biggest worry, then they are too paranoid. As has been said many times, this doesn't know where you were or are. It's just a generalized area.
If you take a look at the video, "Washington DC to New York via Amtrak," on that site, it seems clear that the locations saved in the file are not the location of the phone itself... since it would require the phone to be in multiple locations at once.
I assume they're cell tower and wi-fi locations, but that's of course just a guess.
It also seems fairly clear from what I've seen of posted Apple user agreements and previous statements to congress that their policy is to collect location information if the user elects to and not to otherwise. I haven't seen any indication that they are doing otherwise, but it wouldn't hurt for them to reiterate that.
I'm not sure why the iPhone would collect the data even when the user opts out (assuming it does)... possibly in case the user changes their mind at some point and decides to opt back in. In which case the data is already there. Or it might just be lazy programming.
If the iPhone did actually accurately record your location at regular intervals, that'd be pretty cool... you could track runs, biking, hiking, etc. Apple should give the user a nice UI to access the data and control it. Heck, I might even buy an iPhone then...
There are apps for that purpose.
By the way, every GPS unit for the car, and for other personal use captures the route info, and stores it for later use. So unless people deliberately delete it, which they don't, for obvious reasons, then that data could be used as well, and it's very accurate. What's worse, if you program routes in, that you might want for the future, but haven't actually used, it's in there as well, just as though you had been there, and you can't prove, by that data, that you hadn't.
Comments
It's a non issue for me. I have nothing to hide and there's nothing I do that I need to be paranoid about someone finding out.
I don't want to pick on you in particular, because you seem like one of the non-obnoxious commenters here, but that's a standard privacy comment that's universally not true. Just because you're not doing anything "bad", doesn't mean that you're willing to share everything will everyone. A simple example: to take you at your word ("I have nothing to hide"), please post your full name (including full middle name), your address, your social security #, and your birthdate. I trust you won't do that, and I won't blame you for having to backtrack on your statement above.
So with the mutual understanding that you DO have things to hide, i.e. you don't want out in plain sight, instead the real issue is to decide where the lines should be drawn. You might be the most law-abiding citizen around (as I am, no joke), but do you want a web cam running in your bedroom 24/7? Probably not, and it has nothing to do with having anything to hide, it's just basic privacy. As is letting someone monitor your physical location 24/7, without providing any legal protections over that data.
Yes, Apple may (we hope) be a "good guy" right now, and they probably aren't doing anything nefarious with this information, but there's nothing more than a Privacy Policy between your data and other parties. That privacy policy can be amended at any time, and how many people are going to (be able to!) just stop using their phones? And who's to say any other smart phone will be any better?
Sadly, a bunch of you are making ignorant comments comparing this to E-911 compliance. Not.The.Same. Telcos are required to make location data available in real-time upon request, but they have LEGAL restrictions as to the use and release of location data. Apple, Google and the other manufacturers and service providers have no such restrictions. You're just hoping they're going to play nicely -- and that they will continue to play nicely in the future. The fact that the devices can autonomously gather and send this data back to someone other than the telco is a relatively new phenomenon, and the laws need to be updated to reflect what the original intent was when the E-911 laws went into effect, i.e. your location data is private unless you make the explicit choice to share it.
I wonder how much this relates to the current controversy.
Not at all. The data in "consolidated.db" is not sent to Apple, whereas that document is talking about how Apple uses data sent to it.
Not at all. The data in "consolidated.db" is not sent to Apple, whereas that document is talking about how Apple uses data sent to it.
My original comment had been "This doesn't relate...."
But I figured there'll be some overlap in a database showing wifi and cell tower locations and GPS data, and the system which gets location data from Apple and uploads data to Apple.
The controversy is really their reason for not deleting that information once sent to Apple. So congress is asking "why are you keeping it, what does it contain". Fair enough.
text that got edited!
Hey, you edited while I was trying to quote you! :-)
Your original comment said something that I wanted to expand on just a bit.
People throw around the word "anonymous" pretty freely these days, but just because a hunk of data doesn't explicitly have your name on it does NOT mean it's anonymous! This has been proven time and time again, but people don't seem to learn.
Everyone listen up: if data is being sent from YOUR phone to Apple, then THEY absolutely know who the data is from. Or at least they know which device it's from, so they might not know if it's you, or your spouse, or your kids, but they know where that data came from. So from the start you need to trust that Apple is doing the right thing and not pulling UIDs around with that data. Parts of the Markey document reply from Apple seems to indicate that they (at least say they) do remove that data in some cases, which is good. But:
1) Unless the laws change, Apple can change their mind at any time about that. Sadly, Steve isn't going to be CEO forever, and money talks.
2) It's been shown that location data alone can very often be correlated to individuals, sometimes based on little more than commute patterns.
It's obvious that some of you don't care if your location data is completely public. That's fine, I don't begrudge you anything at all. Share away. Just don't expect any sympathy when bad things happen (http://pleaserobme.com), etc., and DO NOT EXPECT EVERYONE ELSE TO SHARE YOUR CAVALIER AND INJUDICIOUS ATTITUDE!
Hey, you edited while I was trying to quote you! :-)
Yeah, I realised what I said about anonymity wasn't clear enough, and left open something (which you've discussed).
It's obvious that some of you don't care if your location data is completely public. That's fine, I don't begrudge you anything at all. Share away. Just don't expect any sympathy when bad things happen
I actually think Apple will be having a new social service showing where you are (with opt out options). A lot of people want that and value that. As long as I can restrict who sees me I'd be happy with that.
Last week my wife had a baby and we use HeyTell to transmit the first cry to both our families. When people voice-messaged back it showed where they all were on the map (for those with GPS activated). Very powerful app but also quite intrusive into that kind of information - for those who care about it.
If you take a look at the link nvidea2008 provided, http://petewarden.github.com/iPhoneTracker/ you'll see they're saying the file does track your location. It's not tracking cell towers and the granularity they show in the video seems to be within a block or two, not the mile or two, 45 miles, or half a continent away others have said.
And again, the claim that Apple discloses this usage is someone's guess on what's going on and their interpretation of a dialog box. And it's a guess that make no sense what so ever as the data isn't sent to Apple but the dialog box talks about sending data to Apple.
The point to me posting this isn't to try to pick argument with you, but to point out the people who should be describing Apples policies and practices is Apple, not random guys on the net.
If you take a look at the video, "Washington DC to New York via Amtrak," on that site, it seems clear that the locations saved in the file are not the location of the phone itself... since it would require the phone to be in multiple locations at once.
I assume they're cell tower and wi-fi locations, but that's of course just a guess.
It also seems fairly clear from what I've seen of posted Apple user agreements and previous statements to congress that their policy is to collect location information if the user elects to and not to otherwise. I haven't seen any indication that they are doing otherwise, but it wouldn't hurt for them to reiterate that.
I'm not sure why the iPhone would collect the data even when the user opts out (assuming it does)... possibly in case the user changes their mind at some point and decides to opt back in. In which case the data is already there. Or it might just be lazy programming.
If the iPhone did actually accurately record your location at regular intervals, that'd be pretty cool... you could track runs, biking, hiking, etc. Apple should give the user a nice UI to access the data and control it. Heck, I might even buy an iPhone then...
http://www.f-secure.com/weblog/archives/00002145.html
Note: The data is anonymized. It is NOT transmitted if you opt-out.
That is actually a very good article on how Apple locates your position so well in WiFi-only iPads... Something I always assumed was just done through Skyhook, but it's Apple's own location database that is probably doing most of the grunt work matching everyone's GPS data with scans of WiFi signals.
For example here in South-East Asia I don't reckon Skyhook can give the granularity of location pinpointing that I see on WiFi iPads.
Turns out Apple may be relying much less on Skyhook than we ever imagined.
That is actually a very good article on how Apple locates your position so well in WiFi-only iPads... Something I always assumed was just done through Skyhook, but it's Apple's own location database that is probably doing most of the grunt work matching everyone's GPS data with scans of WiFi signals.
For example here in South-East Asia I don't reckon Skyhook can give the granularity of location pinpointing that I see on WiFi iPads.
Turns out Apple may be relying much less on Skyhook than we ever imagined.
Yeah, I was pretty amazed at that... I initially had some buyers remorse after getting an iPad without GPS, but the wi-fi location is pretty darn good. It varies over time at my house (or maybe it's my exact location within the house)... sometimes it might be a half block off, but usually it's within 50ft or so.
If the iPhone did actually accurately record your location at regular intervals, that'd be pretty cool... you could track runs, biking, hiking, etc. Apple should give the user a nice UI to access the data and control it. Heck, I might even buy an iPhone then...
There are inexpensive apps that do exactly what you're talking about. (Maybe even free ones, but not something I'm personally interested in, so I'm not following that closely). So go buy your iPhone!
The key is that these apps are 100% opt-in. If YOU want to have your iPhone track your location and send that back to whatever servers, great. But gathering, storing and transmitting that data with no (reasonable) way to access, delete, opt-out, etc., is appalling and unnecessary.
There are inexpensive apps that do exactly what you're talking about. (Maybe even free ones, but not something I'm personally interested in, so I'm not following that closely). So go buy your iPhone!
The key is that these apps are 100% opt-in. If YOU want to have your iPhone track your location and send that back to whatever servers, great. But gathering, storing and transmitting that data with no (reasonable) way to access, delete, opt-out, etc., is appalling and unnecessary.
Heh, cool that there are apps for that... immediately after I wrote my post I realized that since the GPS data is available, there probably were third party apps that could save it, send it, etc.
If Apple were doing all that you list, then that would give one pause for thought. I haven't seen anything to suggest they are, but that doesn't mean they are not... they are not providing a reasonable way to access and delete what appears to be cell tower and wi-fi location data on your iPhone, which I could see as being annoying to some... doesn't really upset me.
I searched here on AI first to see if anyone else has linked to this video here at YouTube. No conspiracy theories, just a plain old security conference video from ShmooCon.
The video is old and references the 3gs and shortly after the iPhone4 was released. It is STILL very relevant to the information that can be obtained within "30 seconds(!)" (direct quote) of obtaining a non-password protected iDevice, and/or access to your Mac/MBP that you sync to.
These are forensic experts, however any kid or bad guy could easily within a few hours of NEVER cracking anything, get a mountain of info about you. At the very least, they could hijack your identity and make damaging posts to Twitter, Facebook, etc.; use your email address to send spam or Malware/Trojan infected mails; post or mail sensitive pictures of yours, or anything (child porn) to Flickr, Picassa, etc. under your name and address.
Some pretty scary stuff for the "I have nothing to hide" crowd to deal with after the fact if your MB or iDevice is stolen, dontcha think?
And you guys are worried about "location services"?
YouTube - ShmooCon 2011: Inside the App: All Your Data are Belong to Me
BTW: I'm a huge Apple fan. See my assorted posts. I am not picking on Apple. The researcher (who battled through heroically with a cold I might add), at the outset mentioned that this is not unique to Apple, it's just her area of expertise.
After seeing the vid... I think anyone with sense, will and should, check that little box to "encrypt your back-ups" from now on.
http://www.f-secure.com/weblog/archives/00002145.html
Note: The data is anonymized. It is NOT transmitted if you opt-out.
Very good! That was the article I thought I bookmarked, but didn't. Thanks.
I guess I still disagree with your interpretation. I think you have to read C.1.a in its entirety to see the restrictions, which I think do prevent transmission if location services are off:
First, when a customer requests current location information, the device encrypts and transmits Cell Tower and Wi-Fi Access Point Information and the device's GPS coordinates (if available) over a secure Wi-Fi Internet connection to Apple.
Second, to help Apple update and maintain its database with known location information, Apple may also collect and transmit Cell Tower and Wi-Fi Access Point Information automatically. With one exception Apple automatically collects this information only (1) if the device's location-based service capabilities are toggled to "On" and (2) the customer uses an application requiring location-based information.
The exception referred to is:
For GPS-enabled devices with location-based service capabilities toggled to "On," Apple automatically collects Wi-Fi Access Point Information and GPS coordinates when a device is searching for a cellular network, such as when the device is first turned on or trying to re-establish a dropped connection. The device searches for nearby Wi-Fi access points for approximately thirty seconds. The device collects anonymous Wi-Fi Access Point Information for those that it can "see." This information and the GPS coordinates are stored (or "batched") on the device and added to the information sent to Apple. None of the information transmitted to Apple is associated with a particular user or device.
Except it's already been shown that it does this when location services are turned off. Therefor, what I said is correct, and reading Apple's response does show that.
Again, this is just speculation on the part of the folks who wrote that article. It's not a policy statement from Apple. And it's speculation that, on the face of it, does't make a lot of sense. Why would Apple be collecting that information in consolidated.db if consolidated.db is not sent to Apple? They can't build a database from data they never receive.
It was a policy statement from Apple, as you would have seen if you carefully read the response Apple sent Congress, that I posted. They make it clear that it is anonymous. As we can see from Apple's statement today, this isn't what you insist it is.
Wow. Pretty damn cool, actually. But certainly frightening for some people. I think the issue that Apple has to address, and soon, is why it keeps this data on a permanent-cache basis and why it does it continually rather than on-demand by certain apps or what not.
The other point it raises is that it is able to pull location data even when many apps and the Maps app says "location cannot be determined". I suppose there is a filter on these apps that determine the accuracy of the location and decides how valid the location is. What is interesting and concerning is that this location is tracked regularly behind-the-scenes.
Fascinating indeed. Now to log on to Cydia and zap the file. (untrackerd by Ryan Petrich)
I'm sorry it's being shortened. It's very helpful information, as it enables my iPad GPs app to locAte in a few seconds, and to allow it to begin while driving.
There is SO much bad information in here it isn't even funny.
- The data collected is stored on the phone and synchronized through iTunes to your computer.
- The file on the computer can be encrypted, but it is not by default.
- The file on the phone is inaccessible to regular apps, but totally accessible to apps that have been installed on jailbroken phones.
- The logging of data on the phone cannot be turned off, even if Location Services are disabled.
- The log file on the phone cannot be reset or deleted.
- The current file format (unencrypted plain text) is new with iOS 4.x, but the iPhone has been doing this in the last several major releases.
- If a phone is jailbroken, the data file can be obtained remotely via SSH.
- If a phone is lost or stolen, a quick jailbreak can make the file accessible to anyone.
- Apple stated last year that they collect location information, but this can be turned off by disabling Location Services. This does NOT apply in this situation.
- If you replace your phone, prior location information is copied to the new phone, creating a log going back much longer than you have had the replacement phone.
- Apple has made no comment on this issue.
- This has nothing whatsoever to do with the FCC mandate that callers to 911 must be triangulated.
- The phone does not need a huge log of everywhere you have been, along with when, to locate your location quickly. This can be done much more easily with a much simpler data format.
- The utility you can download that shows you your historical location information intentionally obfuscates and reduces the accuracy of location information. The author states this on the home page. If this is used to come to the determination that the recorded location isn't accurate enough to mean anything, this is just wrong. The information recorded is good enough for E911.
- Android location tracking is disclosed when you setup the device (or application), and it can be disabled.
- The iOS devices are the only ones that keep a running log of location.
Personally, I wouldn't want someone to be able to track my location remotely. Through a jailbreak hack, or even a known security exploit of the phone, it is entirely possible that someone could target an iPhone owner remotely and download the data. Also, for those running computers infected with malware such as spyware, trojan, or bot, it would be very easy for someone to grab this information.When you start to take things like the safety of your family into consideration, this is pretty bad stuff. I don't have anything to hide, but I certainly don't want an anonymous stranger being given access to my historical location information, let alone my current location.
Apple needs to turn this off, or at least give end users a way of doing so themselves.
You are really overdoing it. This isn't a tracking file. While police have attempted to use it in court, they haven't been successful, because some of the info is so far from where the basic track is that it's useless for that purpose. And the track isn't very close to your route anyway. In most cases, the info in the file is only telling within hundreds of yards of where you've been, and it could be a hundred miles. It doesn't have your current location either.
Folks, this isn't Tv or the movies, where they find out exactly where you are from these files. They'd be lucky to know which town you were in most of the time.
If you take a look at the link nvidea2008 provided, http://petewarden.github.com/iPhoneTracker/ you'll see they're saying the file does track your location. It's not tracking cell towers and the granularity they show in the video seems to be within a block or two, not the mile or two, 45 miles, or half a continent away others have said.
And again, the claim that Apple discloses this usage is someone's guess on what's going on and their interpretation of a dialog box. And it's a guess that make no sense what so ever as the data isn't sent to Apple but the dialog box talks about sending data to Apple.
The point to me posting this isn't to try to pick argument with you, but to point out the people who should be describing Apples policies and practices is Apple, not random guys on the net.
It's just random if it has you within a block or two of where you are. The problem with that is that it's so often only coming within a few miles means that any other data is suspect, as it isn't actually tracking you, but rather the towers that are within certain limits, which may, or may not actually be on your path.
Because of that, using this to track people is useless, and hasn't been allowed in court so far.
At any rate, as we can see today, Apple has explained it very well, and will be eliminating most of it and encrypting the rest.
I don't want to pick on you in particular, because you seem like one of the non-obnoxious commenters here, but that's a standard privacy comment that's universally not true. Just because you're not doing anything "bad", doesn't mean that you're willing to share everything will everyone. A simple example: to take you at your word ("I have nothing to hide"), please post your full name (including full middle name), your address, your social security #, and your birthdate. I trust you won't do that, and I won't blame you for having to backtrack on your statement above.
So with the mutual understanding that you DO have things to hide, i.e. you don't want out in plain sight, instead the real issue is to decide where the lines should be drawn. You might be the most law-abiding citizen around (as I am, no joke), but do you want a web cam running in your bedroom 24/7? Probably not, and it has nothing to do with having anything to hide, it's just basic privacy. As is letting someone monitor your physical location 24/7, without providing any legal protections over that data.
Yes, Apple may (we hope) be a "good guy" right now, and they probably aren't doing anything nefarious with this information, but there's nothing more than a Privacy Policy between your data and other parties. That privacy policy can be amended at any time, and how many people are going to (be able to!) just stop using their phones? And who's to say any other smart phone will be any better?
Sadly, a bunch of you are making ignorant comments comparing this to E-911 compliance. Not.The.Same. Telcos are required to make location data available in real-time upon request, but they have LEGAL restrictions as to the use and release of location data. Apple, Google and the other manufacturers and service providers have no such restrictions. You're just hoping they're going to play nicely -- and that they will continue to play nicely in the future. The fact that the devices can autonomously gather and send this data back to someone other than the telco is a relatively new phenomenon, and the laws need to be updated to reflect what the original intent was when the E-911 laws went into effect, i.e. your location data is private unless you make the explicit choice to share it.
Understand something. The only right, and expectation we have of privacy is in first class mail, and our home. Nowhere else. We don't have an expectation of it when in public.
I'm not saying that if some entity is deliberately tracking us so that they know exactly where we are at all times, it would be good, or ok. I'm not. But once outside, it can be difficult to hide where we've been. Get gas for your car. Use a credit card or ATM card. Make a phone call from just about anywhere, use some automatic payment toll card for highways, or any of a multitude of things, and they can find you.
If you want to be entirely off the system, it's difficult these days, and getting more difficult. If this is people's biggest worry, then they are too paranoid. As has been said many times, this doesn't know where you were or are. It's just a generalized area.
If you take a look at the video, "Washington DC to New York via Amtrak," on that site, it seems clear that the locations saved in the file are not the location of the phone itself... since it would require the phone to be in multiple locations at once.
I assume they're cell tower and wi-fi locations, but that's of course just a guess.
It also seems fairly clear from what I've seen of posted Apple user agreements and previous statements to congress that their policy is to collect location information if the user elects to and not to otherwise. I haven't seen any indication that they are doing otherwise, but it wouldn't hurt for them to reiterate that.
I'm not sure why the iPhone would collect the data even when the user opts out (assuming it does)... possibly in case the user changes their mind at some point and decides to opt back in. In which case the data is already there. Or it might just be lazy programming.
If the iPhone did actually accurately record your location at regular intervals, that'd be pretty cool... you could track runs, biking, hiking, etc. Apple should give the user a nice UI to access the data and control it. Heck, I might even buy an iPhone then...
There are apps for that purpose.
By the way, every GPS unit for the car, and for other personal use captures the route info, and stores it for later use. So unless people deliberately delete it, which they don't, for obvious reasons, then that data could be used as well, and it's very accurate. What's worse, if you program routes in, that you might want for the future, but haven't actually used, it's in there as well, just as though you had been there, and you can't prove, by that data, that you hadn't.