Have an iPhone/iPad3G? Apple's been recording your location

Apple has a history of wanting to gather as much information about its user base as possible. Google has been caught numerous times with the same problem when it recorded people’s Wi-Fi connections through its Google cars when gathering data to build Google Street view.

Well today, O’reilly Radar have found that Apple may have taken it a step too far as they have been recording the position of your iPhone and 3G iPad devices ever since the release of iOS 4 in July 2010.

They found that the devices save the position of your device in a hidden file named “consolidated.db” by means of recording the latitude-longitude coordinates with the addition of a timestamp. It could be speculated that it could have been a mistake by Apple but that argument is later refuted when they find that iTunes includes a copy of the database within your device backups, so when you restore the backup, even to a new device, the data is kept. It’s clear that Apple is recording this information intentionally but the question is why?

What makes the problem a little more strange is that by recording such data, Apple are putting your data at security and privacy risks as the file is unencrypted and stays on any machine that you have previously synched your iPhone/iPad with. It also leaves a more real problem for the users of iOS 4 – anyone who knows how to access that file can locate where you’ve been in all the time you’ve had the device. For many people, that period of time will likely be a year, meaning a year of information of your locations have been saved into that file.

In addition to recording the wireless access points it also records cell towers and GPS. Since this affects all iOS 4 users it essentially means all of Apple’s own employees have been recorded – was it ever in their company contract that Apple had right to record where they go?

Thankfully there is a way to start to protect yourself, by encrypting your backups through iTunes which can be done by clicking on your device in iTunes and checking ‘Encrypt iPhone backup’ under the Options menu.

The author from O’reilly has created an app that will allow you to view your own data that it’s recorded. 

Report a problem with article
Previous Story

Neowin's Facebook page taken offline - We're Back! (Again)

Next Story

Microsoft adjusts Xbox 360 Indie games rating system

58 Comments

Commenting is disabled on this article.

So? I am a law abiding citizen, I woudn't care less if someone, even the government knows where I have being, Or even worse, where I want to be. People keep saying crap about "Big Brother" or "The Man", whatever, keep walking over the line and l keep you hands to yourself... LOL!

I just saw a device that law enforcement in the USA are buying now to pull all data including this off your cell phone within a minute of getting ahold of it... they just put it into the device, it images it and dumps all this info for them..... now they just seize your phone instead of getting a suopena to get the info from the cell company... so much easier right?..... you have to wonder how much data is dumped to smart phones just for the cops to get it easier

what said,
I would lol if this was responsible for the crap battery life iPhones get with iOS4.

Battery problems only started with iOS 4.3.

what said,
I would lol if this was responsible for the crap battery life iPhones get with iOS4.

Battery problems only started with iOS 4.3.

what said,
I would lol if this was responsible for the crap battery life iPhones get with iOS4.

Battery problems only started with iOS 4.3.

Magallanes said,

This site reeks of apple fanboy.

Do you have a rebuttal to the contents contained in the article or are you just going to put forth this type of rhetoric?

Magallanes said,

This site reeks of apple fanboy.

Well the guy wrote a book on forensic data extraction for iOS. I'd say he knows a thing or two on the subject.

May not be Apple doing the spying - the capability is there and engineered, probably by Apple, but they may have had their arm twisted to incorporate the technology into their device without a choice in the matter. If they did not comply, it would be next to impossible to sell the Apple product in the US, UK, wherever due to overreaching regulations and mandates. Which is probably the case. Now that is what you know, what else is there you don't - or - not supposed to know? Again, turn off the American Idol, dancing with stars, bigger loser or whatever garbage, stop being distracted and use basic , common sense. They are the evil empire because YOU let them (and the evil empire is probably not Apple)

When Apple will get 10bln fine for spying their customers they will stop these tactics. Otherwise they will continue and continue.

and when people say "big brother" is tracking them through their phone, we call them paranoid.... we got a company Fing up like this and we expect people not to be paranoid.... this is unacceptable.

Tracking is unethical especially when they use the device space "you" paid for and the device/computer that you own to store their tracking data, without compensation. But does it really matter that they are tracking you from a privacy perspective? Any public facility, park, bank, airport, casino, intersection, etc. has a camera on you and "they" (you tell me who they are) know its you and where you are located. You leave a digital footprint wherever you go. Google facial recognition in picassa is dead on accurate and this is in a free application. Can you imagine what expensive, purchased facial recognition can do? You can only guess, but put some common sense on it and it should scare the hell out you. You are already a coordinate in a database that never goes away waiting for the day it can be used against you.

Owatonna said,
Anyone know of an Android app that can map where we've all been? I kind of like it.

Go to Endomondo.com and download their app, will let you track, store and share your movements.
I prefer sports-tracker.com, but AFAIK it's nokia only

Is it just me or do some of the more editorial parts of this article seem a bit misleading? This is not the same as the Google Street View problem. Apple does not have this information. There's a distinct difference between the information being recorded on the device and Apple having that information.

Not that it doesn't have security implications, it definitely does, but this article seems a bit unclear on the distinction.

this might be a wild guess, but i am betting Iphones can even be tracked thourgh their PHONE CALLS!!! I got a bill once, and they knew WHO I CALLED as well as HOW LONG i talked and even WHEN I CALLED!!!! they even knew if it was a LONG DISTANCE CALL!................. WHERES MY PRIVACY???????

break out your tinfoil hats! hehe

The problem isn't that they're collecting the data, it's that it's being stored in plaintext in an easily accessible place without asking permission to do so.

The problem isn't that they're collecting the data, it's that it's being stored in plaintext in an easily accessible place without asking permission to do so.

iKenndac said,
The problem isn't that they're collecting the data, it's that it's being stored in plaintext in an easily accessible place without asking permission to do so.

You mean you didn't read the agreement which stated that they would.....

Correct. Did you read it all?

The agreement also says that applications can use your location data and may send it to a third party, but they still put up a dialog box warning you of it for each application. I think this should be the same.

iKenndac said,
Correct. Did you read it all?

The agreement also says that applications can use your location data and may send it to a third party, but they still put up a dialog box warning you of it for each application. I think this should be the same.


you really want a dialog for every little thing in the system? that would get old pretty quick.

I had a look at my data and found a few interesting things in there. The data on my device seems to suggest they're recording information about cell tower rather that my actual location, although of course they'll be similar. I put some screenshots and thoughts in a blog post:

http://danielkennett.org/blog/...ng-observations-of-my-data/

Disclaimer: This is my personal blog. I have nothing to sell, no agenda. I just thought it was interesting enough to share.

Just as bluewind said, it's a known fact as with every other cellphone.
Now snooping on WiFi traffic and gathering information without someone's consent is pure wrong...

Euphoria said,
Just as bluewind said, it's a known fact as with every other cellphone.
Now snooping on WiFi traffic and gathering information without someone's consent is pure wrong...

I think the bigger issue is that it stores the data on your computer and it is unencrypted by default. So, for instance, if you are fooling around with some girl on the side, you have an iPhone, and your girlfriend has access to your computer you may be in trouble...

Or for instance, if you commit a crime and the detectives see you have an iPhone they know they can get to all your location data with your iPhone.

I guess it comes down to the same old privacy paradox. If you've got nothing to hide, why are you concerned about privacy?...because where does it all end?

If they are being sent this private data, than shame on Apple. As for the database it really should be encrypted some how for security.

But I would like to look at my location's database just for fun. A time lapse location plotting in Google Maps of what I've been up to since July would be a very interesting and insightful thing to watch.

Shadrack said,
But I would like to look at my location's database just for fun.

Did you not use the application mentioned in the article then?

alexalex said,
I don't see anything regarding the file being sent to Apple. It is kept private on the iDevices and on users PCs.

I certainly hope so...

thealexweb said,
Apple looking to take iAds in to targeted advertising maybe?

No, to speed up location services and save on battery as explained by Apple in 2010

Not good. At least it's not being sent to anyone. Only question left is, what the hell is this for?
My guess is for faster locating as soon as you want it to. But why it is stored is beyond me. Maybe a glitch, maybe on purpose, who know.

That App you can download from the researchers website is pretty damn interesting though.

instant.human said,
That App you can download from the researchers website is pretty damn interesting though.

Definitely.

pretty cool, I wonder if I can open consolidated.db and make a map to where I've been keeping in mind I keep GPS off so it would probably be only cell triangulation.

Draconian Guppy said,
pretty cool, I wonder if I can open consolidated.db and make a map to where I've been keeping in mind I keep GPS off so it would probably be only cell triangulation.

... so you think

So... let me get this right - It's recording info based on Cell Phone Towers - info which the Cell Phone people already have available anyways? What's the matter... who cares.

Sn00pY said,
So... let me get this right - It's recording info based on Cell Phone Towers - info which the Cell Phone people already have available anyways? What's the matter... who cares.

The problem I have with it is that it's stored on the phone, and can be transferred to your computer and other devices.

It's kept secret.

There are options in the UI to turn off location data, but apparently, it still tracks you (I'm going to test this myself to make sure). This is deceitful.

The data stored by network operators is very different to a file sitting on my phone and computer. It's probably more likely, for example, that someone could get unauthorised access to that data.

In terms of data storage you really ought to only store data you *need*. It's not good practice to just store extra information 'just in case'. It doesn't look like Apple have much justification for this long term data.

The network operators may or may not have justification for what they store - it's irrelevant to what Apple choose to store on my phone. Just because some other organisation has data x, y and z doesn't mean anyone else should have it.

Laura said,

The problem I have with it is that it's stored on the phone, and can be transferred to your computer and other devices.

It's kept secret.

There are options in the UI to turn off location data, but apparently, it still tracks you (I'm going to test this myself to make sure). This is deceitful.

The data stored by network operators is very different to a file sitting on my phone and computer. It's probably more likely, for example, that someone could get unauthorised access to that data.

In terms of data storage you really ought to only store data you *need*. It's not good practice to just store extra information 'just in case'. It doesn't look like Apple have much justification for this long term data.

The network operators may or may not have justification for what they store - it's irrelevant to what Apple choose to store on my phone. Just because some other organisation has data x, y and z doesn't mean anyone else should have it.

Have to agree with most of what you say but....

Telco's keep as much if not more information and will hand it over to anybody with a warrant.

This information is used to speed up location services and was explained back in 2010 by Apple as a way to save a bit more battery.

I would be flabbergasted if other phone makers do not do the same thing.

While I agree about the amount of data retained as a dev sometimes it's easier just to let it accumulate.