Get the E-Commerce Minute Newsletter from the E-Commerce Times » View Sample | Subscribe
Welcome Guest | Sign In

Betrayed by My iPhone!

By Chris Maxcer MacNewsWorld ECT News Network
Apr 21, 2011 5:00 AM PT

This whole "knowing-where-everyone-is-at-all-times-thing" that we've been experiencing in this century is getting old. We've known that our cellphone carriers keep track of our handsets as they move around, connecting to various towers and using services that require byzantine billing systems. And we know, based on any episode of any murder-thriller TV show or movie that the local cops or feds can find our phones at any time if we happen to be kidnapped or hiding after committing nefarious activities.

Betrayed by My iPhone!

Then there's Apple's MobileMe service that lets a customer locate his or her iPhone on a map, display a message, and even remotely wipe the data on it. It's a pretty cool feature, and I'm sure that many parents finally succumbed to the desires of their teenagers for an iPhone ... because they know they can find them if they need to. Or if you lose your iPhone or someone steals it, you could use the Find My iPhone app to get it back. Maybe.

We've even come to understand that our smartphones might track our location so they can serve up special ads for us. Say we're walking by a restaurant so we can get an ad for a meal deal.

Now, Your iPhone Is Keeping a Location Database

A couple of security experts, Alasdair Allan and Pete Warden, say they've stumbled upon a file that stores unencrypted location data in everyone's iPhone. The file, consolidated.db, contains latitude-longitude coordinates along with a timestamp, and it first appeared on our iPhones with iOS 4.

There's more, though: This file is automatically backs up and syncs with your Mac or PC whenever you sync your iPhone. So not only is the file not particularly secure on your iPhone, it's likely available on your Mac or PC, too. Allan and Warden don't know what the file is really for, and Apple has reportedly not gotten back to them on their queries.

The most likely speculation points that the file could be used for Apple's iAd solution to help deliver geographically relevant ads. So far, they also report that they don't think this file has been communicated to Apple or anyone else. It just sits on your iPhone and quietly logs your travels, waiting silently, perhaps ominously, until you accidentally get mixed up in industrial espionage and some evil corporate hit team steals your laptop and learns that you like to eat tacos for lunch, whereupon they get to your favorite taco stand first.

Allan and Warden report that the coordinates aren't always exact, but they are pretty detailed, noting that there can be tens of thousands of data points in the file. Because it seems to have started with iOS 4, there's about a year's worth of location data in the file. They guess that the location is determined by cell-tower triangulation, but the timing of the recordings is erratic, and they aren't sure what triggers the iPhone to save a location and time stamp.

There's an App for That

While there are apps that let you share your position in the world with friends on a your social network, this file tracks where you've been and stores it. Maybe forever. You just need an app that can help you see it. In this case, Allan and Warden created an app called iPhoneTracker that lets you see where you've been -- if the app, once you install it on your Mac, sees the hidden consolidated.db file in your iPhone backups.

I downloaded it, installed it, and launched it -- all in less than two minutes. Within three minutes, I could see at a glance where I'd been ... for months on end. At least, I could tell where my iPhone had been. Turns out, it was with me on a trip to Colorado. And, through round bubbles of activity shown on the map, it even noted my layover in Las Vegas. The iPhoneTracker app also lets you play back your activity, so you can see these round bubbles of activity show up and disappear on the map as you fast-forward through time. Seems pretty damn accurate to me, actually -- even though Allan and Warden sensibly made the app far less accurate than it could be. The underlying data on your iPhone and Mac has more precise data points, while the iPhoneTracker app intentionally fuzzes up the location and exact time. So cheating spouses, for example, won't so easily be outed by this particular app.

The Civil Rights and Security Pundits Are Missing the Point

The Web is hopping with comments and news coverage from people all fired up about violations of privacy and how crazy insecure all this is. Stalkers have a new way of figuring out where you were, and by some rudimentary analysis, might figure out where you're going. But I imagine renting a van and buying a pair of high-powered binoculars is still the method of choice over breaking and entering to steal a computer. I'm just saying. But if you think this through, it provides some really interesting opportunities for bad guys. Snatch a purse, and suddenly you've got a history of movement on your hands. Need to find out where someone has been, where they have live, where grandma lives? Easy enough.

So yeah, this whole file sucks. Apple clearly needs to find a way to a) get rid of it entirely, or b) encrypt it so that it's nigh impossible to hack.

Of course, an explanation would be nice, too. Hear that Apple? Don't break the trust. You can do much better than this, and many of our long-time fans expect it.

Moving on to the Real Point

There's some basic flaws in our society as a whole where we think people a) need to be tracked, and b) should be tracked, and c) should be tracked so we can offer them special advertising deals on pizza and hand lotion and oil changes for your car.

But that's not the real problem here at all. Sure, it's a slippery slope, and once we step too far, we'll end up having cameras everywhere, like our friends in the UK.

No, the problem is mystery. Cellphones started it, and this, along with cell-tower triangulation and built-in GPS, is just another big leap. It used to be that you would wonder where a friend was, where a sibling was, if a spouse was on their way back from the grocery store or not. Now, there's no mystery. You know exactly when someone is going to arrive for dinner. They can call you and you can call them, and there's never any moment that you're untethered. Sure, you could ignore your phone or turn it off. Or ... don't freak ... leave it behind.

As it turns out, I just saw an episode of NCIS (I'm just a marginal fan) where Ducky (who is an old guy) talks to Jimmy (who is a young guy) when Jimmy was trying to text or tweet his girlfriend obsessively. Ducky says, as noted in, "These distractions feed the ever-growing beast known as instant gratification ... If you keep in constant contact with your lover, she will get to know you too well."

"I don't follow," Jimmy says.

"You lose the thrill of discovery. The mystery of not knowing. Secrets, if handled properly, can be extremely alluring," Ducky says.

My iPhone, it turns out, is actively storing my secrets, whether they are important or not. And one day, maybe it will spill them, probably so someone can make another dollar off of me. Even if they never go anywhere, the fact remains: Someone thought storing this information was a good idea. And I see that as a failure of the human race in more ways than one.

MacNewsWorld columnist Chris Maxcer has been writing about the tech industry since the birth of the email newsletter, and he still remembers the clacking Mac keyboards from high school -- Apple's seed-planting strategy at work. While he enjoys elegant gear and sublime tech, there's something to be said for turning it all off -- or most of it -- to go outside. To catch him, take a "firstnamelastname" guess at

download NICE inContact Remote Agent Checklist
Which cybersecurity risk is the greatest threat to organizations with remote workers?
Data Breach or Leak
Employee Misconduct or Negligence
IoT-Based Attack