iPhone secretly tracking user location, say researchers
21 April 2011 | 0
A pair of researchers have found that Apple iPhones and iPads track users’ locations and store the data in an unencrypted file on the devices and on owners’ computers.
The data, which appears to have been collected starting with iOS 4, which Apple released last summer, is in a SQLite file on iPhones and iPads with 3G capability, according to Pete Warden, the founder of Data Science Toolkit and a former Apple employee, and Alasdair Allan, a senior research fellow at the University of Exeter.
The same file, named “consolidated.db,” is also stored in the iOS backups made by iTunes on the Mac or Windows PC used to synchronise the iPhone or iPad.
Stored in the file in clear text are locations’ longitude and latitude, a timestamp and other information, including Wi-Fi networks in range of the device.
About 100 data points per day are logged to the file, said Warden and Allan in a video posted on the O’Reilly Radar blog.
“There can be tens of thousands of data points in this file,” said the pair in the blog post.
The data may be hard to extract remotely from an iPhone or iPad, but not impossible, said Charlie Miller, a noted Mac and iPhone vulnerability researcher, and a four-time winner at the Pwn2Own hacking contest .
“The file is in the root’s directory, so apps, including Safari, won’t have access,” said Miller. “That’s still bad, though.”
To view the location file on an iPhone remotely, an attacker would have to exploit a pair of vulnerabilities, one to hack Safari – likely by duping the user into visiting a malicious site – then another to gain access to the root directory, Miller said. That’s possible, but unlikely for most criminals.
Running Warden’s and Allan’s Mac app displays where an iPhone has been since it was upgraded to iOS 4. (Info displayed is from an iPhone owner living in New England.)
Warden and Allan have made it easy to do just that: They’ve created an application that extracts the data from a Mac, then displays the location history on a map.
It’s unclear why iOS is collecting the data, but Warden and Allan speculated that it might have to do with a future feature that relies on geolocation. “The fact that it’s transferred across devices when you restore or migrate is evidence the data-gathering isn’t accidental,” they said.
But Cluley wasn’t ready to put on a conspiracy cap and accuse Apple of tracking its users wholesale, or of making such data available to third parties like marketers or governments.
“I think things tend not to be conspiracies, but are more often cock-ups, accidents that happen,” Cluley said. “It may be that one hand of Apple doesn’t know what the other hand is doing.”