Yes, you read the title correctly. Two security researchers have discovered that Apple iOS 4 devices, including the iPhone and iPad 3G, regularly record your position and store it in an unencrypted file on the device. Disturbingly, this unencrypted file is copied to your computer when you perform a backup. So anyone with access to your phone or PC can read this file to determine where you have been and when you were there.
According to one of the researchers, Alasdair Allan, "[The file] contains latitude-longitude coordinates along with a timestamp. The coordinates aren't always exact, but they are pretty detailed. There can be tens of thousands of data points in this file, and it appears the collection started with iOS 4, so there's typically around a year's worth of information at this point."
So far, there's no evidence that any of this information is being transmitted to Apple or other third-parties. Nor is it clear why the data is being stored or how it is used (if at all) by the phone). Yet, the data privacy implications are still pretty dramatic. A jealous spouse could use this data to see if you were really on that "business trip". And if you sync your iPhone with a work PC, your employer could check to see if you were at home when you took a sick day. Or perhaps you were on a job interview at a competitor's location?
Unfortunately, there's not much you can do to stop the data from being collected or to encrypt it on the phone. If you are syncing with a computer, you can encrypt the file through iTunes by checking "Encrypt iPhone Backup" under "Options" .
Curious about your own data? The researchers have built this simple application that lets you visualize your data on a map. A sample map from the researchers' data can be seen in the video below.
From Ron Ablang on April 21, 2011 :: 10:03 am
Well I guess the rest of us that use iPod Touches will not have to worry then. Thank you.
Reply