Apple’s iPhone saves every detail of your movements to a file on the device. Security researchers have discovered a secret file on the device containing your location data which is then copied to the owner’s computer when the two are synchronised.
The file contains the latitude and longitude of the phone’s recorded coordinates along with a timestamp, meaning that anyone who stole the phone or the computer could discover details about the owner’s movements using a simple program.
For some phones, there could be almost a year’s worth of data stored, as the recording of data seems to have started with Apple’s iOS 4 update to the phone’s operating system, released in June 2010.
Only the iPhone records the user’s location in this way, say Pete Warden and Alasdair Allan, the data scientists who discovered the file and are presenting their findings at the Where 2.0 conference in San Francisco on Wednesday.
Simon Davies, director of the pressure group Privacy International, said: “This is a worrying discovery. Location is one of the most sensitive elements in anyone’s life … The absence of notice to users or any control option can only stem from an ignorance about privacy at the design stage.”
Warden and Allan point out that the file is moved onto new devices when an old one is replaced: “Apple might have new features in mind that require a history of your location, but that’s our specualtion. The fact that [the file] is transferred across [to a new iPhone or iPad] when you migrate is evidence that the data-gathering isn’t accidental.” But they said it does not seem to be transmitted to Apple itself.
Although mobile networks already record phones’ locations, it is only available to the police and other recognised organisations following a court order under the Regulation of Investigatory Power Act. Standard phones do not record location data. Apple declined to comment on why the file is created or whether it can be disabled.
Warden and Allan have set up a web page which answers questions about the file, and created a simple downloadable application to let Apple users check for themselves what location data the phone is retaining. It has been confirmed that 3G-enabled devices including the iPad also retain the data and copy it to the owner’s computer.
The location file came to light when Warden and Allan were looking for a source of mobile data. “We’d been discussing doing a visualisation of mobile data, and while Alasdair was researching into what was available, he discovered this file. At first we weren’t sure how much data was there, but after we dug further and visualised the extracted data, it became clear that there was a scary amount of detail on our movements,” Warden said.
They have blogged about their discovery at O’Reilly’s Radar site, noting that “why this data is stored and how Apple intends to use it — or not — are important questions that need to be explored.”
Turn your iphone data into a readable map with this application: https://sites.google.com/site/nphonetrack/