Forgot your password?
typodupeerror
IOS Iphone Privacy Upgrades Apple

Apple Updating iOS To Address Privacy Concerns 318

Posted by CmdrTaco
from the hype-of-the-month dept.
wiredmikey writes "[Apple] said that over the next few weeks it would release a software update for iOS that would reduce the size of the crowd-sourced Wi-Fi hotspot and cell tower database cached on the iPhone, cease backing up the cache, and delete the cache entirely when Location Services is turned off. Additionally, Apple said that in the next major iOS software release the cache would be encrypted on the iPhone, though a timeline for that was not provided."
This discussion has been archived. No new comments can be posted.

Apple Updating iOS To Address Privacy Concerns

Comments Filter:
  • hmm.. (Score:3, Insightful)

    by amalek (615708) on Wednesday April 27, 2011 @10:18AM (#35952442)
    It's been a long week of high-profile fuck-ups.
  • by recoiledsnake (879048) on Wednesday April 27, 2011 @10:19AM (#35952454)

    Not erasing the old logs doesn't seem like a bug.. it would've been caught by a single test case. It seems to be a design decision to cache locations to speed up look ups the next time, so would've been considered a feature. Not encrypting the data, on the other hand, seems to be a genuine oversight. But no wonder they want to call everything a bug, what with the government breathing down their neck with Congressional hearings.

    • Re:Bug? (Score:5, Insightful)

      by mangino (1588) on Wednesday April 27, 2011 @10:30AM (#35952596) Homepage

      Almost all bugs would be caught by a single testcase if you thought about writing it. Most often the problem is that nobody concerned the scenario and though to write a testcase. While it could be mailicious, it could also be just an accident.

      • Re:Bug? (Score:5, Insightful)

        by Anonymous Coward on Wednesday April 27, 2011 @11:31AM (#35953412)

        Not if the bug is in the requirements. You can't test for something if there is no requirement for it. One of the biggest failures of how agile/XP methodologies are implemented, they skimp on the requirements documentation.

        • Re:Bug? (Score:5, Informative)

          by mangino (1588) on Wednesday April 27, 2011 @12:38PM (#35954348) Homepage

          I don't know that I agree with this. I've worked building software for more than 15 years and I can tell you that the likelihood of somebody accurately capturing something like this in a requirements document is very close to zero. After all, this isn't a feature we're talking about, it's an implementation detail of a performance optimization. The requirement would likely be something like

          "Must be able to detect a location within 0.2s if wifi is active or can locate at least 3 cell tower ids"

          the rest is how the programmer chose to make it work. If you are creating requirements to the level of detail needed to fully specify purge behavior of a cache database, you're never going to finish your requirements document.

    • Seems like a bug (Score:5, Interesting)

      by SuperKendall (25149) on Wednesday April 27, 2011 @10:31AM (#35952608)

      Not erasing the old logs doesn't seem like a bug.. it would've been caught by a single test case.

      You only put tests in for problems you think of. Deleting the log file altogether when you turn off location services, is a problem they simply didn't think about. If you think about it the guys writing that part of the code probably assumed that since the file was cached it would be truncated so leaving it around wouldn't matter...

      The rest of the time you aren't deleting the file, instead you are periodically truncating it - something beyond a single test case, and requiring a long period of time to elapse. That part seems also like it could easily be oversight.

      To my mind they probably just thought keeping a record of cell towers was not a big deal, because it was not an exact location log... although just from a performance aspect you'd think they would not want that file growing too large.

    • Re: (Score:2, Insightful)

      I'm guessing the "sending the list of nearby cell towers and wifi APs(in a totally-you-guys-can-trust-us-that's-why-we-didn't-bother-to-tell-you) 'anonymized and encrypted' form back to Apple so that they can build their 'crowdsourced database'" behavior was not just a bug...

      Maintaining a local cache of recent location references is a common trick to speed up GPS fixes(even dedicated GPS chips commonly have a sliver of cap-backed RAM for the purpose); but the silently sending those data to Apple bit is p
      • ...orm back to Apple...

        Just one problem with the tinfoil on your hat there - no-one is claiming that Apple was ever sent this file.

        The issue is that someone might collect that data if they got to your phone or the backup. But not Apple.

        • by fuzzyfuzzyfungus (1223518) on Wednesday April 27, 2011 @11:43AM (#35953606) Journal
          This file... Apparently, the timestamped location log database file was a locally-generated composite of RF signals the phone received, and nearby locations that were provided from Apple's database(Requests for which, of course, would in no way inform Apple of the user's location at a given time...). That particular file doesn't seem to have been sent back, in large part because much of it would be redundant.

          However, particularly in points 3(linked above) and 8(following) of their apologia, they admit to collecting location data in a previously undisclosed way.

          "8. What other location data is Apple collecting from the iPhone besides crowd-sourced Wi-Fi hotspot and cell tower data? Apple is now collecting anonymous traffic data to build a crowd-sourced traffic database with the goal of providing iPhone users an improved traffic service in the next couple of years."
        • by Belial6 (794905)
          No one? Apple says that they do is items # 3,4,5,8.

          It takes a pretty large amount of cognitive disassociation to rationalize that "This data is sent to Apple" as stated in Apples point number 5 means that the data isn't sent to Apple.

          Apples response is a full and complete admission that they are spying on iPhone users. Sure they are using New-Speak to try and make it sound double plus good, but that doesn't change the fact that they are spying.
          • by SuperKendall (25149) on Wednesday April 27, 2011 @12:45PM (#35954462)

            No one? Apple says that they do is items # 3,4,5,8. 5.

            From TFA:

            Can Apple locate me based on my geo-tagged Wi-Fi hotspot and cell tower data?
            No. This data is sent to Apple in an anonymous and encrypted form. Apple cannot identify the source of this data.

            Hi there. reality calling. If they can't tell it's from you, it's not YOUR DATA they are sending.

            Bloody tinfoil-hat Apple Haters...

            • by moronoxyd (1000371) on Wednesday April 27, 2011 @01:09PM (#35954776)

              Ah, so if I took pictures from all the houses around your house and send them somewhere without telling them that the pictures were taken from your house, that's no problem?

              When I take your bank statement and remove the bits referencing your name and address, I can send that statement wherever I want because it's not your data anymore?

              Good to know...

    • Re:Bug? (Score:5, Insightful)

      by SvnLyrBrto (62138) on Wednesday April 27, 2011 @10:38AM (#35952706)

      Not necessarily a bug... it could have been a simple oversight. Just look at everything that's in /var/log on a vanilla UNIX/Linux installation. Unless you go in to your configurations and specifically dial things down, there's quite a lot in there that some nefarious party could exploit to get a very good idea of what you're doing on that box.

    • Re:Bug? (Score:5, Interesting)

      by IAmGarethAdams (990037) on Wednesday April 27, 2011 @10:39AM (#35952716)

      As Phil Karlton once said [simonwillison.net]

      There are only two hard things in Computer Science: cache invalidation and naming things

    • by blueg3 (192743)

      Not encrypting the data, on the other hand, seems to be a genuine oversight.

      To what end? In order to make use of the data, the encryption key would have to be stored on the phone.

  • nice (Score:2, Insightful)

    by calderra (1034658)
    Apple: We never did anything wrong, but pardon us while we fix it anyway.
    • Re:nice (Score:5, Insightful)

      by jessecurry (820286) <jesse@jessecurry.net> on Wednesday April 27, 2011 @10:38AM (#35952710) Homepage Journal
      Apple: We didn't see anything wrong with the previous implementation, but it seems that our customers do. We'll take steps to make sure that our implementation is in-line with what our customers desire.
      • Maybe a little more like this...

        Apple: We didn't see anything wrong with the previous implementation, but it seems that our customers do. We'll begin encrypting the information so our customers have no idea what we are doing or what data we are storing. Maybe then they will go back to sleep until it's time to pony up for the next version of hardware.

      • Even better:

        Apple: A relatively insignificant bug made it through QA, and now that it's been found we're going to fix it in the next update. While we're at it, here's what the facts are, what we do do and collect, and what we use it for - and how it's anonymized before we see.

  • Well, this seems like a good response but I think we still saw here that data collection practices for consumers are going in a negative direction.

    Overall, this has taught me to simply leave location services off, because the data is being stored on the phone and potentially could be available for data farming in the future.

    • by gabebear (251933)
      Turning location services off doesn't make it any harder for someone to track your phone... it just makes it harder for you to find your location.
      • How so, if it deletes the cache entirely when you turn it off, as TFS seems to indicate?

        • by Necroman (61604)

          location data isn't currently deleted when location services are disabled. That's a coming feature.

        • Re:Good...? (Score:5, Insightful)

          by SvnLyrBrto (62138) on Wednesday April 27, 2011 @10:34AM (#35952650)

          How do you suppose the phone company knows what cell you're in, so they can route calls to your phone? How do you suppose they get their E911 data?

          As long as you have the thing powered on, the phone company know where you are. And if the police want to know, they won't go to your house, hack your computer, and read the log backup. They'll just go to the phone company with a subpoena.

          This whole controversy was much ado about nothing. The only thing that was different was that the user had access to the data that "the man" had all along.

          • by machxor (1226486)

            How do you suppose the phone company knows what cell you're in, so they can route calls to your phone? How do you suppose they get their E911 data?

            As long as you have the thing powered on, the phone company know where you are. And if the police want to know, they won't go to your house, hack your computer, and read the log backup. They'll just go to the phone company with a subpoena.

            This whole controversy was much ado about nothing. The only thing that was different was that the user had access to the data that "the man" had all along.

            Yes because the only people who would be interested in this data are those that already posses a legal method of obtaining it...

            • Re:Good...? (Score:4, Insightful)

              by gutnor (872759) on Wednesday April 27, 2011 @11:26AM (#35953356)

              Yes because the only people who would be interested in this data are those that already posses a legal method of obtaining it...

              If you are worried about those that do not posses legal method to access that data - you should really encrypt your data. The log can only be accessed from you home computer or you mobile phone directly (after hacking it) - if somebody you don't like has unrestricted/uncontrolled access to any of those, there is a lot more stuff you need to be worried about.

              There is of course the Private Investigator case hired by your wife that could be borderline possible. In real life, that would be far easier for the PI to stick a GPS tracker under your car and that would give him more precise, more discreet data collection service.

          • by neoform (551705)

            >This whole controversy was much ado about nothing. The only thing that was different was that the user had access to the data that "the man" had all along.

            I'm fairly certain all the people up in arms about this are not iphone users.

          • Re:Good...? (Score:4, Insightful)

            by Patch86 (1465427) on Wednesday April 27, 2011 @11:56AM (#35953804)

            Leave the police and the courts out of the equation for a moment (as we have to assume, these days, that the state is omnipotent in any case).

            This whole controversy sprung up because some well-meaning developer released an app that could access the data. By extension, we could assume that all iOS developers- including malware developers- could work a similar trick, to less innocent ends. Malware/adware/spyware developers couldn't subpoena your details from your provider; this is the only method by which they could access this sort of data.

            As such, you can look at it as a pretty big security hole that needn't exist.

            • As I understand it, iOS apps can't access it because they're sandboxed off from the system. The file is accessed in the phone backups on the computer. So the moral is don't run untrustworthy software on your computer, unless you're alright with it doing things you don't like.

      • by erroneus (253617)

        It does make it harder for someone to know where you have BEEN though. It's not about tracking the phone "now" as much as where it has been. Such data could be used by law enforcement or jealous spouses as evidence against you. It could also be used by a stalker. And while I haven't given it much thought, I am quite certain there are dozens of other possible uses of this data that would not be good.

        • Knowing a history of where you've been is key to determining where you might be going in the future.

          I had to tell one of my daughters to turn off the GPS location update on her pedometer app because she was posting her jogging path/times on facebook. She didn't know the feature was turned on, and scrambled to delete the details from her facebook account. I didn't need to explain the dangers to her, but I'll explain it here.

          With knowledge of her jogging path and the approximate times she normally runs, kid

        • by blueg3 (192743)

          If your stalker has physical access to your phone, you're in a lot of trouble, regardless of Apple's policy and implementation of Location Services on the iPhone.

          • by erroneus (253617)

            Thieves are everywhere and nowhere. Most women keep their phones in their purses and they tend to leave those things laying around all the time and they don't have locks on them. And for that matter, I sometimes leave my phone on charger at my desk and walk away -- not smart, but we aren't always thinking of those things when other stuff is on our mind.

            I liked Crudely's response above -- I hadn't really thought about how a stalker would use history data -- but there you go -- it's quite obvious and in one

        • by mjpaci (33725)

          Dollars to donuts the people bitching the loudest about this check in to FourSquare 72 times a day, tweet 245 times, and update their Facebook status with what they're doing and where at least every hour.

  • Timestamps (Score:2, Insightful)

    by Kuukai (865890)
    What about the timestamps? Why does a "crowd-sourced Wi-Fi hotspot and cell tower database" still need timestamps?
    • by Imagix (695350)
      So one can expire out old entries? Or use it as some part of a confidence measure that the wifi spot still exists? Cell towers don't move (or disappear) as often.
      • by Kuukai (865890)
        Do you need the minute for that? Isn't the month or week good enough? Would take up less space, too.
        • by geekoid (135745)

          Maybe not, but he developer is just grabbing the time stamp as is.

          As far as less space, it's really not a concern.

        • by erroneus (253617)

          In this case, it is quite easy to imagine that this was merely an oversight on Apple's part.

          Log files are useful forensic data. All log files have time stamps, otherwise they would be less useful. And when making a log file, date/time information is standard data to include.

          Why is this easy to accept as an oversight on Apple's part? Well, as a person with a programming background, I can't imagine writing a log file any other way. But not being 110% security conscious is not the same thing as "tracking u

        • Do you need the minute for that? Isn't the month or week good enough?

          If you are driving down the highway you change locations quite a lot in a minute. Knowing a rough rate of travel because of locations of previous data collected over time, you could easily see the iPhone not trusting data even a minute old if it could extrapolate you were recently traveling at high speeds from the other data - or it might tweak location results to give you a location centered around where it thought you might be.

          In fact

        • by blueg3 (192743)

          Redacting timestamps to the accuracy you think you need is much more annoying than simply getting a timestamp via a built-in function.

    • by Americano (920576)

      ... so that it can tell which particular towers & wi-fi hotspots you've seen most recently?

      The point of the database is to help the iPhone determine its own location more quickly. Having a list of a thousand map coordinates that the iPhone has seen "in the last year, sometime," does very little to facilitate that unless the iPhone can also know which ones it has been in range of recently.

  • Fail (Score:4, Insightful)

    by magamiako1 (1026318) on Wednesday April 27, 2011 @10:22AM (#35952498)
    So apple's going to encrypt the location cache on a phone that is otherwise locked, where other people generally don't have access to it other than the device itself, and lower the battery to deal with encryption routines all because people are idiots?

    Sigh...
    • Re: (Score:2, Insightful)

      by Kuukai (865890)
      Wouldn't it take less battery power to write less information? I don't think the original timestamped truckload of information was exactly lean. Saving power doesn't seem like it was a goal...
    • by vlm (69642)

      So apple's going to encrypt the location cache on a phone that is otherwise locked, where other people generally don't have access to it other than the device itself, and lower the battery to deal with encryption routines all because people are idiots?

      The worst part is the encrypted data will almost certainly have a universal "law enforcement" backdoor, or just the same key for all devices which happens to be shared with law enforcement and the underworld in general. Once that leaks, its wide open to everyone but the owners.

    • by machxor (1226486)
      Maybe you haven't been following along but this unencrypted data was available on any computer you backed up to.
    • by MobyDisk (75490)

      The purpose of the encryption is to prevent a rogue app from mining that data.

      1) So no one should encrypt private information if it is only kept on the device itself? So no need to encrypt your bank account files or password lists? No need to lock the doors to your house either.
      2) This will not affect the battery life. Encryption is not that heavy.

  • Moving on (Score:5, Insightful)

    by mudpup (14555) on Wednesday April 27, 2011 @10:23AM (#35952504) Homepage Journal

    Sounds like Apple is taking steps to improve their system and give the paranoid users a easy opt out. Now the question is what are the other phone manufactures doing with their location systems? Especially those who log your data to the cloud?

    • Re:Moving on (Score:5, Interesting)

      by 93 Escort Wagon (326346) on Wednesday April 27, 2011 @10:38AM (#35952712)

      Sounds like Apple is taking steps to improve their system and give the paranoid users a easy opt out. Now the question is what are the other phone manufactures doing with their location systems? Especially those who log your data to the cloud?

      That's a good point. Given their relatively short response and turn-around time on this, I'm wondering if Apple sees the possibility here for turning a negative situation into a positive. Don't get me wrong - I think Apple (and other vendors) should've been doing this from the get-go - but it will be interesting to see (for example) how Google responds, given that their business model is to own as much data about you as possible.

      • by TyFoN (12980)

        The Android location services have allways been opt in with a big warning when you turn it on. If you are even more paranoid just install a custom version of android where you have total control.

  • My wife and I have 2g and 3g iPhones. Apple began blocking the installation of higher iOS systems at the end of the 3.1.3 and 4.2.2 lines, respectively. Since this is a global liability, will Apple update these old phones as well? Or do they remain an outstanding liability?

  • direct link (Score:5, Informative)

    by bidule (173941) on Wednesday April 27, 2011 @10:27AM (#35952560) Homepage

    Why not use the direct link [apple.com] as nothing was added and some was cut?

  • Conclusion: (Score:5, Insightful)

    by Lazareth (1756336) on Wednesday April 27, 2011 @10:32AM (#35952624)

    A perfectly sane feature has now been curtailed effectively by public outcry against perceived violation of privacy. While I agree that it is a good thing the stuff now gets encrypted locally (yay, more encryption of sensitive information!) the grand result is nearly nothing. The way this thing worked was by having a cache of locations stored locally and for those who worry about invasion of privacy this turn of events doesn't change anything - if Big Brother wants to know where you are and where you've been, he need do nothing more than to store where you connect from on his side - something he has always been able to do.

    • by geekoid (135745)

      What about people who are grabbed by their government? Now there Phone can be checked for locations and those location will be at risk whether or not they aided the dissenter.

      So people in areas where there is an oppressive government, or a current uprise against the government, this is a very important issue. Know what cell tower you connected to is one thing, know the exact block or store you where in is another.

      • by SuperKendall (25149) on Wednesday April 27, 2011 @11:06AM (#35953014)

        What about people who are grabbed by their government? Now there Phone can be checked for locations and those location will be at risk whether or not they aided the dissenter....Know what cell tower you connected to is one thing, know the exact block or store you where in is another.

        That's the thing though, it was NOT storing accurate location data. It's cell tower and some WiFi data, generally information you cannot use to tell you were at a specific house or even possibly neighborhood... think 1/4 to 1/2 mile radius, possibly a block but not a store.

      • by Americano (920576)

        Know what cell tower you connected to is one thing, know the exact block or store you where in is another.

        It's a good thing this database never provided that level of detail and precision then, wouldn't you say?

    • I don't think that people who are worried about their privacy are concerned about being tracked via their cell phone. What privacy advocates are concerned about is the erosion of due process.

      Having tracking information on a local device opens the potential for more risk (theft) and abuse (rogue law enforcement). There shouldn't be any reason why any police officer can get that information simply for pulling you over.

      This is very simple to understand. No human being should be entitled to your tracking
    • > A perfectly sane feature has now been curtailed effectively by public outcry against perceived violation of privacy.

      Not local. The file was copied to any machine that syncs the device. In the case of corporate iPhones and iPads, it means your off-duty location track is sitting on a company owned system. On a corporate phone, it's not clear who owns that database, but in reality it's catch-me-if-you-can. Yes, I'd say that I "perceive" that to be a privacy violation.

      Also, what the FUD? No features have b

    • by gad_zuki! (70830)

      Why is this perfectly sane? You only need my last couple hours worth of data for all the mapping functions. You don't need to cache every location since the day I booted the phone.

      The grand result isn't nothing. Sure AT&T and Verizon know what towers you're on but thats not the same as storing your GPS location and now malicious apps can't read that data at all because its not there.

    • by Spykk (823586)
      "Your honor, as you can see from these screenshots I ran the WifeSnoop app on our home computer and found out that my husband was in the neighborhood of his slut of an ex girlfriend on the date in question."
      "That's where my dry clea..."
      "GUILTY AS CHARGED."
    • by MobyDisk (75490)

      The feature may have been reasonably sane, but the outcry was justified. Apple didn't tell anyone it was there, kept it way longer than necessary, and was not clear about what it was used for. Had they been clear from the beginning it would not be an issue. But their response now is quite sensible.

  • by alen (225700)

    it's the reason why my wifi only ipad knows exactly where it is just by the wifi access point it's connected to and nearby wifi access points. i thought it was very nice when i opened up the weather channel app for the first time on it and it knew where i was without me putting in a zip code. and it does this whenever i take it with me

  • I have a question, why collect WiFi hotspot data?

    Remember when Google said that its collection of WiFi hotspots as part of Google Maps was "accidental"?

    Now we learn that the Android phone is still collecting hotspot data and sending it to Google. Doesn't seem so accidental after all.

    Why does any company need this? There is no advertising that is tied to your hotspot/MAC address.
    What can they do with that information, and what can law enforcement do with it?
    • by Arlet (29997)

      WiFi hotspot data can be used to figure out where you are, for when you don't have GPS, or when the GPS doesn't have a satellite fix yet.

    • by Belial6 (794905)
      Google never said that collection of WiFi hotspots was accidental. That would be a totally absurd lie. They were openly collecting data that was designed from the get go to be publicly accessable. If you find Google Street maps to be evil (as some obviously do), then that would be where the complaint lies. The "accident" part of their excuse was concerning how much data they were collecting when they hit an open WiFi hotspot.

      The point of collection the WiFi hotspot data is that WiFi hotspots generall
  • What's the best way to encrypt the database? Encrypt the row data (encryption is done before updating and decrypted after selecting), or encrypt the entire file (sql statements operate on plaintext)?

    • by blueg3 (192743)

      How do you intend to do a select on encrypted data?

      • Ah, I didn't really think of that. It guess that would only work for exact matches.

        enc_city = encrypt(SECRET_KEY, "Boston")
        cursor = select date, time from db where city=enc_city
        loop(cursor):
            plain_date = decrypt(SECRET_KEY, cursor.date)
            plain_time = decrypt(SECRET_KEY, cursor.time) ...

        This would be crazy slow though and highly crippled.

  • From TFA:

    3. Why is my iPhone logging my location? The iPhone is not logging your location. Rather, it’s maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested.

    That is, it's keeping track of known locations near you so it can give you a quicker estimate of your location. Even sounds like this list of locations is downloaded from apple and not gathered by iOS. Why is this so hard for everyone to understand? This is exactly the kind of thing you want your devices to do. If they didn't have it everyone would be bitching about how long it takes for the phone to find your location.

    I know, I know, I expect the internets to not be full of fools and trolls.

    Sig

  • by Posting=!Working (197779) on Wednesday April 27, 2011 @11:34AM (#35953464)

    My favorite answer:

    Why is my iPhone logging my location?
    The iPhone is not logging your location.

    No, they're just logging the location of things you go near and the time you passed by them. This is not a location the same way that "314 Evergreen Street, Pigsknuckle, Arkansas at 2:31:14am on April 17, 2011" is not a location because it doesn't specify if you're inside or outside the house.

    And then, two sentences later...

    iPhone can reduce this time to just a few seconds by using Wi-Fi hotspot and cell tower data to quickly find GPS satellites, and even triangulate its location using just Wi-Fi hotspot and cell tower data when GPS is not available (such as indoors or in basements).

    So they're not tracking your location, just the data needed to triangulate your location. Just like the GPS doesn't track your location, since it also only gives the data needed to triangulate your location.

    The location data that researchers are seeing on the iPhone is not the past or present location of the iPhone, but rather the locations of Wi-Fi hotspots and cell towers surrounding the iPhoneâ(TM)s location

    The data from the GPS is not the location of the receiver, but rather the locations of the satellites surrounding the receiver's location.

    Can Apple locate me based on my geo-tagged Wi-Fi hotspot and cell tower data?
    No. This data is sent to Apple in an anonymous and encrypted form. Apple cannot identify the source of this data.

    Using the preceding logic, it probably only contains your iTunes logon, phone number, SSN, DOB and profile information. But since it doesn't contain your name, they can't identify the source of this data. Also, I would guess that they replace all spaces with an underline, rendering it unreadable and thus encrypted.

    • by rabtech (223758) on Wednesday April 27, 2011 @04:44PM (#35957322) Homepage

      Your characterization is way off.

      So they're not tracking your location, just the data needed to triangulate your location. Just like the GPS doesn't track your location, since it also only gives the data needed to triangulate your location.

      Incorrect; what they are doing is using the known location of one cell tower, WiFi hotspot, or GPS to make a wild guess as to your current location, then going to Apple's servers and downloading a chunk of data that contains all the known cell towers and WiFi points anywhere within up to 100 miles of the WiFi hotspot/cell tower the device originally saw a signal from. This info is written to the cache.

      *IF* an application requests location services, it uses this database to quickly triangulate an approximate current position to help it get a GPS lock extremely quickly (Go read up on GPS - if you have a half-way decent idea of where you are, it makes acquiring a more exact fix much faster - somewhat like turning your TomTom off then back on immediately vs turning it off, flying across the country, then turning it back on... in the latter case it will take a lot longer to get a location). If there is no GPS signal, it can at least give an approximate location to the application that requested it. Location services on iOS allow the app to specify the desired level of accuracy as well as receive the instantaneous accuracy level. If the app only wants to know what zip code you are in the device might not even need to bother turning GPS on - the cache might be enough to get that information.

      In any case, all the database tells you is that of the entire list of cell towers and WiFi hotspots in the database for a given time period, you were near *one* of them somewhere vaguely around that time.

      No, they're just logging the location of things you go near and the time you passed by them. This is not a location the same way that "314 Evergreen Street, Pigsknuckle, Arkansas at 2:31:14am on April 17, 2011" is not a location because it doesn't specify if you're inside or outside the house.

      More like that address just means you were in the city of Pugsknuckle sometime on April 17; you might have been at 314 Evergreen, maybe 325 Evergreen... maybe across town at another address entirely. Maybe you just drove through town on your way to Texas. There is literally no way to know because the chunk of cache you get back can cover a wide area and depends on what the server decides to send you. Two people at the same location at the same time might get different lists back from the server that cover a different geographical area.

      Short version: This is no different then looking at a laptop's recently seen WiFi access point list and trying to claim the laptop is tracking you. All it means is that you were within some distance X (depending on conditions) of that access point sometime in the past.

    • I read it differently. My understanding is that some of that data is not even necessarily towers that you've been near, but towers that are in the vicinity of ones that you're near. So if the phone detects that you're near downtown Whoville, it'll log that, but it'll also pull down information about surrounding towers from the "crowdsourced cache" so that if you wander out a few miles, you'll still have relatively fast geolocation.

      So where your own data may be a fine line through the cell network, the

"Tell the truth and run." -- Yugoslav proverb

Working...