iPhone and Location: Don't Panic 362
stonemirror writes "There's a lot of blind panic out there over the discovery of a database file on the iPhone which contains dated location information. Without actually looking at the data, a lot of folks have proclaimed that the 'iPhone is tracking your every move.' I actually did take a look at the data, and it's not doing anything like that."
Anecdotal (Score:5, Insightful)
This story is entirely anecdotal. Sure, it may not be tracking your "every move" but we have no way of knowing if this guy's phone was even on for his whole train ride (for example).
His conclusion is "We don't know why Apple is collecting this information but it's not a big deal." What the hell? How do we know it's not a big deal?
Sorry, Apple, you guys fucked up. A random blog-pologist isn't going to save this one for you.
The Point (Score:5, Insightful)
The point is not what it's currently doing, the point is (a) what COULD be done (by Apple, a malevolent third party, whomever) simply because this information exists when it should not and (b) whether this level of personal tracking information should be stored in the first place without it being clear to the user.
Re:Anecdotal (Score:5, Insightful)
and saying that its OK because 'it isn't accurate' is just fucking stupid. This type of personal intrusion cannot be accepted.
if we don't take action now, we'll settle for nothing later.
Re:Anecdotal (Score:5, Insightful)
This "but my friends are all doing it too" argument did not work when I was a kid and I don't see how it holds water now.
Re:Anecdotal (Score:5, Insightful)
Agreed.
It's not enough to say "Well, you agreed to the TOS" when you know full well nobody reads it. If you are tracking my physical movements, I should have to opt-in to that in an obvious way.
It doesn't even clearly state that this stops if you turn off Location Services, or what happens to the backed up files if you do.
Re:Anecdotal (Score:5, Insightful)
Personal intrusion? your cellphone provider has a nice database of your every move that is accurate. They've had this for years. THAT is what you need to be outraged about, not a file that is safely on your phone that is not sent to anyone.
Re:Anecdotal (Score:4, Insightful)
It's synced to your PC, which is a vulnerability in itself.
Not remotely the same thing (Score:5, Insightful)
The info on Android phones is totally different from iPhones. The infamous iPhone log file records your complete geo-location history since you started using your phone. The Android log file just records your recent coordinates and it overwrites itself regularly.
So even if you get root access on an Android phone, you only end up getting your current location. Most people allow apps to have that permission anyways.
The info on the iPhone is a huge privacy concern. The Android file is a non-issue.
Re:Anecdotal (Score:4, Insightful)
Since this is a cache for the Android, it looks like it could be used to retrieve recent locations for current location based services.
Re:Anecdotal (Score:4, Insightful)
It's synced to your PC, which is a vulnerability in itself.
Is there a way to delete this "consolidated.db" file and replace it with a symlink to /dev/null? Not sure if iPhones have a /dev/null (or equiv.) but Android should.
It'd be interesting to do that and see if it breaks anything. If nothing breaks, even slightly, we can be fairly sure this "feature" provides nothing that benefits the owner of the phone, the paying customer. The question of who does benefit would then become more interesting.
For Apple and Google, this is how you avoid "panic", "hysteria", and various other words used to mischaracterize legitimate questions of trust: document features and files like this in a thorough, open, and easily searched manner instead of waiting for third parties to discover them and speculate about their function. If you refuse to do that, you are setting up this very situation.
Why anyone who is not an employee of Apple and Google would characterize legitimate inquiry as "hysteria" is another interesting question. It's obviously an attempt to dismiss and belittle ("you disagree with me about whether this should be questioned, so obviously you are panicking"). It would seem that in their minds, it's far more reasonable to blame people for wondering if this has privacy implications than it would be to blame the companies for leaving everyone in the dark.
Re:Not remotely the same thing (Score:2, Insightful)
A longer time frame does not make them 'totally different'. It's the exact same data being captured & written to a file - location, strength & ID of nearest cell tower. One is being held indefinitely, one is being held for a few days.
If Apple puts a db purge for data >10 days old, like they should have, it's EXACTLY the same.
However, if Apple purposely dos this so that it always remembers which tower is the best & nearest, then that has some validity too. An option to set a regular purge, or opt out would be better, but that's not available on any platform right now.
What difference does it make? (Score:5, Insightful)
When you decided to turn on a cell phone, you gave up any semblance of privacy that your location has. Worst of all, that data isn't stored in a file you can clear on your phone...It is stored in servers at kind and gentle companies like AT&T and Verizon where it is imminently available to most any agency that needs it.
Google sets cookies in your browser and tracks your location by IP address on every query you make (or map you hit or gmail you read or
If you really want to remain anonymous and not be tracked then don't have or use a cell phone or 3G data service. Don't have any internet service. Constantly clear your browser temp files/data and store them only in a ram disk. Also, change your mac address every time you connect in any way to the internet. Better yet. Pick a random library and use their computer.
Staying away from credit/debit cards would be a good idea as well. Just use cash and buy gift cards.
Re:Rotten Apple (Score:4, Insightful)
if that info is being used for other things (by Apple which has demonstrable need for the info local to the phone, or by Google which has demonstrable need for the info at their map-servers), or by third parties (who don't have legitimate need, in which case this is an Apple security bug, but the "spy on you" piece of evil intent goes to the third party NOT Apple), that's news. The fact that the info is there at all? Not news.
Capability does not prove intent.
Are you serious? We're talking about a for-profit company. Grow up. Apple stated in that PDF link that they will share this info with whoever they damn well please. Based on your argument, that "spy on you" complicity makes Apple intently evil.
the bug may simply be that this buffer isn't being flushed as anticipated
And, no, it isn't a bug...again, if you just read Apple's PDF, they tell you it's intended. Maybe this will help, but I'm beginning to doubt it seeing a pattern in your thoughts:
http://www.wired.com/gadgetlab/2011/04/apple-iphone-tracking/ [wired.com]
Like OnStar?
Are you able to tell the difference between an expensive service that you want to intentionally subscribe to and knowingly pay for, and an unwanted security risk that shows up on the news to surprise everyone because it's first time the public has ever heard of it?
is there a similar location cache on Android? If so, the screech should be just as loud outside of Google's offices and every cell provider's offices. If it's evil for Apple to do, it is equally evil for Google to do, and you either call out both of them or neither of them. Selecting just one reveals the color of one's kneepads.
I thought I did say that Google would be rotten for doing it, but your own screeching must've blinded you. Oh, wait crapple-fanboy-syndrome stuck in a logical loop.
= N9 =