About the Post

Author Information

Actually, iPhone sends your location to Apple twice a day – F-Secure Weblog : News from the Lab

 

Over on the post “Actually, iPhone sends your location to Apple twice a day – F-Secure Weblog : News from the Lab” contains this text:

“esterday, security researchers Pete Warden and Alasdair Allan released an application that can take such a file and show your movements on a map.

 

Now, this sounds bad from a privacy viewpoint. For example, authorities could gain a court order to do a forensic examination on your phone to figure out where you’ve been.

But why is Apple collecting this information to begin with? We don’t know for sure. But we’re guessing it’s likely related to Apple’s global location database.

Like Google, Apple maintains a global database of the locations of Wi-Fi networks. They use this to get an estimate of your location without using GPS. For example, if your handset sees three hotspots which have MAC addresses that Apple knows are within a certain city block in London, it’s a fair bet you’re in that city block.

We know how Google collected their location database: they recorded them world-wide while they had their Google Maps Street View cars driving around the globe.

Where did Apple get their location database? They used to license it from a company called Skyhook. How did Skyhook obtain this information? Well, they had their own cars drive around the world, just like Google.

However, the Skyhook database is expensive. So beginning with iPhone OS 3.2 released in April 2010, Apple started replacing the Skyhook location database with their own location database.

And the real question is: How did Apple create their own location database? They did not have cars driving around the world. They didn’t need to. They had existing iPhone owners around the world do the work for them.

If you run a modern iPhone, it will send your location history to Apple twice a day. This is the default operation of the device.

How can they do this? By asking for your permission first. There is an opt-in process during initial iTunes installation, but the prompt is highly misleading:

The iTunes prompt talks about helping Apple with Diagnostics information. It says nothing about recording your locations. If you take the time to read Apple’s Privacy Policy, it does explain what they are doing:

To provide location-based services on Apple products, Apple and our partners    and licensees may collect, use, and share precise location data, including the    real-time geographic location of your Apple computer or device.    This location data is collected anonymously in a form that does not personally    identify you and is used by Apple and our partners and licensees to provide and    improve location-based products and services.

We believe the new secret location database found on the devices is connected to this functionality. Apparently iPhones always collect your location information, even if it’s not getting sent to Apple. “

 

No comments yet.

Leave a Reply


Fatal error: Uncaught exception 'wfWAFStorageFileException' with message 'Unable to verify temporary file contents for atomic writing.' in /home/security/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php:30 Stack trace: #0 /home/security/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php(497): wfWAFStorageFile::atomicFilePutContents('/home/security/...', '<?php exit('Acc...') #1 [internal function]: wfWAFStorageFile->saveConfig() #2 {main} thrown in /home/security/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php on line 30