Customize Your Input Devices

Researchers Discover iPhone File That Keeps Track Of Your Moves

Security researchers Alasdair Allan and Pete Warden have discovered a file in Apple’s iOS local backup system that keeps track of your entire location history, in format perfectly readable by a computer. The file, by default stored unencrypted in the iOS database that can be backed up to a computer using iTunes, keeps track of “everywhere you go” by triangulating the 3G signal against the nearest cell towers, and offers a way to private detectives or people who might get their hands on your device / computer to have access to your moves in the past. The researchers have also created an open-source app called iPhoneTracker that recognizes the file from your local iOS backup, parses the results and displays your most-visited locations on a map. The screenshot above, for instance, was taken using my iPhone’s unencrypted backup.

As the researchers note on iPhoneTracker’s webpage, it is unclear why Apple is doing this. Cellphone network providers have been allegedly tracking users’ location for years through their towers, but they never stored the location info locally on a device, nor did they provide a way to back up this information on a computer and parse it. Allan and Warden (who’s a former Apple employee) speculate this might be functional to new location features Apple is working on for future versions of iOS; the location tracking was apparently introduced with iOS 4 last year, and data collected so far might come in handy for the company to build an online location-based social service for iPhone and iPad users. The file, however, was only discovered in the past weeks, and the researchers claim it’s present both on iPhones and iPad 3G units.

Apple has made it possible for almost anybody – a jealous spouse, a private detective – with access to your phone or computer to get detailed information about where you’ve been,” said Pete Warden, one of the researchers.

Warden and Allan point out that the file is moved onto new devices when an old one is replaced: “Apple might have new features in mind that require a history of your location, but that’s our specualtion. The fact that [the file] is transferred across [to a new iPhone or iPad] when you migrate is evidence that the data-gathering isn’t accidental.” But they said it does not seem to be transmitted to Apple itself.

Apple declined to comment, but it’s very clear that the file is created and stored locally without an explicit user’s agreement. As noted by the researchers and other security / privacy experts polled by the Guardian, Apple is storing both location data and timestamps in a readable format that can be accessed from a stolen (possibly also jailbroken) device or a computer. I have tried the iPhoneTracker application personally, and while it really works with unencrypted backups generated using iTunes, choosing to encrypt a backup breaks iPhoneTracker’s functionality – thus granting users an additional level of security. The file, however, is still there – Apple doesn’t offer a way to avoid tracking of your moves.

The discovery of this location-tracking file in the iOS backup system is worrying as it raises question on Apple’s user privacy policy, and the reason why such data is collected without a user’s consent. Apple has been rumored to working on new location features for iOS 5, so the location info might be a solid data foundation for the company to build a new social location service. You can download iPhoneTracker here and try for yourself.

Update: a video and more details by Alasdair Allan at O’Reilly Radar.

All iPhones appear to log your location to a file called “consolidated.db.” This contains latitude-longitude coordinates along with a timestamp. The coordinates aren’t always exact, but they are pretty detailed. There can be tens of thousands of data points in this file, and it appears the collection started with iOS 4, so there’s typically around a year’s worth of information at this point. Our best guess is that the location is determined by cell-tower triangulation, and the timing of the recording is erratic, with a widely varying frequency of updates that may be triggered by traveling between cells or activity on the phone itself.

Unlock MacStories Extras

Club MacStories offers exclusive access to extra MacStories content, delivered every week; it’s also a way to support us directly.

Club MacStories will help you discover the best apps for your devices and get the most out of your iPhone, iPad, and Mac. It’ll also give you access to advanced iOS shortcuts, tips and tricks, and lots more.

Starting at $5/month, with an annual option available.

Join the Club.

A Club MacStories membership includes:

  • MacStories Weekly newsletter, delivered every week on Friday with app collections, tips, iOS workflows, and more;
  • MacStories Unplugged podcast, published monthly with discussions on what we’re working on and more;
  • Monthly Log newsletter, delivered once every month with behind-the-scenes stories, app notes, personal journals, and more;
  • Access to occasional giveaways, discounts, and free downloads.