THIS WEEK'S SPONSOR:

Kolide

The Fleet Visibility Solution for Mac, Windows, and Linux to Help You Securely Scale Your Business


Researchers Discover iPhone File That Keeps Track Of Your Moves

Security researchers Alasdair Allan and Pete Warden have discovered a file in Apple’s iOS local backup system that keeps track of your entire location history, in format perfectly readable by a computer. The file, by default stored unencrypted in the iOS database that can be backed up to a computer using iTunes, keeps track of “everywhere you go” by triangulating the 3G signal against the nearest cell towers, and offers a way to private detectives or people who might get their hands on your device / computer to have access to your moves in the past. The researchers have also created an open-source app called iPhoneTracker that recognizes the file from your local iOS backup, parses the results and displays your most-visited locations on a map. The screenshot above, for instance, was taken using my iPhone’s unencrypted backup.

As the researchers note on iPhoneTracker’s webpage, it is unclear why Apple is doing this. Cellphone network providers have been allegedly tracking users’ location for years through their towers, but they never stored the location info locally on a device, nor did they provide a way to back up this information on a computer and parse it. Allan and Warden (who’s a former Apple employee) speculate this might be functional to new location features Apple is working on for future versions of iOS; the location tracking was apparently introduced with iOS 4 last year, and data collected so far might come in handy for the company to build an online location-based social service for iPhone and iPad users. The file, however, was only discovered in the past weeks, and the researchers claim it’s present both on iPhones and iPad 3G units.

Apple has made it possible for almost anybody – a jealous spouse, a private detective – with access to your phone or computer to get detailed information about where you’ve been,” said Pete Warden, one of the researchers.

Warden and Allan point out that the file is moved onto new devices when an old one is replaced: “Apple might have new features in mind that require a history of your location, but that’s our specualtion. The fact that [the file] is transferred across [to a new iPhone or iPad] when you migrate is evidence that the data-gathering isn’t accidental.” But they said it does not seem to be transmitted to Apple itself.

Apple declined to comment, but it’s very clear that the file is created and stored locally without an explicit user’s agreement. As noted by the researchers and other security / privacy experts polled by the Guardian, Apple is storing both location data and timestamps in a readable format that can be accessed from a stolen (possibly also jailbroken) device or a computer. I have tried the iPhoneTracker application personally, and while it really works with unencrypted backups generated using iTunes, choosing to encrypt a backup breaks iPhoneTracker’s functionality – thus granting users an additional level of security. The file, however, is still there – Apple doesn’t offer a way to avoid tracking of your moves.

The discovery of this location-tracking file in the iOS backup system is worrying as it raises question on Apple’s user privacy policy, and the reason why such data is collected without a user’s consent. Apple has been rumored to working on new location features for iOS 5, so the location info might be a solid data foundation for the company to build a new social location service. You can download iPhoneTracker here and try for yourself.

Update: a video and more details by Alasdair Allan at O’Reilly Radar.

All iPhones appear to log your location to a file called “consolidated.db.” This contains latitude-longitude coordinates along with a timestamp. The coordinates aren’t always exact, but they are pretty detailed. There can be tens of thousands of data points in this file, and it appears the collection started with iOS 4, so there’s typically around a year’s worth of information at this point. Our best guess is that the location is determined by cell-tower triangulation, and the timing of the recording is erratic, with a widely varying frequency of updates that may be triggered by traveling between cells or activity on the phone itself.

Unlock More with Club MacStories

Founded in 2015, Club MacStories has delivered exclusive content every week for over six years.

In that time, members have enjoyed nearly 400 weekly and monthly newsletters packed with more of your favorite MacStories writing as well as Club-only podcasts, eBooks, discounts on apps, icons, and services. Join today, and you’ll get everything new that we publish every week, plus access to our entire archive of back issues and downloadable perks.

The Club expanded in 2021 with Club MacStories+ and Club Premier. Club MacStories+ members enjoy even more exclusive stories, a vibrant Discord community, a rotating roster of app discounts, and more. And, with Club Premier, you get everything we offer at every Club level plus an extended, ad-free version of our podcast AppStories that is delivered early each week in high-bitrate audio.

Choose the Club plan that’s right for you:

  • Club MacStories: Weekly and monthly newsletters via email and the web that are brimming with app collections, tips, automation workflows, longform writing, a Club-only podcast, periodic giveaways, and more;
  • Club MacStories+: Everything that Club MacStories offers, plus exclusive content like Federico’s Automation Academy and John’s Macintosh Desktop Experience, a powerful web app for searching and exploring over 6 years of content and creating custom RSS feeds of Club content, an active Discord community, and a rotating collection of discounts, and more;
  • Club Premier: Everything in from our other plans and AppStories+, an extended version of our flagship podcast that’s delivered early, ad-free, and in high-bitrate audio.