SAN FRANCISCO - Privacy watchdogs are demanding answers from Apple Inc. about why iPhones and iPads are secretly collecting location data on users - records that cellular service providers routinely keep but require a court order to disgorge.
It's not clear if other smartphones and tablet computers are logging such information on their users. And this week's revelation that the Apple devices do log information wasn't even new - some security experts began warning about the issue a year ago.
But the worry prompted by a report from researchers Alasdair Allan and Pete Warden at a technology conference in Santa Clara, Calif., raises questions about how much privacy you implicitly surrender by carrying around a smartphone and the responsibility of the smartphone makers to protect sensitive data that flows through their devices.
Much of the concern about the iPhone and iPad tracking stems from the fact the computers are logging users' physical coordinates without users knowing it - and that that information is then stored in an unencrypted form that would be easy for a hacker or a suspicious spouse or a law-enforcement officer to find without a warrant.
Researchers emphasize that there's no evidence that Apple itself has access to this data. The data apparently stays on the device itself, as well as computers the data is backed up to. Apple didn't immediately respond to a request for comment by the Associated Press.
Tracking is a normal part of owning a cellphone. What's done with that data, though, is where the controversy lies.
A central question is whether a smartphone should act merely as a conduit of location data to service providers and approved applications - or as a more active participant by storing the data itself, to make location-based applications run more smoothly or help better target mobile ads or any number of other uses.
Location data is some of the most valuable information a mobile phone can provide, since it can tell advertisers not only where someone's been, but also where they might be going - and what they might be inclined to buy when they get there.
Allan and Warden said the location coordinates and time stamps in the Apple devices aren't always exact, but they appear in a file that typically contains about a year's worth of data that when taken together provide a detailed view of users' travels.
"We're not sure why Apple is gathering this data, but it's clearly intentional, as the database is being restored across backups, and even device migrations," they wrote in a blog posting announcing the research.
Alex Levinson, a security expert, said the tracking Apple's devices do isn't new - or a surprise to those in the computer-forensics community.
The Apple devices have been retaining the information for some time, but it was kept in a different form until the release of the iOS 4 operating software last year, Levinson, technical lead for the Katana Forensics firm, wrote on his blog.
Through his work with law-enforcement agencies, Levinson said he was able to access the location data in older iPhones and warned about the issue over a year ago. The location data is now easier to find because of a change in the way iPhone applications access the data, he said.
"Either way, it is not secret, malicious or hidden," Levinson wrote. "Users still have to approve location access to any application and have the ability to instantly turn off location services to applications inside the settings menu on their device."
Charlie Miller, a prominent iPhone hacker, said a security change that Apple made last month would make extracting the file from the phone in a remote attack very difficult. Even if an attacker were to break into someone's phone looking for the file, he wouldn't have the right privileges to access the file.
The data is "pretty well-protected on the phone," Miller, principal security analyst with Independent Security Evaluators, said in an interview.
But it's a different matter when the data is transferred to another computer in a backup. If the backup computer is infected with malicious software, the file could easily be located and sent to the hacker. A way to protect against that is to encrypt the iPhone backup through iTunes, the researchers said.
by Jordan Robertson Associated Press Apr. 22, 2011 12:00 AM
Apple location tracking questioned
Crave: The Gadget Blog
PCWorld Latest Technology News
CNET TV: Laptops
- ► 2017 (23)
- ► 2016 (75)
- ► 2015 (94)
- ► 2014 (55)
- ► 2013 (126)
- ► 2012 (117)
- How to back up your Android phone - CNET
- Amazon glitch hurts Web clients
- Apple location tracking questioned
- Apple's earnings nearly double
- Closed book: E-readers keep restrictive format
- 'PlayBook' could redeem BlackBerry maker
- Car-charging market is becoming competitive
- Recipient: Stem-cell therapy is God's will
- Cisco plans to shut Flip business
- Flexible plastic screens edge closer to commercial...
- Valley company offers storage, organization
- FCC rules aim to spur wireless-broadband competiti...
- Terror warnings will have 2 levels
- Planned wireless Internet network threatens GPS
- Dish's Blockbuster buy may keep icon alive
- 13 Ugliest Phones of the Mobile Era - Yahoo! Shopp...
- Dish Network, billionaire may bid for Blockbuster
- APS, SRP are providing $99 home energy audits
- AT&T cuts off revenue for Jawa
- U.S. robot to survey Japan plant
- 10 Hilarious Vintage Cellphone Commercials [VIDEOS...
- ▼ April (21)