Greg's bite: Apple iNSECURE for business use
TweetFollow Us on Twitter

Greg's bite: Apple iNSECURE for business use

By Greg Mills

This is important news, Apple Mac, iPhone and iPad are not suitable for business use.

While Apple has been pushing for respect from the business community due to increased security features found on Mac computers, iPhone and iPad, it seems they were at the same time secretly gathering location data from unsuspecting users. Apple intentionally created a permanent cache on iPhones and iPad that records its users locations with date stamps.  

This cache is persistently and insecurely backed up on the computer used to sync with the iOS device. This makes both iOS devices absolutely unsuitable for business use due to "location record insecurity."   

On Thursday, CNN broke the story on network TV regarding the surprising intentional insecurity of the Apple infrastructure regarding stored location information. This data was gathered without users opting in and without any way to opt out. The disclosure regarding "location services" found in the iTunes agreement you must agree with to load the software is completely inadequate to inform Apple devices what Apple actually intends to do.

"Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services."

I suggest some additional information they ought to added to the iTunes disclosure:

APPLE intends to track the detailed movements of your iPhone and iPad for our own business purposes using any means at our disposal, GPS, tower locations, WiFi signals or any combination of thereof and make a permanent record of your movements with location time stamped files stored in both the iOS Device and backup that detailed location record on your computer. We will upload that data regularly, at our discretion, to our servers and you will never know we are doing it. Apple doesn't plan to identify you from the location records we upload, but should your computer be lost or stolen your detailed location records and identity will be fully accessible to the thief or who ever finds your Apple device. Further, should someone have physical access to your computer for a little as five minutes they could copy the "Backups" file in your system library and use that file to compromise your detailed and time stamped location data, from the first day you used the device. Apple iOS devices are an open book to computer forensic experts and you may not encrypt or use passwords to make your devices meaningfully secure. Apple will not guarantee that hackers might not be able to remotely gain access to your computer and compromise your location and identity information.  

I am of the opinion a class action lawsuit naming Apple for violation of privacy laws, breech of contract and damages is in absolutely in order. I will personally join as a plaintiff.

Inherent in the iTunes app is programing that automatically sucks location data out of iPhones and iPads when synced to a computer. In Macs the system stores the location data at: Users/Library/Application Support/MobileSync/Backups/ . The data is very specific and time coded. If you have your iPhone or iPad GPS on all the time, there are records of your every move since you loaded iOS 4.0 or turned the device on for the first time.  

This is not an accident. Reports giving Apple the benefit of the doubt that this is not an intentional act are uneducated and don't understand the sophistication of Apple's engineers. Let there be no mistake: Apple did this on purpose for selfish monetary gain.  

Even with locations services turned off, your iOS devices were still tracking you and still reporting back regularly to Apple. This is clearly without adequate notification or permission of the purchasers of the Apple devices.  

Businesses should certainly consider this intentional breech of user security seriously before buying Mac computers, iPhones and iPads. How long does it take to wake up a sleeping MacBook, insert a blank CD, open the hard drive, select the home file, go to Library/Application Support/MobileSync/Backups, drag and drop the Backups file to the CD logo, select "burn disk"? In less than five minutes you have copied the entire location data files for all the iPhones and iPads that ever sync with that computer.

Next, insert the CD into another Mac and then drag and drop the Backups file into the Mobile Sync file of that Mac. Then run the "iPhoneTracker.app and a map pops up divulging the detailed location tracking information of the person you stole the data from.  http://petewarden.github.com/iPhoneTracker/ . Actually, the map is just the conglomeration of all the data. The exact GPS and time stamp can also be accessed with the Backups file.

"So what?" you may ask. Imagine I am dressed as a plumber, but I am really working as an industrial spy for Google. I gain entry to Steve Jobs' hotel room and spot his MacBook Pro sitting on the bedside table. In less than five minutes I am out the door with a detailed location record of Mr. Jobs' travel over the last year on a CD. I can then figure out every place of business he went for the previous year, where he lives, eats out  and most worrisome, deduce which other businesses he was doing business with. Google might thus gain insight into Apple's business plans. 

In another scenario, I am the top salesman for a company with serious competition in my industry. The competitors would dearly love to develop a complete list of my clients. They send in a spy as above and gather the Backups file from the salesman's Apple computer and then use that detailed location information to develop a list of his clients. What company would like to see that happen?

Apples devices are sold all over the world. What if a Chinese dissident was caught with an iPhone? What about other legal backwater jurisdictions in the world where police can search a smartphone without a warrant, such as Libya, Saudi Arabia, the Ninth US Circuit Court District, (which includes California, Oregon, Washington State, Alaska, Arizona, Hawaii, Idaho, Montana and Nevada). To get location information in those privacy deprived places police upon their discretion can copy the entire contents of a smartphone without a warrant or probable cause.  This does not exclude business owned smartphones or iPads.  

That is a problem I call "location insecurity." No business will want to risk that sort of private information getting into the hands of the competition. Apple has just shot itself in the foot in gaining traction in the enterprise market. I strongly advise business users to carefully consider Apple's apparent disregard for location security when making the decision to support iPad and iPhones for business use. These devices are location insecure. 

Apple has violated my trust and I am angry about it. I had a conversation with an Apple Genius at my local Apple store yesterday. I told him who I was and he was aware of MacNews. He told me that even Apple Geniuses were unaware that Apple was storing detailed location services on iOS devices and that he understood my anger and frustration with Apple's behavior. He advised me to email the software engineers who were directly involved with the iOS platform.   

I suggest that a flood of angry email from users and especially iOS developers expressing anger regarding this breech of our trust, that might move Apple to fix the problem quickly.  Go to and tell them what you think.

Trust is earned and betrayal is also earned. I suggest that to restore my trust Apple take the following steps:

1. Admit they were intentionally tracking iOS device owners for Apples location based advertising plans or other selfish purpose without adequate notification to consumers or providing a viable ability to opt out.

2. Quickly provide software updates that will allow users to completely remove all location files on both iOS and Mac devices.

3. Provide information regarding "location files" hidden on computers.

4. Provide a GPS logo in the home screen of iPhones and iPads indicating GPS/Locations services are on

5. Publicly state that Apple will never track its customers again without explicated permission in the future.

Today's Greg's Bite is out of the big Apple

(Greg Mills is currently a graphic and Faux Wall Artist in Kansas City. Formerly a new product R&D man for the paint sundry market, he holds 11 US patents. Greg is an Extra Class Ham Radio Operator, AB6SF, iOS developer and web site designer. He's also working on a solar energy startup using a patent pending process for turning waste dual pane glass window units into thermal solar panels used to heat water see: www.CottageIndustySolar.com Married, with one daughter, Greg writes for intellectual property web sites and on Mac/Tech related issues. See Greg's art web site at http://www.gregmills.info He can be emailed at gregmills@mac.com )

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Parallels Desktop 10.2.0 - Run Windows a...
Parallels Desktop is simply the world's bestselling, top-rated, and most trusted solution for running Windows applications on your Mac. With Parallels Desktop for Mac, you can seamlessly run both... Read more
LaunchBar 6.2 - Powerful file/URL/email...
LaunchBar is an award-winning productivity utility that offers an amazingly intuitive and efficient way to search and access any kind of information stored on your computer or on the Web. It provides... Read more
Firefox 37.0 - Fast, safe Web browser. (...
Firefox offers a fast, safe Web browsing experience. Browse quickly, securely, and effortlessly. With its industry-leading features, Firefox is the choice of Web development professionals and casual... Read more
Arq 4.11 - Online backup to Google Drive...
Arq is super-easy online backup for the Mac. Back up to your own Google Drive storage (15GB free storage), your own Amazon Glacier ($.01/GB per month storage) or S3, or any SFTP server. Arq backs up... Read more
MacFamilyTree 7.3.4 - Create and explore...
MacFamilyTree gives genealogy a facelift: it's modern, interactive, incredibly fast, and easy to use. We're convinced that generations of chroniclers would have loved to trade in their genealogy... Read more
Yummy FTP 1.10.2 - FTP/SFTP/FTPS client...
Yummy FTP is an FTP + SFTP + FTPS file transfer client which focuses on speed, reliability and productivity. Whether you need to transfer a few files or a few thousand, schedule automatic backups, or... Read more
VueScan 9.5.08 - Scanner software with a...
VueScan is a scanning program that works with most high-quality flatbed and film scanners to produce scans that have excellent color fidelity and color balance. VueScan is easy to use, and has... Read more
Iridient Developer 3.0.1 - Powerful imag...
Iridient Developer (was RAW Developer) is a powerful image conversion application designed specifically for OS X. Iridient Developer gives advanced photographers total control over every aspect of... Read more
Monodraw 0.8.4.1 - Powerful ASCII art ed...
Monodraw allows you to easily create text-based art (like diagrams, layouts, flow charts) and visually represent algorithms, data structures, binary formats and more. Because it's all just text, it... Read more
Air Video Server HD 2.1.0 - Stream video...
Air Video Server HD streams videos instantly from your computer on your iPhone, iPad, iPod touch or Apple TV. No need to worry about converting or transferring files. We took everything that was... Read more

Marvel Mighty Heroes, the Ultimate Marve...
DeNA and Marvel Entertainment have brought us a new action-packed brawler: Marvel Mighty Heroes. You can play with up to four of your friends as you favorite marvel heroes like Iron Man, Thor, Spider-Man, Captain America, Star-Lord, Hulk, and... | Read more »
Take Note - The Jot Script 2 Evernote Ed...
Adonit's Jot Script 2 sylus has an all-new edition that's meant to be Evernote's BFF. The sylus has been redesigned to work better with iPads and give you faster stroke tracking, smoother line rendering, and better tip-to-line accuracy. | Read more »
INFINIT Lets Mobile Users Send Files of...
Infinit  is a file sharing app that ignores file size limits. It maintains the original quality of your photos and videos so you can be sure they look awesome after sending. You can move entire albums of photos or full HD films from your iPhone to... | Read more »
Serious Sam Double D Developer is Making...
There's nothing like the thrill of watching a horse race, especially when the horses are drunk.  | Read more »
2K Announces WWE 2K, Mobile's First...
It seems like this month has been pretty big for wrestling. First Wrestlemania, then 2K has announces that they're releasing  WWE 2K for iOS. It's a simulation-based WWE game where you'll get to play with several WWE superstars such as John Cena, ... | Read more »
How the Apple Watch Could Change the Fac...
The Apple Watch is still a ways out, but my previous musings on the wearable’s various features got me thinking: what might it be like a year after launch? Two years? Five years? What if it becomes a symbiotic part of the iOS framework to the point... | Read more »
You Can Start Challenging Your Friends t...
Last year we reported that Sebastian Gosztyla's new game, Dual, was theorized to be released sometime during the summer of 2014. Sadly that did not become a reality, but the good news it there is now an official release date. | Read more »
Forgotten Memories : Alternate Realities...
Forgotten Memories : Alternate Realities, from Psychoz Interactive, is planned for release on April 23. The Resident Evil, Silent Hill, and Alone in the Dark inspired horror game puts you in the shoes of Rose Hawkins as she searches for a missing... | Read more »
Pie In The Sky: A Pizza Odyssey (Games)
Pie In The Sky: A Pizza Odyssey 1.0 Device: iOS Universal Category: Games Price: $2.99, Version: 1.0 (iTunes) Description: A game about delivering pizza. In space. | Read more »
Chosen Gives Hopeful Singers, Songwriter...
If YouTube videos and reality TV shows like The Voice have taught us one thing, it’s that there are a lot of people out there who are anxious to show the world their talents. And if they’ve taught us a second thing, it’s that there’s an almost... | Read more »

Price Scanner via MacPrices.net

Will Microsoft’s Surface 3 Give The 12-inch M...
The more I ruminate over the new 12-inch MacBook, the more it occurs that it’s probably going to be more of a cannibalization threat to high-end iPads (including a new 12-inch ‘Pad when/if that... Read more
13-inch 2.4GHz Retina MacBook Pro available f...
MacMall has the 2013 13″ 2.4GHz/128GB Retina MacBook Pro available for $949.99 for a limited time. Shipping is free. Their price is $350 off original MSRP, and it’s the only sub-$1000 new Retina... Read more
Adobe Brings Powerful Layout-Design Capabilit...
Adobe today announced the availability of Adobe Comp CC, a free iPad app that enables rapid creation of layout concepts for mobile, Web and print projects. With Comp CC, designers can rough out and... Read more
13-inch 2.6GHz/256GB Retina MacBook Pro avail...
Best Buy has clearance 2014 13″ 2.6GHz/256GB Retina MacBook Pros available for $1199.99 including free shipping. Their price is $300 off original MSRP, and it’s the lowest price for this model.... Read more
Updated Mac Price Trackers
We’ve updated our Mac Price Trackers with the latest information on prices, bundles, and availability on systems from Apple’s authorized internet/catalog resellers: - 15″ MacBook Pros - 13″ MacBook... Read more
21-inch 1.4GHz iMac on sale for $999, save $1...
Best Buy has the 21″ 1.4GHz iMac on sale for $999.99 on their online store. Choose free shipping or free local store pick up. Price is for online orders only, in-store prices may vary. Their price is... Read more
2.6GHz Mac mini on sale for $649, save $50
Amazon has the 2.6GHz Mac mini on sale for $649.99 including free shipping. Their price is $50 off MSRP, and it’s the lowest price available for this model. Read more
Textkraft Professional 3.2 Powerful iPad Text...
Finally it’s springtime, at least theoretically in my neck of the woods, where we’re still navigating canyons between towering snowbanks with temperatures well below freezing in winter weather that... Read more
Apple offering refurbished 27-inch 5K iMacs f...
The Apple Store is offering Apple Certified Refurbished 27″ 3.5GHz 5K iMacs for $2119 including free shipping. Their price is $380 off the price of new models, and it’s the lowest price available for... Read more
16GB iPad mini on sale for $199, save $50
Walmart has 16GB iPad minis (1st generation) available for $199.99 on their online store, including free shipping. Their price is $50 off MSRP. Online orders only. Read more

Jobs Board

DevOps Software Engineer - *Apple* Pay, iOS...
**Job Summary** Imagine what you could do here. At Apple , great ideas have a way of becoming great products, services, and customer experiences very quickly. Bring Read more
*Apple* Retail - Multiple Positions (US) - A...
Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, you're also the Read more
Sr. Technical Services Consultant, *Apple*...
**Job Summary** Apple Professional Services (APS) has an opening for a senior technical position that contributes to Apple 's efforts for strategic and transactional Read more
Lead *Apple* Solutions Consultant - Retail...
**Job Summary** Job Summary The Lead ASC is an Apple employee who serves as the Apple business manager and influencer in a hyper-business critical Reseller's store Read more
*Apple* Pay - Site Reliability Engineer - Ap...
**Job Summary** Imagine what you could do here. At Apple , great ideas have a way of becoming great products, services, and customer experiences very quickly. Bring Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.