Greg's bite: Apple iNSECURE for business use
TweetFollow Us on Twitter

Greg's bite: Apple iNSECURE for business use

By Greg Mills

This is important news, Apple Mac, iPhone and iPad are not suitable for business use.

While Apple has been pushing for respect from the business community due to increased security features found on Mac computers, iPhone and iPad, it seems they were at the same time secretly gathering location data from unsuspecting users. Apple intentionally created a permanent cache on iPhones and iPad that records its users locations with date stamps.  

This cache is persistently and insecurely backed up on the computer used to sync with the iOS device. This makes both iOS devices absolutely unsuitable for business use due to "location record insecurity."   

On Thursday, CNN broke the story on network TV regarding the surprising intentional insecurity of the Apple infrastructure regarding stored location information. This data was gathered without users opting in and without any way to opt out. The disclosure regarding "location services" found in the iTunes agreement you must agree with to load the software is completely inadequate to inform Apple devices what Apple actually intends to do.

"Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services."

I suggest some additional information they ought to added to the iTunes disclosure:

APPLE intends to track the detailed movements of your iPhone and iPad for our own business purposes using any means at our disposal, GPS, tower locations, WiFi signals or any combination of thereof and make a permanent record of your movements with location time stamped files stored in both the iOS Device and backup that detailed location record on your computer. We will upload that data regularly, at our discretion, to our servers and you will never know we are doing it. Apple doesn't plan to identify you from the location records we upload, but should your computer be lost or stolen your detailed location records and identity will be fully accessible to the thief or who ever finds your Apple device. Further, should someone have physical access to your computer for a little as five minutes they could copy the "Backups" file in your system library and use that file to compromise your detailed and time stamped location data, from the first day you used the device. Apple iOS devices are an open book to computer forensic experts and you may not encrypt or use passwords to make your devices meaningfully secure. Apple will not guarantee that hackers might not be able to remotely gain access to your computer and compromise your location and identity information.  

I am of the opinion a class action lawsuit naming Apple for violation of privacy laws, breech of contract and damages is in absolutely in order. I will personally join as a plaintiff.

Inherent in the iTunes app is programing that automatically sucks location data out of iPhones and iPads when synced to a computer. In Macs the system stores the location data at: Users/Library/Application Support/MobileSync/Backups/ . The data is very specific and time coded. If you have your iPhone or iPad GPS on all the time, there are records of your every move since you loaded iOS 4.0 or turned the device on for the first time.  

This is not an accident. Reports giving Apple the benefit of the doubt that this is not an intentional act are uneducated and don't understand the sophistication of Apple's engineers. Let there be no mistake: Apple did this on purpose for selfish monetary gain.  

Even with locations services turned off, your iOS devices were still tracking you and still reporting back regularly to Apple. This is clearly without adequate notification or permission of the purchasers of the Apple devices.  

Businesses should certainly consider this intentional breech of user security seriously before buying Mac computers, iPhones and iPads. How long does it take to wake up a sleeping MacBook, insert a blank CD, open the hard drive, select the home file, go to Library/Application Support/MobileSync/Backups, drag and drop the Backups file to the CD logo, select "burn disk"? In less than five minutes you have copied the entire location data files for all the iPhones and iPads that ever sync with that computer.

Next, insert the CD into another Mac and then drag and drop the Backups file into the Mobile Sync file of that Mac. Then run the "iPhoneTracker.app and a map pops up divulging the detailed location tracking information of the person you stole the data from.  http://petewarden.github.com/iPhoneTracker/ . Actually, the map is just the conglomeration of all the data. The exact GPS and time stamp can also be accessed with the Backups file.

"So what?" you may ask. Imagine I am dressed as a plumber, but I am really working as an industrial spy for Google. I gain entry to Steve Jobs' hotel room and spot his MacBook Pro sitting on the bedside table. In less than five minutes I am out the door with a detailed location record of Mr. Jobs' travel over the last year on a CD. I can then figure out every place of business he went for the previous year, where he lives, eats out  and most worrisome, deduce which other businesses he was doing business with. Google might thus gain insight into Apple's business plans. 

In another scenario, I am the top salesman for a company with serious competition in my industry. The competitors would dearly love to develop a complete list of my clients. They send in a spy as above and gather the Backups file from the salesman's Apple computer and then use that detailed location information to develop a list of his clients. What company would like to see that happen?

Apples devices are sold all over the world. What if a Chinese dissident was caught with an iPhone? What about other legal backwater jurisdictions in the world where police can search a smartphone without a warrant, such as Libya, Saudi Arabia, the Ninth US Circuit Court District, (which includes California, Oregon, Washington State, Alaska, Arizona, Hawaii, Idaho, Montana and Nevada). To get location information in those privacy deprived places police upon their discretion can copy the entire contents of a smartphone without a warrant or probable cause.  This does not exclude business owned smartphones or iPads.  

That is a problem I call "location insecurity." No business will want to risk that sort of private information getting into the hands of the competition. Apple has just shot itself in the foot in gaining traction in the enterprise market. I strongly advise business users to carefully consider Apple's apparent disregard for location security when making the decision to support iPad and iPhones for business use. These devices are location insecure. 

Apple has violated my trust and I am angry about it. I had a conversation with an Apple Genius at my local Apple store yesterday. I told him who I was and he was aware of MacNews. He told me that even Apple Geniuses were unaware that Apple was storing detailed location services on iOS devices and that he understood my anger and frustration with Apple's behavior. He advised me to email the software engineers who were directly involved with the iOS platform.   

I suggest that a flood of angry email from users and especially iOS developers expressing anger regarding this breech of our trust, that might move Apple to fix the problem quickly.  Go to and tell them what you think.

Trust is earned and betrayal is also earned. I suggest that to restore my trust Apple take the following steps:

1. Admit they were intentionally tracking iOS device owners for Apples location based advertising plans or other selfish purpose without adequate notification to consumers or providing a viable ability to opt out.

2. Quickly provide software updates that will allow users to completely remove all location files on both iOS and Mac devices.

3. Provide information regarding "location files" hidden on computers.

4. Provide a GPS logo in the home screen of iPhones and iPads indicating GPS/Locations services are on

5. Publicly state that Apple will never track its customers again without explicated permission in the future.

Today's Greg's Bite is out of the big Apple

(Greg Mills is currently a graphic and Faux Wall Artist in Kansas City. Formerly a new product R&D man for the paint sundry market, he holds 11 US patents. Greg is an Extra Class Ham Radio Operator, AB6SF, iOS developer and web site designer. He's also working on a solar energy startup using a patent pending process for turning waste dual pane glass window units into thermal solar panels used to heat water see: www.CottageIndustySolar.com Married, with one daughter, Greg writes for intellectual property web sites and on Mac/Tech related issues. See Greg's art web site at http://www.gregmills.info He can be emailed at gregmills@mac.com )

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Apple Configurator 2.6 - Configure and d...
Apple Configurator makes it easy to deploy iPad, iPhone, iPod touch, and Apple TV devices in your school or business. Use Apple Configurator to quickly configure large numbers of devices connected to... Read more
Amadeus Pro 2.4.4 - Multitrack sound rec...
Amadeus Pro lets you use your Mac for any audio-related task, such as live audio recording, digitizing tapes and records, converting between a variety of sound formats, etc. Thanks to its outstanding... Read more
Mellel 4.0.3 - The word processor for sc...
Mellel is the leading word processor for OS X and has been widely considered the industry standard for long form documents since its inception. Mellel focuses on writers and scholars for technical... Read more
Suitcase Fusion 8 19.0.3 - Font manageme...
Suitcase Fusion 8 is the creative professional's font manager. Every professional font manager should deliver the basics: spectacular previews, powerful search tools, and efficient font organization... Read more
Final Cut Pro X 10.4 - Professional vide...
Final Cut Pro X is a professional video editing solution. Completely redesigned from the ground up, Final Cut Pro adds extraordinary speed, quality, and flexibility to every part of the post-... Read more
Compressor 4.4 - Adds power and flexibil...
Compressor adds power and flexibility to Final Cut Pro X export. Customize output settings, work faster with distributed encoding, and tap into a comprehensive set of delivery features. Features... Read more
Cocktail 11.2 - General maintenance and...
Cocktail is a general purpose utility for macOS that lets you clean, repair and optimize your Mac. It is a powerful digital toolset that helps hundreds of thousands of Mac users around the world get... Read more
Microsoft Office 2016 15.41 - Popular pr...
Microsoft Office 2016 - Unmistakably Office, designed for Mac. The new versions of Word, Excel, PowerPoint, Outlook and OneNote provide the best of both worlds for Mac users - the familiar Office... Read more
Motion 5.4 - Create and customize Final...
Motion is designed for video editors, Motion 5 lets you customize Final Cut Pro titles, transitions, and effects. Or create your own dazzling animations in 2D or 3D space, with real-time feedback as... Read more
Apple Pro Video Formats 2.0.6 - Updates...
Apple Pro Video Formats brings updates to Apple's professional-level codes for Final Cut Pro X, Motion 5, and Compressor 4. Pro Video Formats includes support for the following professional video... Read more

Latest Forum Discussions

See All

Lineage 2: Revolution’s end of year upda...
Now available in 54 countries worldwide, Lineage 2: Revolution is continuing its global quest to be the most popular mobile MMORPG by launching a jam-packed end of year update. Complete with many subtle tweaks to help improve users’ online... | Read more »
The 5 best Star Wars games on iOS
The time has almost come.Star Wars: The Last Jedifinally hits theaters in the cinematic event that might be bigger than Christmas. To celebrate, we're taking a look at the best--and only the best--Star Warsmobile games to date. [Read more] | Read more »
Life Is Strange (Games)
Life Is Strange 1.1 Device: iOS Universal Category: Games Price: $2.99, Version: 1.1 (iTunes) Description: Life Is Strange is a five part episodic game that sets out to revolutionize story-based choice and consequence games by... | Read more »
Oddworld: New 'n' Tasty (Game...
Oddworld: New 'n' Tasty 1.0 Device: iOS Universal Category: Games Price: $7.99, Version: 1.0 (iTunes) Description: ** PLEASE NOTE: Requires 3.6GB free space to install. Runs at variable resolutions based on device capabilities.... | Read more »
Gorogoa (Games)
Gorogoa 1.0 Device: iOS Universal Category: Games Price: $4.99, Version: 1.0 (iTunes) Description: Gorogoa is an elegant evolution of the puzzle genre, told through a beautifully hand-drawn story designed and illustrated by Jason... | Read more »
Why Guns of Boom will be big for mobile...
Earlier this week, Game Insight, the minds that brought you Guns of Boom, revealed plans for an esports mode in the popular FPS title, with big implications for the game's future. Guns of Boom has been quite popular for some time now, so it's... | Read more »
The best mobile games to play on lazy ho...
With the holidays in full swing, there's hopefully going to be a lot of time off work lazing around the house. With all of that free time, it's a perfect opportunity to catch up on some mobile games that you might have missed out on earlier this... | Read more »
Rules of Survival guide - how to boost y...
It's not easy surviving in the "every-man-for-himself" world of Rules of Survival. You'll be facing off against many other players who might be more skilled than you, or are luckier than you. There are a lot of factors weighing against you. With... | Read more »
FEZ Pocket Edition (Games)
FEZ Pocket Edition 1.0 Device: iOS Universal Category: Games Price: $4.99, Version: 1.0 (iTunes) Description: | Read more »
Amazing Katamari Damacy guide - beginner...
Amazing Katamari Damacy brings the bizarro world of the original games to mobile and shifts them into an endless format that's just as addictive as the PlayStation entries. Your goal is still to roll as much random stuff as you possibly can, though... | Read more »

Price Scanner via MacPrices.net

Updated Price Trackers: Macs, iPads, iPhones,...
Scan our Apple Price Trackers for the latest information on sales, bundles, and availability on systems from Apple’s authorized internet/catalog resellers. We update the trackers continuously: – 15″... Read more
How to preorder a new iMac Pro and pay zero s...
B&H Photo and Adorama are accepting preorders on multiple configurations of the new Apple iMac Pro. Both resellers charge sales tax for residents of NY & NJ only, and shipping is free.... Read more
Apple Macs back in stock at Amazon with model...
Amazon has MacBook Pros, MacBook Airs, MacBooks, and iMacs on sale for up to $200 off MSRP as part of their Holiday/Christmas sale. Shipping is free. Note that stock of some Macs may come and go (and... Read more
Apple offering free overnight delivery on all...
Apple is now offering free overnight delivery on all in stock products until 3pm local time on December 22nd. This includes new as well as refurbished computers. Click here for more information. Read more
Beats Holiday sale at B&H, headphones and...
B&H Photo has Beats by Dr. Dre headphones, earphones, and speakers on sale for up to $80 off MSRP as part of their Holiday sale. Expedited shipping is free, and B&H charges sales tax to NY... Read more
Holiday sale: Apple resellers offer 2017 15″...
MacMall has 15″ MacBook Pros on sale for $220-$300 off MSRP, each including free shipping: – 15″ 2.8GHz MacBook Pro Space Gray (MPTR2LL/A): $2179, $220 off MSRP – 15″ 2.8GHz MacBook Pro Silver (... Read more
Holiday sale: Apple resellers offer 13″ MacBo...
B&H Photo has 13″ MacBook Pros on sale for up to $150 off MSRP. Shipping is free, and B&H charges sales tax for NY & NJ residents only: – 13-inch 2.3GHz/128GB Space Gray MacBook Pro (... Read more
Apple Watch Series 2, Certified Refurbished,...
Apple has Certified Refurbished Apple Watch Nike+ Series 2s, 42mm Space Gray Aluminum Case with Anthracite/Black Nike Sport Bands, available for $249 (38mm) or $279 (42mm). The 38mm model was out of... Read more
Apple offers Certified Refurbished 2016 12″ R...
Apple has Certified Refurbished 2016 12″ Retina MacBooks available starting at $949. Apple will include a standard one-year warranty with each MacBook, and shipping is free. The following... Read more
B&H drops price on 13″ 256GB MacBook Air...
B&H has the 13″ 1.8GHz/256GB Apple MacBook Air (MQD42LL/A) now on sale for $1079 including free shipping plus NY & NJ sales tax only. Their price is $120 off MSRP, and it’s the lowest price... Read more

Jobs Board

*Apple* Retail - Multiple Positions - Apple,...
Job Description: Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, Read more
Payments Counsel, *Apple* Pay (payments, cr...
# Payments Counsel, Apple Pay (payments, credit/debit) Job Number: 112941729 Santa Clara Valley, California, United States Posted: 13-Dec-2017 Weekly Hours: 40.00 Read more
*Apple* Solutions Consultant - Apple (United...
# Apple Solutions Consultant Job Number: 113124408 Waterford, CT, Connecticut, United States Posted: 17-Oct-2017 Weekly Hours: 40.00 **Job Summary** Are you Read more
QA Automation Engineer, *Apple* Pay - Apple...
# QA Automation Engineer, Apple Pay Job Number: 113202642 Santa Clara Valley, California, United States Posted: 11-Dec-2017 Weekly Hours: 40.00 **Job Summary** At Read more
*Apple* Retail - Multiple Positions - Apple,...
Job Description:SalesSpecialist - Retail Customer Service and SalesTransform Apple Store visitors into loyal Apple customers. When customers enter the store, Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.