Greg's bite: Apple iNSECURE for business use
TweetFollow Us on Twitter

Greg's bite: Apple iNSECURE for business use

By Greg Mills

This is important news, Apple Mac, iPhone and iPad are not suitable for business use.

While Apple has been pushing for respect from the business community due to increased security features found on Mac computers, iPhone and iPad, it seems they were at the same time secretly gathering location data from unsuspecting users. Apple intentionally created a permanent cache on iPhones and iPad that records its users locations with date stamps.  

This cache is persistently and insecurely backed up on the computer used to sync with the iOS device. This makes both iOS devices absolutely unsuitable for business use due to "location record insecurity."   

On Thursday, CNN broke the story on network TV regarding the surprising intentional insecurity of the Apple infrastructure regarding stored location information. This data was gathered without users opting in and without any way to opt out. The disclosure regarding "location services" found in the iTunes agreement you must agree with to load the software is completely inadequate to inform Apple devices what Apple actually intends to do.

"Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services."

I suggest some additional information they ought to added to the iTunes disclosure:

APPLE intends to track the detailed movements of your iPhone and iPad for our own business purposes using any means at our disposal, GPS, tower locations, WiFi signals or any combination of thereof and make a permanent record of your movements with location time stamped files stored in both the iOS Device and backup that detailed location record on your computer. We will upload that data regularly, at our discretion, to our servers and you will never know we are doing it. Apple doesn't plan to identify you from the location records we upload, but should your computer be lost or stolen your detailed location records and identity will be fully accessible to the thief or who ever finds your Apple device. Further, should someone have physical access to your computer for a little as five minutes they could copy the "Backups" file in your system library and use that file to compromise your detailed and time stamped location data, from the first day you used the device. Apple iOS devices are an open book to computer forensic experts and you may not encrypt or use passwords to make your devices meaningfully secure. Apple will not guarantee that hackers might not be able to remotely gain access to your computer and compromise your location and identity information.  

I am of the opinion a class action lawsuit naming Apple for violation of privacy laws, breech of contract and damages is in absolutely in order. I will personally join as a plaintiff.

Inherent in the iTunes app is programing that automatically sucks location data out of iPhones and iPads when synced to a computer. In Macs the system stores the location data at: Users/Library/Application Support/MobileSync/Backups/ . The data is very specific and time coded. If you have your iPhone or iPad GPS on all the time, there are records of your every move since you loaded iOS 4.0 or turned the device on for the first time.  

This is not an accident. Reports giving Apple the benefit of the doubt that this is not an intentional act are uneducated and don't understand the sophistication of Apple's engineers. Let there be no mistake: Apple did this on purpose for selfish monetary gain.  

Even with locations services turned off, your iOS devices were still tracking you and still reporting back regularly to Apple. This is clearly without adequate notification or permission of the purchasers of the Apple devices.  

Businesses should certainly consider this intentional breech of user security seriously before buying Mac computers, iPhones and iPads. How long does it take to wake up a sleeping MacBook, insert a blank CD, open the hard drive, select the home file, go to Library/Application Support/MobileSync/Backups, drag and drop the Backups file to the CD logo, select "burn disk"? In less than five minutes you have copied the entire location data files for all the iPhones and iPads that ever sync with that computer.

Next, insert the CD into another Mac and then drag and drop the Backups file into the Mobile Sync file of that Mac. Then run the "iPhoneTracker.app and a map pops up divulging the detailed location tracking information of the person you stole the data from.  http://petewarden.github.com/iPhoneTracker/ . Actually, the map is just the conglomeration of all the data. The exact GPS and time stamp can also be accessed with the Backups file.

"So what?" you may ask. Imagine I am dressed as a plumber, but I am really working as an industrial spy for Google. I gain entry to Steve Jobs' hotel room and spot his MacBook Pro sitting on the bedside table. In less than five minutes I am out the door with a detailed location record of Mr. Jobs' travel over the last year on a CD. I can then figure out every place of business he went for the previous year, where he lives, eats out  and most worrisome, deduce which other businesses he was doing business with. Google might thus gain insight into Apple's business plans. 

In another scenario, I am the top salesman for a company with serious competition in my industry. The competitors would dearly love to develop a complete list of my clients. They send in a spy as above and gather the Backups file from the salesman's Apple computer and then use that detailed location information to develop a list of his clients. What company would like to see that happen?

Apples devices are sold all over the world. What if a Chinese dissident was caught with an iPhone? What about other legal backwater jurisdictions in the world where police can search a smartphone without a warrant, such as Libya, Saudi Arabia, the Ninth US Circuit Court District, (which includes California, Oregon, Washington State, Alaska, Arizona, Hawaii, Idaho, Montana and Nevada). To get location information in those privacy deprived places police upon their discretion can copy the entire contents of a smartphone without a warrant or probable cause.  This does not exclude business owned smartphones or iPads.  

That is a problem I call "location insecurity." No business will want to risk that sort of private information getting into the hands of the competition. Apple has just shot itself in the foot in gaining traction in the enterprise market. I strongly advise business users to carefully consider Apple's apparent disregard for location security when making the decision to support iPad and iPhones for business use. These devices are location insecure. 

Apple has violated my trust and I am angry about it. I had a conversation with an Apple Genius at my local Apple store yesterday. I told him who I was and he was aware of MacNews. He told me that even Apple Geniuses were unaware that Apple was storing detailed location services on iOS devices and that he understood my anger and frustration with Apple's behavior. He advised me to email the software engineers who were directly involved with the iOS platform.   

I suggest that a flood of angry email from users and especially iOS developers expressing anger regarding this breech of our trust, that might move Apple to fix the problem quickly.  Go to and tell them what you think.

Trust is earned and betrayal is also earned. I suggest that to restore my trust Apple take the following steps:

1. Admit they were intentionally tracking iOS device owners for Apples location based advertising plans or other selfish purpose without adequate notification to consumers or providing a viable ability to opt out.

2. Quickly provide software updates that will allow users to completely remove all location files on both iOS and Mac devices.

3. Provide information regarding "location files" hidden on computers.

4. Provide a GPS logo in the home screen of iPhones and iPads indicating GPS/Locations services are on

5. Publicly state that Apple will never track its customers again without explicated permission in the future.

Today's Greg's Bite is out of the big Apple

(Greg Mills is currently a graphic and Faux Wall Artist in Kansas City. Formerly a new product R&D man for the paint sundry market, he holds 11 US patents. Greg is an Extra Class Ham Radio Operator, AB6SF, iOS developer and web site designer. He's also working on a solar energy startup using a patent pending process for turning waste dual pane glass window units into thermal solar panels used to heat water see: www.CottageIndustySolar.com Married, with one daughter, Greg writes for intellectual property web sites and on Mac/Tech related issues. See Greg's art web site at http://www.gregmills.info He can be emailed at gregmills@mac.com )

 
AAPL
$102.50
Apple Inc.
+0.25
MSFT
$45.43
Microsoft Corpora
+0.55
GOOG
$571.60
Google Inc.
+2.40

MacTech Search:
Community Search:

Software Updates via MacUpdate

Path Finder 6.5.5 - Powerful, award-winn...
Path Finder is a file browser that combines the familiar Finder interface with the powerful utilities and innovative features. Just a small selection of the Path Finder 6 feature set: Dual pane... Read more
QuarkXPress 10.2.1 - Desktop publishing...
With QuarkXPress, you can communicate in all the ways you need to -- and always look professional -- in print and digital media, all in a single tool. Features include: Easy to Use -- QuarkXPress is... Read more
Skype 6.19.0.450 - Voice-over-internet p...
Skype allows you to talk to friends, family and co-workers across the Internet without the inconvenience of long distance telephone charges. Using peer-to-peer data transmission technology, Skype... Read more
VueScan 9.4.41 - Scanner software with a...
VueScan is a scanning program that works with most high-quality flatbed and film scanners to produce scans that have excellent color fidelity and color balance. VueScan is easy to use, and has... Read more
Cloud 3.0.0 - File sharing from your men...
Cloud is simple file sharing for the Mac. Drag a file from your Mac to the CloudApp icon in the menubar and we take care of the rest. A link to the file will automatically be copied to your clipboard... Read more
LibreOffice 4.3.1.2 - Free Open Source o...
LibreOffice is an office suite (word processor, spreadsheet, presentations, drawing tool) compatible with other major office suites. The Document Foundation is coordinating development and... Read more
SlingPlayer Plugin 3.3.20.505 - Browser...
SlingPlayer is the screen interface software that works hand-in-hand with the hardware inside the Slingbox to make your TV viewing experience just like that at home. It features an array of... Read more
Get Lyrical 3.8 - Auto-magically adds ly...
Get Lyrical auto-magically add lyrics to songs in iTunes. You can choose either a selection of tracks, or the current track. Or turn on "Active Tagging" to get lyrics for songs as you play them.... Read more
Viber 4.2.2 - Send messages and make cal...
Viber lets you send free messages and make free calls to other Viber users, on any device and network, in any country! Viber syncs your contacts, messages and call history with your mobile device,... Read more
Cocktail 7.6 - General maintenance and o...
Cocktail is a general purpose utility for OS X that lets you clean, repair and optimize your Mac. It is a powerful digital toolset that helps hundreds of thousands of Mac users around the world get... Read more

Latest Forum Discussions

See All

Rhonna Designs Magic (Photography)
Rhonna Designs Magic 1.0 Device: iOS Universal Category: Photography Price: $1.99, Version: 1.0 (iTunes) Description: Want to sprinkle *magic* on your photos? With RD Magic, you can add colors, filters, light leaks, bokeh, edges,... | Read more »
This Week at 148Apps: August 25-29, 2014
Shiny Happy App Reviews   | Read more »
Qube Kingdom – Tips, Tricks, Strategies,...
Qube Kingdom is a tower defense game from DeNA. You rally your troops – magicians, archers, knights, barbarians, and others – and fight against an evil menace looking to dominate your kingdom of tiny squares. Planning a war isn’t easy, so here are a... | Read more »
Qube Kingdom Review
Qube Kingdom Review By Nadia Oxford on August 29th, 2014 Our Rating: :: KIND OF A SQUARE KINGDOMUniversal App - Designed for iPhone and iPad Qube Kingdom has cute visuals, but it’s a pretty basic tower defense game at heart.   | Read more »
Fire in the Hole Review
Fire in the Hole Review By Rob Thomas on August 29th, 2014 Our Rating: :: WALK THE PLANKUniversal App - Designed for iPhone and iPad Seafoam’s Fire in the Hole looks like a bright, 8-bit throwback, but there’s not enough booty to... | Read more »
Alien Creeps TD is Now Available Worldwi...
Alien Creeps TD is Now Available Worldwide Posted by Ellis Spice on August 29th, 2014 [ permalink ] Universal App - Designed for iPhone and iPad | Read more »
Dodo Master Review
Dodo Master Review By Jordan Minor on August 29th, 2014 Our Rating: :: NEST EGGiPad Only App - Designed for the iPad Dodo Master is tough but fair, and that’s what makes it a joy to play.   | Read more »
Motorsport Manager Review
Motorsport Manager Review By Lee Hamlet on August 29th, 2014 Our Rating: :: MARVELOUS MANAGEMENTUniversal App - Designed for iPhone and iPad Despite its depth and sense of tactical freedom, Motorsport Manager is one of the most... | Read more »
Motorsport Manager – Beginner Tips, Tric...
The world of Motorsport management can be an unforgiving and merciless one, so to help with some of the stress that comes with running a successful race team, here are a few hints and tips to leave your opponents in the dust. | Read more »
CalPal Update Brings the App to 2.0, Add...
CalPal Update Brings the App to 2.0, Adds Lots of New Stuff Posted by Ellis Spice on August 29th, 2014 [ permalink ] | Read more »

Price Scanner via MacPrices.net

Apple now offering refurbished 21-inch 1.4GHz...
The Apple Store is now offering Apple Certified Refurbished 21″ 1.4GHz iMacs for $929 including free shipping plus Apple’s standard one-year warranty. Their price is $170 off the cost of new models,... Read more
Save $50 on the 2.5GHz Mac mini, on sale for...
B&H Photo has the 2.5GHz Mac mini on sale for $549.99 including free shipping. That’s $50 off MSRP, and B&H will also include a free copy of Parallels Desktop software. NY sales tax only. Read more
Save up to $300 on an iMac with Apple refurbi...
The Apple Store has Apple Certified Refurbished iMacs available for up to $300 off the cost of new models. Apple’s one-year warranty is standard, and shipping is free. These are the best prices on... Read more
The Rise of Phablets
Carlisle & Gallagher Consulting Group, a businesses and technology consulting firm focused solely on the financial services industry, has released an infographic depicting the convergence of... Read more
Bad Driver Database App Allows Good Drivers t...
Bad Driver Database 1.4 by Facile Group is a new iOS and Android app that lets users instantly input and see how many times a careless, reckless or just plain stupid driver has been added to the... Read more
Eddy – Cloud Music Player for iPhone/iPad Fre...
Ukraine based CapableBits announces the release of Eddy, its tiny, but smart and powerful cloud music player for iPhone and iPad that allows users to stream or download music directly from cloud... Read more
A&D Medical Launches Its WellnessConnecte...
For consumers and the healthcare providers and loved ones who care for them, A&D Medical, a leader in connected health and biometric measurement devices and services, has launched its... Read more
Anand Lal Shimpi Retires From AnandTech
Anand Lal Shimpi, whose AnandTech Website is famous for its meticulously detailed and thoroughgoing reviews and analysis, is packing it in. Lal Shimpi, who founded the tech site at age 14 in 1997,... Read more
2.5GHz Mac mini, Apple refurbished, in stock...
The Apple Store has Apple Certified Refurbished 2.5GHz Mac minis available for $509, $90 off MSRP. Apple’s one-year warranty is included, and shipping is free. Read more
13-inch 2.5GHz MacBook Pro on sale for $999,...
B&H Photo has the 13″ 2.5GHz MacBook Pro on sale for $999.99 including free shipping plus NY sales tax only. Their price is $100 off MSRP. Read more

Jobs Board

*Apple* Retail - Multiple Positions (US) - A...
Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, you're also the Read more
*Apple* Retail - Multiple Positions (US) - A...
Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, you're also the Read more
*Apple* Retail - Multiple Positions (US) - A...
Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, you're also the Read more
*Apple* Retail - Multiple Positions (US) - A...
Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, you're also the Read more
Senior Event Manager, *Apple* Retail Market...
…This senior level position is responsible for leading and imagining the Apple Retail Team's global event strategy. Delivering an overarching brand story; in-store, Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.