Greg's bite: Location iNsecure, a Rotten Apple can't be trusted
TweetFollow Us on Twitter

Greg's bite: Location iNsecure, a Rotten Apple can't be trusted

By Greg Mills

Steve Jobs is the new evil Big Brother. I would like to retract my statement posted November 21, 2010: "Jobs and Apple gone evil? Not so." Remember the iconic Apple commercial of the woman running down the aisle and throwing a hammer at the theater screen picture of big brother (as in the Orwellian novel "1984")?   The evil dictator's image was shattered and we all cheered. Could Steve Job's face become the modern big brother image? This sort of location tracking that came to light last week, previously reserved for the most dangerous criminals has been applied to us all by Apple, and for what? So that Apple could sell stinking pizzas!?

As news of the audaciousness of Apple secretly tracking and recording the detailed movements of everyone who innocently purchased the hugely popular iPhone and iPad sinks in, the question of why Apple did it comes to mind.  While some still want to give Apple the benefit of the doubt, the evidence is overwhelming that the invasion of our privacy was intentional. Apple's engineers are way too methodical to have "accidentally" stored and upload detailed location data compiled on every user of the iOS, for at least a year and likely longer.

Compared to the tenuous relationship Microsoft has with its PC consumers, Apple has historically had a virtual love affair with its faithful. That legendary trust, has been built for years among long term Mac users, who have stood faithfully by their Apple computers when faced with all manor of platform marginalization from the Windows PC world. Thus, this serious betray of our trust is particularly hard to take. Labeled an "odd man out" for years for insisting on using a Mac instead of a PC, I have previously been faced with having to provide my own computer at work, since the company I was with at the time, "didn't support the Mac platform."  Ironically, the art department was able to demand and get a Mac, but as Product Marketing Manager I was forced to use my personal MacBook at work.  

As Apple has grown over the last few years, a sort of corporate mindset corruption has apparently occurred: The fanatical Apple user experience be damned, there is money to be made! Keep in mind, the change was slow and came in incremental stages, but the cynical motives at 1 Infinity Loop can no longer be denied. A fundamental change in corporate philosophy has taken place at Apple.  

Remember the frog placed in cool water on a stove will sit and be cooked to death as the water temperature slowly rises. Dropping that same frog into hot water would have gotten an immediate violent response. It feels like very hot water was just dumped on me in my relationship with Apple. Can we trust Apple to keep our data in the cloud without violating our privacy for some corporate advantage? I don't think so. Who knows how they might abuse that technology?

Apple recently has announced that it is adding a "do not track" feature to Safari to protect the privacy of web surfers; ironically, the much more invasive detailed location tracking features of iPhones and iPads was secretly still in use. I don't think anything would have changed had Apple not been caught with its pants down. I think Apple will be forced to stop tracking its consumers. A normally masterful control of the media by Apple can't control the bad spin in the press over this issue. Apple didn't come forward on its own and offer an opt out for the tracking; they were caught doing it without a meaningful choice by the consumer. I figure I have my ear to the ground on Apple issues, but I will have to admit this shocked and surprised me.

Apple certainly made the decision at the highest levels to get into the digital advertising business and to leverage the Apple platforms to accomplish that, apparently at any cost. When one looks at Google, they are doing a lot of things that make money, but the real serious money they make comes from advertising. Targeted advertising is far more lucrative and profitable than standard broad based advertising. Apple saw that, and the iAd concept was developed.  

If you run a pizza shop, for example, the notion of having an electronic full color interactive digital coupon pop up on cell phones as someone enters a local "geo-fenced" zone, is worth far more than broad un-targeted advertising programs going to hundreds of times more "unfocused consumers".  

Let's say the geo-fenced area is 1/4 of a mile each way along a major street your pizza shop is located on. If you could target potential pizza customers who are being tracked by their phones to those nearby locations, traveling along that road, during the hours between 11 am and 8 pm with a $3.99 medium pizza electronic coupon offer, that would be worth a lot of money to you. If that customer, has also been tracked over a long period of time and has a history of stopping at other pizza shops in town, that is also a value building element to location based advertising. Long term location history has tremendous value to advertising companies, apparently more than the value of customer loyalty to Apple.

The potential for adding the "electronic wallet feature" to future iPhones will leverage the targeting advertising potential even more. People who historically spend money at other pizza shops using their iPhones to pay are certainly choice customers to send electronic coupons to should they venture into your geo-fenced zone. It has been rumored that Apple plans to add an RFID chip to iPhones, that chip would support a "swipe to charge" feature to your cell phone. The iPhone would deduct the pizza charges electronically from your account and also make a note that you buy pizzas. Add that habit information to knowing where you are, and you can see where they are going with this.

It is easy to see why Apple decided to get into the electronic advertising business. The big idea is to push targeted electronic ads to the millions of consumers who also happen to own iPhones and iPads. According to recent polls, a magnitude of half of the current users of iPhones and iPads have no major objection to their locations being tracked by Apple. That however leaves half of us who are infuriated and feel seriously betrayed. I suspect the ranks of the betrayed will increase as the unexpected ramifications of insecure location data becomes better understood. I think that is why Apple didn't disclose more fully what they were doing. Some of us would vocally object if we knew. 

An invasion of privacy as a generalized notion in society rises to a fairly low level of concern. When an invasion of privacy actually happens to you with an unexpected problem resulting, the level of anger suddenly becomes much greater. The result of "location history insecurity" can be individually quite profound. Apple doesn't seem to care when the privacy of Apple individual users are weighed against the potential money they can make selling location based ads. Some years back, the calculus would have been much different. I thought Apple cared about me individually as an avid long term Mac fan. Now I am sure they really don't care about me, nearly as much as I thought they did. 

Beyond  invasion of privacy issues, the lack of meaningful notice that such detailed tracking and location recording would be the default and that a way to opt out of tracking wasn't even offered is a major issue. If half the users of iPhones were willing to submit their locations to Apple why would they track everyone regardless of they way they felt about it? As I understand it even turning off locations services didn't prevent the tracking and records generation based upon tower and Wi-Fi information. Turning off location services ought to mean you don't want to be tracked, period. 
      
As I predicted in Friday's post, a class action lawsuit will certainly be filed over this. A complaint was previously filed in San Jose California by user Jonathan Lalo seeking class action status on questionable Apple location tracking policies. Filed in December of last year, the suit was originally tailored just to take Apple to task for certain iOS apps that used location services without proper notice to consumers. I suspect that lawsuit will be modified to go after Apple for the more pervasive and general secret tracking feature on all iOS devices. See http://www.tgdaily.com/business-and-law-features/53245-apple-sued-over-data-tracking .

There is also the strong possibility that fresh federal lawsuits will be filed, specifically due to the recent secret iOS tracking revelations.  The basis of the likely class action suit is certain to be upon a combination of the violation of existing privacy laws and the lack of meaningful notice that such detailed tracking was taking place and that secret long term records were being kept. 

How can Apple claim the tracking data is "not personably identifiable" when a complete unencrypted record is found on all your personal Apple devices, which are subject to theft, hacking and loss? Give me a blank disk and five minutes access to someones Mac, I will walk away with a complete record of "location data" for every iOS device that syncs with that computer. You can also anticipate that I can figure out who the computer belongs to. So much for the notion of the location logs not being identifiable.   

Further, it wasn't ever disclosed that the computer the iOS devices sync with would also create and maintain a persistent location log going back to the very first day the iOS device was activated. While the attorneys at Apple are sure to yawn at "just another lawsuit," the implications of these suits should be meaningful to Apple.  When long time Apple faithful are so angry they are suddenly willing to sue, can Apple just shrug that off? The old Apple wouldn't want that. I am not so sure about the new Apple. 

I am of the opinion that Apple will move to create an opt in/opt out location tracking history feature common to both the Mac OS and the iOS platforms that will allow existing tracking records to be erased and no longer stored. I am convinced that while the pressure of lawsuits might be a minor factor in forcing them to amend their platforms, the real reason they will move on this issue will be the potential of lost market share. This situation is clearly going to hurt Apple sales of both devices to new users and retard sales to established upgrade customers. I certainly will not replace my aging iPhone 3Gs or iPad 1 or sign up for another year as an iOS developer until I can be darn sure Apple won't continue to abuse my trust.

Apple has been working hard to convince the enterprise and even the military that iOS devices are secure enough to trust with sensitive data. This breech of trust that merely infuriates civilians is much more of a dangerous security threat to potential enterprise and military users. Apple devices are anything but "location data secure." This is a very important defect in data security and is certain to be noticed by decision makers in business and the military.

Imagine an iPhone used by the military being captured and location files downloaded into a Mac laptop. Then the movements of that particular soldier can be graphically mapped showing troop movements in vidid detail, complete with time/date stamps. This sort of compiled location information would be an absolute gold mine to the other side.  Using detailed location data would give an enemy the exact GPS setting for missiles or bombs which would hit the barracks where the soldiers sleep. It also could potentially give away current troop concentrations by remote access to location data hacked over a cellular network.  

What business will be willing to risk the location data for its executive employees falling into the hands of competitors? What unanticipated consequences will befall users of iOS devices, simply due to trusting Apple to do no harm to them?  

I recently did a Faux art job for a customer who personally knew someone who had been fired due to location data stored on a company cell phone. It seems this salesman was spending time "on the clock" with an exotic dancer at a local bar. The bar's location was dutifully tracked and, consequently, the salesman was fired. While that seems absolutely appropriate, it is not hard to anticipate other situations where Apple's secret tracking feature will lead to very unfortunate results, that are not as just.

Imagine the hapless victim of an auto accident, where someone hits them in a serious head on collision. While the car that caused the head on collision was going the wrong way, location data might show the victim was going five miles an hour over the speed limit at the time of the wreck. If the attorney for the wrong way driver's insurance company subpoenas the location data stored on the victims computer and their iPhone, they could then claim the illegal speed of the victim was a contributing factor to the wreck. This, to try get the insurance company off the hook for damages. You own an iPhone you lose. You own a piece of crap, throw away phone, you win.

I predict it will become a common question on interrogatories in lawsuits to ask if the party owns an iPhone or iPad. Data mining that compiled location information could make or break a legal case. Frankly, there are so many unanticipated consequences of insecure location data that are sure to come up, it is clear that location records should not be kept on insecure devices. There can be no doubt, iPhones, iPads and Macs are not "location data secure" and Apple is no longer to be trusted.

If Apple were to limit location data retention to no more than 10 minutes, that wouldn't be so invasive, but yet allow them to use location data. The parts of this whole thing that upset me are first, the lack of meaningful choice I had in participating in the data base, that sensitive insecure files were placed in my computer subjecting my data to misuse and that Apple had to be embarrassed into dealing with this issue. No location data need be stored on computers at all, if the data was automatically erased after uploading to Apple.  "Location Services" being turned off by the user ought to be observed and honored by Apple.  

Until Apple fixes this major security problem users can do the following to protect themselves:

Hook up your iPhone and, separately, your iPad to your computer you sync with.

Click the device bar on the left of the window.

3. In the grey bar on the left of the iTunes window scroll down to "options."

4. The fifth option listed is "Encrypt iPhone backup" click that option and you will be prompted to pick a password

5. Pick your password and follow the on screen instructions.

6. Then Click Sync at the bottom right side of the window.

At this point a bit longer than normal sync will occur as your Mac encrypts the backup data including your location logs.

This is not 100% reliable and encryption can be broken.  It does however make your location data more secure than Apple intended as a default.  This does not secure your data logs held on the iOS devices, which are only marginally more secure than the logs on your computer.  Other than completely erasing your iPhone and throwing away your backup files on your PC, you have done all you can do until Apple fixes this with a security update to both iTunes and the iOS platforms.

Currently, if you live in California, Nevada, Oregon, Washington State, Montana, Alaska, Hawaii or Idaho, the only way you can be sure your location data won't be legally taken from you by police without a warrant is to destroy your iPhone and iPad. In the US Ninth Circuit Court of Appeals' jurisdiction the Police have the right to "search" your iPhone without probable cause and without a warrant. A business iPhone or business iPad is not immune to the police either.  The only way to make your location history secure is really to have never compiled it in the first place or to securely erase the files, which it will take Apple to do. I have contacted Apple and demanded they take steps to erase my location records and to no longer keep such records.

The important legal issues of our "location privacy" and security for our mobile data will likely come before the US Supreme Court someday soon. The issue of the level of privacy of our data is critically important. Increasingly, data is held on tiny portable devices with enough memory to reveal far more about our personal lives than we would like.  

Apple can come out the protector of data privacy or be the worst offender. Right now the jury of public opinion would certainly go against them. Location data held by cell phone networks require a warrant to be released. A warrant requires probable cause be presented to a judge.  Reducing the level of privacy for our data to anything less, is simply not the American way.  Has Apple been breathing too much Chinese air?

That Greg's bitter Bite for today

(Greg Mills is currently a graphic and Faux Wall Artist in Kansas City. Formerly a new product R&D man for the paint sundry market, he holds 11 US patents. Greg is an Extra Class Ham Radio Operator, AB6SF, iOS developer and web site designer. He's also working on a solar energy startup using a patent pending process for turning waste dual pane glass window units into thermal solar panels used to heat water see: www.CottageIndustySolar.com Married, with one daughter, Greg writes for intellectual property web sites and on Mac/Tech related issues. See Greg's art web site at http://www.gregmills.info He can be emailed at gregmills@mac.com )

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Together 3.6.1 - Store and organize all...
Together helps you organize your Mac, giving you the ability to store, edit and preview your files in a single clean, uncluttered interface. Features Smart storage. With simple drag-and-drop... Read more
Cloud 4.1.1 - File sharing from your men...
Cloud is simple file sharing for the Mac. Drag a file from your Mac to the CloudApp icon in the menubar and we take care of the rest. A link to the file will automatically be copied to your clipboard... Read more
OmniFocus 2.7.1 - GTD task manager with...
OmniFocus helps you manage your tasks the way that you want, freeing you to focus your attention on the things that matter to you most. Capturing tasks and ideas is always a keyboard shortcut away in... Read more
CleanApp 5.1.1 - Application deinstaller...
CleanApp is an application deinstaller and archiver.... Your hard drive gets fuller day by day, but do you know why? CleanApp 5 provides you with insights how to reclaim disk space. There are... Read more
ForkLift 3.0 Beta 2 - Powerful file mana...
ForkLift is a powerful file manager and ferociously fast FTP client clothed in a clean and versatile UI that offers the combination of absolute simplicity and raw power expected from a well-executed... Read more
Sublime Text 3126 - Sophisticated text e...
Sublime Text is a sophisticated text editor for code, markup, and prose. You'll love the slick user interface, extraordinary features, and amazing performance. Features Goto Anything. Use Goto... Read more
1Password 6.3.3 - Powerful password mana...
1Password is a password manager that uniquely brings you both security and convenience. It is the only program that provides anti-phishing protection and goes beyond password management by adding Web... Read more
WhatsApp 0.2.1880 - Desktop client for W...
WhatsApp is the desktop client for WhatsApp Messenger, a cross-platform mobile messaging app which allows you to exchange messages without having to pay for SMS. WhatsApp Messenger is available for... Read more
NeoFinder 6.9.3 - Catalog your external...
NeoFinder (formerly CDFinder) rapidly organizes your data, either on external or internal disks, or any other volumes. It catalogs all your data, so you stay in control of your data archive or disk... Read more
Amadeus Pro 2.3.1 - Multitrack sound rec...
Amadeus Pro lets you use your Mac computer for any audio-related task, such as live audio recording, digitizing tapes and records, converting between a variety of sound formats, etc. Thanks to its... Read more

Our 5 Favorite iMessage Sticker Packs
At long last, iMessage joins the ranks of messaging apps the likes of LINE and Whatsapp, adding an impressive collection of stickers. They’re a great way to add a little something extra to your daily conversations. [Read more] | Read more »
How to get past Vulture Island's tr...
Vulture Island is a colorful and quirky mish-mash of platforming and puzzles. It’s creative and fresh, but sometimes the game can throw a curveball at you, leaving you stuck as to how you should progress. These tips will help you explore smoothly... | Read more »
The new Clash of Kings is just for Weste...
If you’ve played the original Clash of Kings, you’ll probably recognise the city building, alliance forging and strategic battles in Clash of Kings: The West. What sets this version apart is that it’s tailor made for a Western audience and the... | Read more »
Frost - Survival card game (Games)
Frost - Survival card game 1.12.1 Device: iOS Universal Category: Games Price: $3.99, Version: 1.12.1 (iTunes) Description: *Warning: the game will work on iPhone 5C and above and iPad Pro / 4. Other devices are not supported* | Read more »
How to build and care for your team in D...
Before you hit the trail and become a dog sledding legend, there’s actually a fair bit of prep work to be done. In Dog Sled Saga, you’re not only racing, you’re also building and caring for a team of furry friends. There’s a lot to consider—... | Read more »
How to win every race in Dog Sled Saga
If I had to guess, I’d say Dog Sled Saga is the most adorable racing game on the App Store right now. It’s a dog sled racing sim full of adorable, loyal puppies. Just look at those fluffy little tails wagging. Behind that cute, pixelated facade is... | Read more »
Let the war games commence in Gunship Ba...
Buzz Lightyear famously said, “This isn’t flying, this is falling – with style!” In the case of Gunship Battle: Second War, though, this really is flying - with style! The flight simulator app from Joycity puts you in control of 20 faithfully... | Read more »
How to get a high score in Fired Up
Fired Up is Noodlecake Games’ high score chasing, firefighting adventure. You take control of a wayward firefighter who propels himself up the side of a highrise with blasts of water. Sound silly? It is. It’s also pretty difficult. You can’t... | Read more »
NBA 2K17 (Games)
NBA 2K17 1.0 Device: iOS iPhone Category: Games Price: $7.99, Version: 1.0 (iTunes) Description: Following the record-breaking launch of NBA 2K16, the NBA 2K franchise continues to stake its claim as the most authentic sports video... | Read more »
Dog Sled Saga (Games)
Dog Sled Saga 1.0.1 Device: iOS Universal Category: Games Price: $3.99, Version: 1.0.1 (iTunes) Description: A game by Dan + Lisa As a rookie musher, foster a dogsledding team whose skills will grow if they're treated right. Week by... | Read more »

Price Scanner via MacPrices.net

Toughbook Celebrates 20 Years of Ruggedized M...
Panasonic System Communications Company of North America, Division of Panasonic Corporation of North America (Panasonic) today celebrates the 20th anniversary of its industry-leading Toughbook mobile... Read more
12-inch 1.1GHz Gray Retina MacBook on sale fo...
B&H Photo has the 2016 12″ 1.1GHz Gray Retina MacBook on sale for $1199.99 including free shipping plus NY sales tax only. Their price is $100 off MSRP. Read more
13-inch 2.5GHz MacBook Pro (Apple refurbished...
Apple has Certified Refurbished 13″ 2.5GHz MacBook Pros available for $829, or $270 off the cost of new models. Apple’s one-year warranty is standard, and shipping is free: - 13″ 2.5GHz MacBook Pros... Read more
Save 30% on Camera Guard’s Secure Protection...
To celebrate the release of macOS Sierra, Miami-based security solutions company, ProtectStar has announced a special 30% discount on Camera Guard Professional for Mac 2016. This innovative security... Read more
DVDFab Special Deal – Get a 1-Year Free Licen...
Beijing, China based specialist in the field of DVD, Blu-ray and video backup solutions, Fengtao Software has launched its Autumn Special Deals 2016, giving a 1-year free license of a randomly picked... Read more
21-inch iMacs on sale for up to $120 off MSRP
B&H Photo has 21″ iMacs on sale for up to $120 off MSRP including free shipping plus NY sales tax only: - 21″ 3.1GHz iMac 4K: $1379 $120 off MSRP - 21″ 2.8GHz iMac: $1199.99 $100 off MSRP - 21″ 1... Read more
13-inch 2.7GHz/256GB Retina MacBook Pro on sa...
Amazon.com has the 13″ 2.7GHz/256GB Retina Apple MacBook Pro on sale for $151 off MSRP including free shipping: - 13″ 2.7GHz/256GB Retina MacBook Pro (sku MF840LL/A): $1348 $151 off MSRP Read more
Apple TVs on sale for up to $50 off MSRP
Best Buy has 32GB and 64GB Apple TVs on sale for $40-$50 off MSRP on their online store. Choose free shipping or free local store pickup (if available). Sale prices for online orders only, in-store... Read more
Apple refurbished 13-inch Retina MacBook Pros...
Apple has Certified Refurbished 13″ Retina MacBook Pros available for up to $270 off the cost of new models. An Apple one-year warranty is included with each model, and shipping is free: - 13″ 2.7GHz... Read more
Duplicate Sweeper Free On Mac App Store For O...
To celebrate the launch of Apple’s latest macOS Sierra, Stafford, United Kingdom based Wide Angle Software has announced that its duplicate file finder software, Duplicate Sweeper, is now available... Read more

Jobs Board

Sr. *Apple* Mac Engineer - Net2Source Inc....
…staffing, training and technology. We have following position open with our client. Sr. Apple Mac Engineer6+ Months CTH Start date : 19th Sept Travelling Job If Read more
*Apple* Retail - Multiple Positions-Norfolk,...
Job Description: Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, Read more
Restaurant Manager (Neighborhood Captain) - A...
…in every aspect of daily operation. WHY YOU'LL LIKE IT: You'll be the Big Apple . You'll solve problems. You'll get to show your ability to handle the stress and Read more
Lead *Apple* Solutions Consultant - Apple (...
# Lead Apple Solutions Consultant Job Number: 51829230 Detroit, Michigan, United States Posted: Sep. 19, 2016 Weekly Hours: 40.00 **Job Summary** The Lead ASC is an Read more
US- *Apple* Store Leader Program - Apple (Un...
…Summary Learn and grow as you explore the art of leadership at the Apple Store. You'll master our retail business inside and out through training, hands-on Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.