Security researchers at Privacy International (https://www.privacyinternational.org) keeps track of where you go and saves every detail of it to a secret file on the device which is then copied to the owner’s computer when the two are synchronized, according to “The Guardian” (http://macte.ch/RcpCR).
The file contains the latitude and longitude of the phone’s recorded coordinates along with a timestamp, meaning that anyone who stole the phone or the computer could discover details about the owner’s movements using a simple program, the article adds.
“Apple has made it possible for almost anybody — a jealous spouse, a private detective — with access to your phone or computer to get detailed information about where you’ve been,” says Pete Warden, one of the researchers.
Only the iPhone records the user’s location in this way, say Warden and Alasdair Allan, the data scientists who discovered the file and are presenting their findings at the Where 2.0 conference in San Francisco on Wednesday, says “The Guardian.”
“Ever since iOS 4 arrived, your device has been storing a long list of locations and time stamps. We’re not sure why Apple is gathering this data, but it’s clearly intentional, as the database is being restored across backups, and even device migrations,” says Allan (http://macte.ch/lRqW2). “The presence of this data on your iPhone, your iPad, and your backups has security and privacy implications. We’ve contacted Apple’s Product Security team, but we haven’t heard back. What makes this issue worse is that the file is unencrypted and unprotected, and it’s on any machine you’ve synched with your iOS device. It can also be easily accessed on the device itself if it falls into the wrong hands. Anybody with access to this file knows where you’ve been over the last year, since iOS 4 was released.
Alasdair has looked for similar tracking code in [Google’s] Android phones and couldn’t find any, says Warden. They haven’t come across any instances of other phone manufacturers doing this, he adds.
“This is a worrying discovery,” Simon Davies, director of Privacy International, told “The Guardian.” “Location is one of the most sensitive elements in anyone’s life — just think where people go in the evening. The existence of that data creates a real threat to privacy. The absence of notice to users or any control option can only stem from an ignorance about privacy at the design stage.”