By Harry McCracken | Wednesday, April 20, 2011 at 8:43 am
Where have you been lately? If you’ve got an iPhone or a 3G iPad, it knows. And two researchers have discovered that these devices store a record of your locations in an unencrypted file that gets backed up to your computer.
The researchers says that the information seems to be based on cell-phone tower triangulation, not GPS. They’re going to discuss what they’ve found at today’s Where 2.0 conference in Santa Clara, California. They’ve also released an open-source Mac application that maps out information from the file. That’s data for the iPad 2 I’ve been using at right, correctly showing that it’s been all around the Bay Area and also visited Austin, Texas.
What’s the file for? Good question. Apple hasn’t yet responded to requests for comment, say the researchers. But it’s a startling discovery, especially considering that iOS devices require that you grant permission before an app gets access to your location. The file apparently has scads of such data, and the Mac app proves that software doesn’t need any permission to dig into it. Apple needs to explain what’s going on, and probably needs to make changes. (Encrypting the file sounds like a good start.)
Should iPhone and iPad owners be worried about this discovery? Me, I’m less rattled about the specific ugly scenarios–which involve people like jealous spouses and private investigators gaining access to the file and snooping on your wanderings–than I am about the general fact that our phones can collect more personal data about us than any gizmo before them. Most of us blithely assume that they’re doing so only in appropriate ways, and are safeguarding it appropriately. This finding is a helpful reminder that we don’t really know what the heck is going on.