iPhone TrackerGate, Reality Check [Analysis]
Hidden, secret, and malicious? Security researchers and common sense weights in to explain why the Apple location tracking / iPhone Consolidated.db tracker is blown out of proportion.
Why iPhone Tracker is Blown Out of Proportion
In contrast to the sensational coverage, the security researchers who made iPhone Tracker note the data in Consolidated.db is NOT sent to Apple:
“There’s no evidence that it’s being transmitted beyond your device and any machines you sync it with.”
In terms of privacy concerns:
“The location is determined by triangulating against the nearest cell-phone towers. This isn’t as accurate as GPS.”
- This database isn’t storing GPS data. It’s just making a rough location fix based on nearby cell towers. The database can’t reveal where you were…only that you were in a certain vicinity. Sometimes it’s miles and miles off. This implies that the logfile’s purpose is to track the performance of the phone and the network, and not the movements of the user.
- A third party couldn’t get access to this file without physical access to your computer or your iPhone. Not unless you’ve jailbroken your iPhone and didn’t bother resetting its remote-access password…or there’s an unpatched exploit that would give Random Person On The Internet root access to your phone.
- It’s pretty much a non-issue if you’ve clicked the “Encrypt iPhone Backup” option in iTunes. Even with physical access to your desktop, a no-goodnik wouldn’t be able to access the logfile.
John Gruber: It’s a Bug
John Gruber also points out, in the same article on Andy Ihnatko analysis, that consolidated.db history keeping is a bug:
My little-birdie-informed understanding is that consolidated.db acts as a cache for location data, and that historical data should be getting culled but isn’t, either due to a bug or, more likely, an oversight. I.e. someone wrote the code to cache location data but never wrote code to cull non-recent entries from the cache, so that a database that’s meant to serve as a cache of your recent location data is instead a persistent log of your location history. I’d wager this gets fixed in the next iOS update.
Alex Levinson, forensic tool developer, points out that the service is NOT new, hidden, nor secret:
How is this data used? It’s used all the time by software running on the phone. Built-In applications such as Maps and Camera use this geolocational data to operate. Apple provides an API for access to location awareness called Core Location.
The information about Apple’s device logs and caches is already published in December 5th, 2010, in his book iOS Forensic Analysis: for iPhone, iPad, and iPod touch (Books for Professionals by Professionals) [Amazon]. In addition, he is not concerned because Apple is not harvesting the data.
Levinson, with Lantern’s Sean Morrissey, already made a tool months ago that does more than iPhone Tracker. The tool, Lantern 2.0 was previewed at DoD Cyber Crimes Conference in Washington, DC In February of 2011.
Apple is Evil?
So, what’s with the faux outrage? Mobile phone companies already keep similar data, but requires court order to access.
Google already USE your location data from Chrome, computers (google search), and phones (especially open wasteland Android phones) to make more money with location targeted ads.
In contrast, Apple currently is not known to be using the user location tracked on Consolidated.db.
- Location from Consolidated.db is not sent to Apple
- Location history of Consolidated.db is NOT GPS, it cannot tell you what house you are in
- Third party has no access to Consolidated.db unless they have physical access to your device
- iTunes device data can be encrypted
- Other companies such as Google actually use your location data to make money