After reading the repeated breathless reports about how our iPhones are spying on us all, I couldn't help but roll my eyes - then I got annoyed. Seriously folks, this is a non-issue.
Yes, iPhones collect general location data that is stored in an unencrypted, easy-to-read file on your iPhone. Yes, this file is transferred to your computer when you sync your iPhone. Yes, anyone who knows how to find this file could read it and determine your historical location data. These things are all true.
What's ridiculous is the hand-wringing and howling from the blogosphere about Apple "spying" on its customers and giving whack-jobs, jealous husbands, or creepy Grindr tricks the ability to track your every move.
This is just stupid.
If you read an article anywhere that says anything like this, leave. They're wrong. They're lying. Or they're just too much of an idiot to know what they're talking about. In any case, here's the real scoop.
How It Works
Your iPhone uses cell tower triangulation along with WiFi hotspot location data to track your phone's efficiency based on location. Mind you, this is not GPS accurate data. In some cases, this location data is off by miles. Did any of you have an original iPhone before they put GPS into them? If so, you know how inaccurate the location information can be. Same thing here.
This data is kept in a file called consolidated.db. Apple uses this data to track tower locations and compare that to phone performance. This data is collected anonymously and you agree to this collection when you click through the terms of service when you activate your phone. No, it wasn't explicitly "disclosed" but the terms of service clearly state they will collect this information.
Also, this is not new. The existence and location of this file has been known for months now. It has only been recently, when the researchers who found it developed a program that will read it and plot the points on a map, that it got any publicity.
The problem lies in that consolidated.db is a plain text file that anyone can read if they have access.
And there's the first key - access. The only way to get your hands on this file is to have access to the actual iPhone or the computer you sync the iPhone to. Let's start with the iPhone.
If someone already has physical access to your iPhone, you're far more screwed by the other information they have than what's stored in this file. They now have your email, your calendar and access to all your notes and the data stored in all the apps on your phone. Hell, they even have your naked pics from your Grindr profile.
With access to all that info, who the hell is going to spend time trying to download a hidden file off the phone? The gold isn't in your historical location data - it's in your other info.
Now let's look at the computer. The simplest way to prevent this file from falling into the wrong hands is to simply click the checkbox in iTunes that encrypts your iPhone backups. Once encrypted, no one can read this file or access the data therein.
But even if it isn't encrypted, again, the data is of little use to anyone other than a jealous lover or a micro-managing boss. Remember - it's historical data. So, it's only as up-to-date and accurate as your latest sync. Myself, I rarely sync my phone and my computer - maybe once a month, sometimes less often.
So, unless I've been lying about where I've been for a long time, again, what use is this information? Instead, once again, if they have access to your computer, you've got far worse problems than this little file that tells people you were at the amusement park that day you called in sick.
Please, everyone, stop with the over-the-top ridiculous fear statements. Another great example is this supposed device the Michigan police have that can download everything off your phone in 90 seconds and will even break passwords.
They may have a device and it may pull data off your SIM card or something else. But there is no such thing as a universal device that will plug into any smart phone and pull off all your data in 90 seconds. This is science fiction fantasy tripe.
As I said previously, if you're reading this breathless, hair-on-fire reporting elsewhere, they're just not credible. They're either lying and distorting or they don't understand the underlying science and technology. In either case, they are making fools of themselves and shouldn't be trusted.
Yes, it's scary to think someone could be tracking you using your iPhone, but that's not happening. If this scares you, then you should seriously consider never using your debit/credit card again. You're giving far more information to far less scrupulous people every time you swipe.
If you're interested in reading up on the real story, Andy Ihnatko does an excellent breakdown of the whole thing on his blog. You can also download the app and see what the security researchers have to say on their website too. Just don't go believing this tripe that Apple, AT&T and Big Brother are out to get you. It's beneath you.