Apple: We 'must have' comprehensive user location data on you
Security researchers unveiled this week that Apple's iPhone was actively logging the whereabouts of users, storing location data into an easily assessable file on the device. But it's not just iPhones that are keeping track of their users.
Apple's iPhone 3G, iPhone 3GS, the iPhone 4, and iPad models are also keeping track of consumers whereabouts. Mac computers running Snow Leopard and even Windows computers running Safari 5 are being watched.
The question is why?
The company has remained silent after researchers Alasdair Allan and Pete Warden revealed this Wednesday that the iPhone was storing logs of users' geographic coordinates in a hidden file.
We're not sure why Apple is gathering this data, but it's clearly intentional, as the database is being restored across backups, and even device migrations," the security experts wrote in their blogs. While Apple has since remained tight-lipped on the matter, not responding to any media-inquires, another privacy snafu last year gives insight into what the company is doing with the information.Apple's iPhone 3G, iPhone 3GS, the iPhone 4, and iPad models are also keeping track of consumers whereabouts. Mac computers running Snow Leopard and even Windows computers running Safari 5 are being watched.
The question is why?
The company has remained silent after researchers Alasdair Allan and Pete Warden revealed this Wednesday that the iPhone was storing logs of users' geographic coordinates in a hidden file.
In June 2010, Congressmen Edward J. Markey, D-Mass., and Joe Barton, R-Texas wrote a letter to Apple CEO Steve Jobs inquiring about Apple's privacy policy and location-based services
In response the company's general counsel Bruce Sewall wrote a letter explaining its practice, and shedding light on the rationale the company uses to monitor users.
"To provide the high quality products and services that its customers demand, Apple must have access to the comprehensive location-based information," Sewall told Congress in the letter.
After emphasizing Apple's commitment to users' privacy, Sewall said that to provide these location-based services, Apple, its partners and licensees, may collect, use and share customers' precise location data, including GPS information, nearby cell towers and neighboring Wi-Fi networks.
While the security researchers Allan and Warden did not confirm whether the devices were actively sending data back to Apple, Sewall said that it was within Apple's right to do so.
"By using any location-based services on your iPhone, you agree and consent to Apple's and its partners' and licensees' transmission, collection, maintenance, processing and use of your location data to provide such products and services," Sewall's letter reads, citing Apple's End User Agreement.
But he added that the information is collected anonymously and the devices give users controls for disabling the features.
In addition to giving Apple customers the ability to turn off all location features with one "on/off" toggle switch, Apple requires applications to get explicit customer approval when it asks for location information for the first time.
Apple also stores the location information in a database only accessibly to Apple, the letter says. This may be the case for data sent to Apple, but Allan and Warden were able to create a program that accessed and mapped user locations from un-encrypted data on the iPhons they examined.
But though Apple says that its location data practices support the services its customers want, analysts and activists say the practice still raises serious questions.
_________________________________________________________________________
iPhone Secretly Tracks and Reports Where You Go
Christina Warren
Mashable
April 20, 2011
___________________________________________________________________________________
Two security researchers have discovered that Apple’s iPhone keeps track of a user’s location and saves that information to a file that is stored both on the device and on a user’s computer when they sync or back it up in iTunes.
The researchers, Pete Warden and Alasdair Allan, discovered the hidden file while collaborating on a potential data visualization project. “At first we weren’t sure how much data was there, but after we dug further and visualised the extracted data, it became clear that there was a scary amount of detail on our movements,” Warden told The Guardian.
You can watch Allan and Warden’s discussion about the data and how it can be surfaced in this video:
.
.
Hidden Tracking Files Found in iPhone, iPad
Published: Thursday, 21 Apr 2011Apple faced questions on Wednesday about the security of its iPhone and iPad after a report that the devices regularly record their locations in a hidden file.
The report came from a technology conference in San Francisco, where two computer programmers presented research showing that the iPhone and 3G versions of the iPad began logging users’ locations a year ago, when Apple [AAPL 352.61 10.20 (+2.98%) ] updated its mobile operating system.
After customers upgraded the software, a new hidden file began periodically storing location data, apparently gleaned from nearby cellphone towers and Wi-Fi networks, along with the time.
The data is stored on a person’s phone or iPad, but when the device is synced to a computer, the file is copied over to the hard drive, the programmers said. The data is not normally encrypted; although users can encrypt their information when they sync their devices, few do.
To some privacy advocates, the storing of the data was a clear breach.
“The secretive collection of location data crosses the privacy line,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center, a privacy policy organization based in Washington.
“Apple should know better than to track iPhone users in this way.” Others said the discovery of the hidden file was unlikely to have a major practical impact on privacy and security.
“It is more symbolic than anything else,” said Tim O’Reilly, a longtime technology pundit and founder of O’Reilly Media.
“It is one more sign of how devices are collecting data about us and potentially sharing it with others. This is the future. We have to figure out how to deal with it.”
Law enforcement officials can already get this type of location information from cellphone companies, Mr. O’Reilly said; there are, however, conflicting rulings in federal courts about whether they need a search warrant.
But sitting on a home computer, the data could now be more vulnerable to access by hackers or others, he said. And information about a person’s locations over time could be accessible to strangers if a phone or iPad was lost or if it was attacked by malware.
The news of what appeared to be a security problem immediately ricocheted across the Internet as bloggers on technology and Apple-centered sites debated the many questions left unanswered by the report.
It is unclear, for example, whether Apple is gaining access to the information in any way. It is also unclear how precise the location data is and why it is being stored at all.
The programmers said they had asked Apple’s product security team about their findings but did not receive a response. Apple also did not respond to a request for comment from The New York Times.
The report even attracted attention from political figures, like Senator Al Franken, Democrat of Minnesota, who sent Apple’s chief executive, Steven P. Jobs, a letter asking why Apple was “secretly compiling” the data and what it would be used for.
Some privacy experts said the issue was not the legality of storing this information but whether Apple was playing fair with its customers.
“Collecting this data is not illegal, but it does matter whether or not this is explicitly spelled out in Apple’s terms of use,” said Christina Gagnier, a lawyer specializing in privacy and copyright.
“Apple constantly changes their privacy policy, and it’s questionable whether most users are aware this is happening.”
Apple has an obligation to its customers to allow them to opt out of being tracked, said Ian Glazer of Gartner Research, who is a director in the company’s identity and privacy group.
“There is no way to really turn this tracking off,” he said. “It needs to be visually obvious, or in the settings, to see that this is happening on your phone.”
Alasdair Allan and Pete Warden presented the paper at the O’Reilly Where 2.0 conference, a gathering of experts on location technology.
Mr. Allan said in a blog post that beyond the issue of storing the information is the question of “how Apple intends to use it — or not.”
Mr. Allan, who has written books that teach people how to program, also said that the data being collected would be transferred to a new product when customers buy a new phone or iPad, and then sync it.
Mr. Warden, a former Apple employee, posted a free downloadable application on his Web site for Mac computers that allows users to see their stored location data on a map.
Whatever the privacy implications, the report was a burst of bad publicity for Apple on a day when it again reported stellar earnings results.
“It doesn’t matter how Apple explains its way out of this, just the fact that consumers know that their phone is being tracked is a very big deal,” said Chenxi Wang, a vice president of Forrester Research who specializes in security and risk.
Donate To Keep This Site Alive
______________________________________________________ ___________________________ . . . .
_____________________________________________________________________________
Recommended links:
http://HermannHearsay.blogspot.com/(Hermann Area News, Commentary & Discussion)
No comments:
Post a Comment