Across America today, rookie police officers on undercover assignments are in danger of being killed because they carry the wrong cell phone.
Police departments, especially in smaller cities, like to use rookies for undercover work because, often, nobody in town knows the newcomer. A baby-faced graduate fresh from the police academy is the perfect candidate for a buy-and-bust operation. I know people who were used this way. Sometimes the assignment might call for deeper penetration than buy-and-bust.
Now, picture this: A wary drug dealer asks the stranger to hand over her cell phone. The young woman pulls out an iPhone. The dealer plugs the device into a laptop, which quickly determines that the phone — and presumably its owner — has been inside the local police station every day for the past week.
This story is not likely to have a happy ending.
Is it farfetched? I would have thought so before two British researchers, Alasdair Allan and Pete Warden, recently discovered a file called consolidated.db on iPhones and iPads running iOS 4. The file contains a log that includes both latitude-longitude coordinates and timestamps, making it possible to chart movement over time. Allan and Warden have, in fact, already designed an application to do this.
Nothing in Apple’s manuals mentioned this log, nor had Apple ever disclosed its existence to the media.
According to Warden, new entries can appear as frequently as every few minutes. The file is unencrypted and transfers anytime the phone is synchronized with a laptop. A test by The Wall Street Journal revealed that the iPhone continues to log locations in consolidated.db even when the option to use location-based services, such as maps with current location markers, is turned off.
After several days of refusing to speak with reporters, Apple eventually responded in a post on its website. The company explained that the stored latitude-longitude points are not, in fact, locations where the phone has been, but rather the locations of nearby Wi-Fi hotspots and cell towers, some of which may be 100 miles from any place the user has physically visited. Referring to the contents of consolidated.db, Apple said, “This data is not the iPhone’s location data — it is a subset (cache) of the crowd-sourced Wi-Fi hotspot and cell tower database which is downloaded from Apple into the iPhone to assist the iPhone in rapidly and accurately calculating location.” In addition to maintaining this cache, individual phones also regularly transmit information on nearby Wi-Fi hotspots and cell towers back to Apple, to improve the database. This information appears in a form that does not link the location data to any identifying information related to the user, Apple said.
That the data is stored for such a long period of time, that it is included in backups, and that data collection continues when location-based services are turned off are all the results of bugs, according to Apple. The company announced it will release a software update to eliminate the problems sometime in the next few weeks. Phones do not need to store location-based information for more than seven days for all functions to work properly, Apple said.
At around the same time consolidated.db was discovered, research on competing phones running Google’s Android software revealed that they collect location data every few seconds and send it to Google several times an hour. A Google spokesman told The Wall Street Journal that all the information is anonymized, using phone-specific ID numbers not linked to the user’s other account information. He emphasized that users can change their phone’s ID number — but they must perform a factory reset, deleting all stored data, in order to do so.
The spokesman further said that sharing location data from the Android is completely optional. Upon activating the phone, users are asked if they agree to allow Google to receive their information. However, the “agree” box is checked by default, and those who turn off the option are unable to use a variety of location-based functions.
Apple and Google have focused on the usefulness of location-based services for users, but the companies also have interests of their own. Location-based services brought in $2.6 billion in 2010. Annual revenue from the services is expected to reach $8.3 billion by 2014, according to Gartner, a technology industry research firm. Neither Apple nor Google has admitted to selling location data to advertisers, but this could potentially be a large source of income in the future, allowing retailers to specifically target people near their stores.
Sure, it is convenient to be able to locate the nearest pizza parlor or coffee shop with a couple of taps on a touch screen. The (until recently) hidden price of that convenience, for iPhone and Android users, is diminished security and privacy. These smartphones are not just portable mini-computers, but personal tracking devices, and thousands of people carried these devices without realizing it.
Undercover cops are not the only ones endangered by this tracking. Abused and battered spouses are at obvious risk, as are celebrities, wealthy people and others who might be targets for kidnappers and stalkers. Even if location information is not stored locally on phones, the fact that it is transmitted back to the phone’s makers opens up the possibility that a hacker may be able to gain access.
The issue has attracted attention on Capitol Hill. Apple and Google will send representatives to a congressional hearing on consumer privacy and smartphones on May 10. The hearing was organized by Sens. Al Franken, D-Minn., who was one of the first lawmakers to respond to the recent revelations, and Patrick Leahy, D-Vt., the chairman of the Senate Judiciary Committee. The legislators say they want to consider whether existing federal laws are adequate to deal with privacy and other concerns arising out of new mobile technology.
The problem is not that our phones know where we are, or where we’ve been, or that they report this information back to the corporate Mother Ship. All of these are perfectly reasonable functions — as long as we are aware of them and have the opportunity to turn them off without turning our expensive phones into pretty paperweights. The makers are dancing around the point that they were, and are, using customers to gather “crowdsourced” information for their own commercial use as well as to provide service to those customers. Their so-called “bugs” create at least the appearance that Apple and Google wanted to maximize the value of their database by minimizing the number of users who knew enough to opt out of the crowd.
Apple and Google have a lot of explaining to do. Not just to interested senators, but to everyone who has a kid, a spouse or a sibling at the police academy.