Gizmodo and Boy Genius Report (amongst others) are reporting today that a certain file stored in your iPhone (and thus on your iPhone’s backups, located on your computer) contains “a record of everywhere you’ve been since June”.   Masses have gathered at One Infinite Loop with pitchforks, ready to turn Steve Jobs into Swiss Cheese (OK, […]
" />

Calm Down, Everyone; Your iPhone Is Not Enabling Stalkers Or Big Brother [Updated]

Gizmodo and Boy Genius Report (amongst others) are reporting today that a certain file stored in your iPhone (and thus on your iPhone’s backups, located on your computer) contains “a record of everywhere you’ve been since June”.   Masses have gathered at One Infinite Loop with pitchforks, ready to turn Steve Jobs into Swiss Cheese (OK, I made that part up, but that’s what the mood seems like).   However, as an IT security professional, I’ve taken a look at the data from my own phone, and my conclusion is: Much ado about nothing.   Here’s why:

1.  The data is expectedly inaccurate.

Most of the lat/long pairs I evaluated were not even close to where I actually was at the time – and I mean off by miles.   This is to be expected with cell triangulation, which is relying on signal strength from the received towers to estimate position.   Remember back in the days of the original iPhone when your Google Maps location was often wildly off (or in a huge, blue circle that encompassed a few square miles?  Yeah, that’s what we’re talking about here.    Put your phone to your ear and you’ve got one signal strength value.   Put it back in your pocket and you’ve got another.   Each will be interpreted as a different location.

Here’s one point that I sampled.   I was changing planes at Charlotte Airport.  I never left the terminal.  It’s roughly 3.5 miles off.


(click on the image for a larger version)

As it happens, I had a very hard time finding a data point that DID show me exactly where I was – to the degree that someone who didn’t know me could determine where I had been.    It never once successfully identified my home, work, or any other location that I frequent.   At best, this could be used to show that I was in a given neighborhood – maybe. 


2.  It’s not capturing that much data anyway.

The “security researchers” (to quote Gizmodo) who found the data loudly trumpeted the fact that they had tens of thousands of data points in the table.   Yes, I did too.   However, a further analysis showed that the vast majority were duplicates from a time perspective – meaning that there were multiple lat/longs for the same time (down to the second).   When the time duplicates were removed, suddenly there were only 499 unique data points instead of 23,687.   Some days had hundreds of entries.  Some had dozens.   Some had less than 3.   Some had none at all.   After the date duplicates were also removed, there were 140 points left.   There were 247 days between the first date and the last date of the remaining data points, which means that on nearly half of the days on which data could have been captured, none was.

My iPad, which had only half the amount of time logged (in months), had a mere fraction of data versus the iPhone; only 4528 total records.   Interestingly, the iPad’s last data point, when plotted, was the same at the iPhone’s.   I should have expected that, but didn’t. (And they were both in a town I’ve never been to!)


3. The data is junk.

One particular time point (8/24/2010, 14:00:00 UTC), chosen at random, had 111 entries, and – here’s the kicker – they each had different lat/longs.  


These are the 111 data points mentioned above.   I landed at LaGuardia Airport that day (but you wouldn’t know it, since it never says I was there), and had an interview and breakfast at a hotel just off the airport (on the northwest corner of the concentration of plot points).   However, the data erroneously has me in Manhattan, in the middle of Meadow Lake, and at various other places that I didn’t go to at all.    Put frankly, you cannot, by looking at this data, tell conclusively where I was and where I wasn’t at that date and time.   Scientifically speaking, you can only truly determine that I was in the NYC area that day. 

I should also point out that despite my having spent quite a lot of time at home over the past several months, not one of the 23,687 points was on my home.  None.   The closest one was a half mile away.   The next was 1.5 miles away.   Neither were any of the points even close to the office I’ve been working on a project in, nor the hotel I’ve been staying at – and am writing this article from.    The same goes for last week, when I attended a conference in San Jose – nothing at the conference site, and nothing at the hotel.

The closest the data came to being of any use for tracking purposes centered around a trip I took from MacDill Air Force Base in Tampa, FL to Tyndall Air Force Base in Panama City, FL for a week-long activity.   However, this still wasn’t close as I am never seen on MacDill during the entire trip at all, and am only placed at Tyndall once.   In fact, in all of the data, I am only shown at MacDill once, and I’ve been there several times over the past several months.  

It is difficult to escape the obvious conclusion: for tracking purposes, this data is utterly worthless.

4. The data stays under your control

No one – no one – is alleging at this point that this data ever escapes your control.   It is on your iPhone/iPad and on your computer in the form of backups, and there have been no allegations that it is transmitted in any way to anyone.   If no one else has it, then there’s nothing to worry about.

5. It appears to serve another purpose.

As the “researchers” freely admit, the database includes column headers indicative of common GSM cellular terminology: MCC (Mobile Country Code), MNC (Mobile Network Code), LAC (Local Area Code) and CI (Cell Information).   There are also comparable fields in the CDMA-specific tables.   I checked the MCC and MNC fields with the relevant ITU publications and found that they did indeed identify the US and AT&T, as expected.    While I could certainly concoct nefarious uses for this data, it seems much more likely that this is for troubleshooting purposes – likely for Apple, but perhaps for the carrier as well.   

6.  Compass calibration.

One of the other tables in the database appears to serve some function with compass calibration.   It has X/Y/Z magnetic values and the like.   If this database is for nefarious purposes, then what evil plan does this play a part in?


So, in summary, we have:

  • Very limited data
  • Totally useless for any meaningful tracking purposes
  • Which never leaves your control
  • And appears to have some valid reason for existing

That being said, there is a table named LocationHarvest that had very accurate data of my whereabouts – likely derived from GPS – but only for a 6 minute period.   After some time had passed (with the phone in the same location), I backed it up again, and the data had disappeared, leaving an empty table.  

From a security perspective, I just don’t see anything here to be concerned about.

UPDATE:  Apple has officially responded to this issue, my analysis is here.

Continue reading: