Re: apple tracking yyou?

Fri, 22 Apr 2011 20:33:57 -0700

Then why did apple not respond to the researchers who specifically requested information on this process? As I shared, Apple is taking other steps to indicate their desire to gather data from everyone. Granted there are many lawyers on this list, but my memory of contract class did not suggest any jurisprudence that would give apple a way to add their tracking your movements as a part of their privacy policy. 
Thank about that concept.
Why would apple want to know where you are going, unless someone wants to turn it to a marketing advantage. 
If it is a bug, then why not tell the technicians who did this research?
Karen

On Fri, 22 Apr 2011, Zachary Kline wrote:


Hi All,
.  Don't go pulling out the lawsuits yet.  I have heard more than one report 
that this issue may simply be an undetected iOS bug, involving some improperly 
written code.  If so, it's perhaps unusual in its effect, but not necessarily a 
cause for alarm.  I believe that if anybody reads through the various privacy 
policies companies implement, they'll find there are provisions in them for all 
kinds of things you wouldn't have expected.  I think the reason people are 
talking about this so much is the overdramatic news media coverage.  The tech 
crowd is, on the whole, much more restrained.  Is Apple being malicious in 
doing this?  Possibly, but unlikely.  What was the point?  Is this an oversight 
which has just been exposed in a fashion unusually public?  Quite possibly.  Is 
this part of something which you did legally agree to, even though you didn't 
read the whole agreement?  Very likely.
So, in summary, let's take a step back here and think about this.  I'm willing 
to give Apple the benefit of the doubt here.  They have done remarkable things 
for accessibility, and should be commended.  I don't have an iPhone, but I 
still want one in the near future.  WHo cares how often I go out to eat, except 
me and anyone I go with?
Best,
Zack.
On Apr 22, 2011, at 7:24 PM, Karen Lewellen wrote:


I agree, again since apple has already expressed interest n connecting ads to 
programs, as in you could not use the program until you responded to the ad, 
the file would not need to go anywhere to be used by advertisers.  The article 
on the ads was posted here a few months back.
its a privacy risk as well as a security one.
Karen

On Fri, 22 Apr 2011, James Mannion wrote:


Yes, but if they are collecting the information, obviously they have
intentions for it. They may be implementing their intent in steps.
This honestly really ticks me off. Apple needs to be slammed with a
law suit and lose big if they are doing this secretly. Think about it.
Collecting this information to a file and not being forth coming about
doing it or why? Do you really think they are collecting it just for
you to have such a file? If there were such a silly reason, why not
tell you about it? It is pretty black and white, if it is being
collect into the file, that file is being collected by someone or they
have the intention of doing so in the future. Is there any information
if it is being done when location services is not turned on? Does it
override that location services setting of being off to collect it
anyway? My guess is that it does, but I would not know for sure. Of
course companies want you to believe what they are doing is harmless.
A dishonest hand never plans to be obvious. It's called deception.

On 4/22/11, Aman Singer <aman.sin...@gmail.com> wrote:

Hi, Karen and all.
This has been extensively discussed on the iPhone lists. Here is a
message I sent to those lists with some methods to disable the saving
of the information. You may want to note a few things. First, there
is, as yet, no evidence that this file ever leavves the phone or
computer where it's stored. That doesn't mean it isn't being sent out,
but it does mean that people have looked and haven't found it being
sent out yet. Secondly, the file is stored on both the phone and any
computer which the phone has been backed up to. Therefore, encrypting
backups on the computer might be worthwhile to avoid anyone with
access to the computer being able to obtain the location information.
As it stands, and without evidence that the file is actually leaving
the phone/PC, this is a moderate security issue, in my view, rather
than a large one, or a large privacy breach.
HTH.
Aman


Hi, all.
       First, as to a quick and dirty solution to this particular problem,
there are two. Both require the phone to be jailbroken. The first may
be found at
http://technicalmusings.blogspot.com/2011/04/ios-consolidateddb-workaround-for.html
and is as follows
Looks like Apple is tracking iOS devices an recording that info in clear
text:
http://radar.oreilly.com/2011/04/apple-location-tracking.html

Here's a way to ensure this data is not recorded:

You must have a hacked iOS device, and either Mobile Terminal or an
SSH login.  You must also know the root password.  You first
remove/move this file,
and recreate it as a symbolic link to /dev/null like:

su
cd /System/Library/Frameworks/CoreLocation.framework/Support
rm consolidated.db
ln -s /dev/null consolidated.db

Anything written to this 'file' is sent to /dev/null, so it is not
saved on the file system.  I've done this on a hacked device, and
Location Services
continue to work.

       There is also a program which removes the file at intervals
http://www.ijailbreak.com/cydia/untrackerd-tweak-stop-your-iphoneipad-from-tracking-your-location/
Thanks to Rose Morales, @chicksdigmacs on Twitter, for the alert. I am
not sure about the accessibility of the program, if Rose or anyone
else would care to comment, I would be grateful. I cannot find any
source code for this program, so it's obvious that one should use at
one's own risk. The first method above does not, to my knowledge,
produce any insecurities, the commands given are normal. I am not
familiar enough with links/symlinks on iOS, however, to be sure that this
first method works properly without side-effects. This issue hasn't
been out there long enough to judge. At the very least, I suspect that
restoring an older backup would stop this method from working. Note
that I am not sure what anyone without a jailbroken iPhone can do
about this issue, I have seen no solution for non jailbroken phones.
Note, also, that this file can be accessed from iPhone backups on the
computer, so those should be encrypted or deleted. It can be accessed
with any of the usual tools for Jailbroken iPhones, and with most of
the forensic tools like
http://accessdata.com/products/forensic-investigation/mobile-phone-examiner
       To spread out a bit, and deal with the problem more generally, people
ought to keep in mind, if I may suggest it, that mobile phones are
innately traceable. That isn't because anyone has made them that way,
it's because the phone company needs to know where to route the
information and where it's coming from. This is not something that
anyone can really work around, one can encrypt the information as it
passes, but cannot obfuscate the fact, to my knowledge at least, that
information is passing from and to a specific location. Usually, the
only people aware of the location information, however, are the phone
company and the companies/agencies to which they sell/give the
information. The problem in this case is that this file is stored,
unencrypted, on the phone and computer. By accessing the file, anyone
can get a history of the location of the phone, which might be useful
for many sorts of people, jealous spouses and stalkers who have some
sort of non-private access to the victim come to mind as just two
categories. I think this is more a security, rather than a privacy,
problem just at the moment, nobody has yet detected the sending out of
this file to anyone else, but that isn't conclusive simply because I
have yet to see a decent network sniffer for iOS. If anyone knows of
one, I'd love to hear of it. Anyhow, as it stands, when it comes to
privacy, this is just another reminder, in case one is needed, that
mobile phones are innately public, at least in their location data and
sometimes in everything else, too. If you dislike being tracked at
all, don't carry anything with a chip that can talk to the outside
world, or disable that chip by cutting its power.
Aman

On 4/22/11, Karen Lewellen <klewel...@shellworld.net> wrote:

We talked about the pop up ad possibility a while back, now it seems apple
is gathering data on your whereabouts?
here is the story.
TVBizwire


Researchers Say Apple Is Tracking Locations of Mobile Device
Users betanews

   A team of researchers says Apple is secretly obtaining the
locations of iOS4 users and recording them in a hidden file,
according to a betanews.com report.

   Two of the researchers, Alasdair Allan and Peter Warden of
O'Reilly Media, presented their findings today at the Where 2.0
conference in Santa Clara, Calif.

   According to the story, the revelation raises "obvious privacy
concerns and questions as to why Apple would be storing such
information. The researchers believe it is intentional, as the
file is restored after backups and even when the user switches to
a new device."

The group says the functionality is apparently new to iOS4, the
mobile operating system that runs the latest iPad, iPhone and
iPod touch. The researchers have reportedly tried to contact
Apple's security team but had yet to hear back from the company.
The story reports: "Allan says that the existence of the file on
on your computer is a security risk, as it is both unprotected
and un encrypted. `It can also be easily accessed on the device
itself if it falls into the wrong hands,' he wrote in a blog
post. `Anybody with access to this file knows where you've been
over the last year, since iOS4 was released.'"



http://www.tvweek.com/blogs/tvbizwire/2011/04/researchers-say-apple-is-track.php

http://api.recaptcha.net/noscript?k=6Lcb_78SAAAAAHmtN74lHVK-IOutZhLRidl4tCzl

--
You received this message because you are subscribed to the Google Groups
"MacVisionaries" group.
To post to this group, send email to macvisionaries@googlegroups.com.
To unsubscribe from this group, send email to
macvisionaries+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/macvisionaries?hl=en.




--
You received this message because you are subscribed to the Google Groups
"MacVisionaries" group.
To post to this group, send email to macvisionaries@googlegroups.com.
To unsubscribe from this group, send email to
macvisionaries+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/macvisionaries?hl=en.




--
You received this message because you are subscribed to the Google Groups 
"MacVisionaries" group.
To post to this group, send email to macvisionaries@googlegroups.com.
To unsubscribe from this group, send email to 
macvisionaries+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/macvisionaries?hl=en.




--
You received this message because you are subscribed to the Google Groups 
"MacVisionaries" group.
To post to this group, send email to macvisionaries@googlegroups.com.
To unsubscribe from this group, send email to 
macvisionaries+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/macvisionaries?hl=en.



--
You received this message because you are subscribed to the Google Groups 
"MacVisionaries" group.
To post to this group, send email to macvisionaries@googlegroups.com.
To unsubscribe from this group, send email to 
macvisionaries+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/macvisionaries?hl=en.




--
You received this message because you are subscribed to the Google Groups 
"MacVisionaries" group.
To post to this group, send email to macvisionaries@googlegroups.com.
To unsubscribe from this group, send email to 
macvisionaries+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/macvisionaries?hl=en.

Reply via email to