Linked by Thom Holwerda on Thu 21st Apr 2011 21:59 UTC, submitted by Martin
Apple There's a bit of a stink going on - even in major media - about something iOS 4's been doing. Apparently, iOS 4 has been storing a list of locations and timestamps to a hidden, but readable file in a standard database format. The locations are triangulated using cell towers, and generally aren't as accurate as for instance GPS. Still, the file is stored without any form of protection on both your iPhone as well as your desktop.
Thread beginning with comment 470805
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Except they do tell you...
by Thom_Holwerda on Fri 22nd Apr 2011 00:43 UTC in reply to "Except they do tell you..."
Member since:

Cop-out, and you know it. Location data from GPS: ask permission on the device. Location data from cell towers: get permission buried deep in a text no one reads, a text of questionable legality in many European countries?

The discrepancy here is clear to anyone who isn't stuck deep up the RDF's ass. Expecting people to know the difference between the two techniques - or even that different techniques exist in the first place - is idiotic.

Edited 2011-04-22 00:49 UTC

Reply Parent Score: 7

Morgan Member since:

I'm with you on the issue of burying the request for permission in walls of boring and hardly read text: It's despicable.

As for the law enforcement impact of this (nudge nudge), well our guys here in the US still have to get a warrant to search the phone's contents if you don't give them permission to, at least at the level of internal log files and such (there is a gray area regarding what is seen on the screen during a stop-and-frisk). Granted, I'm just a peon so take my word for what it's worth, but this has been the S.O.P. at both agencies I've worked at: One warrant to physically seize the device, and another to search its contents. It's a CYA move so the evidence isn't successfully challenged.

All that said, I can readily see three types of cases where such location data would be worth pursuing, and one isn't even criminal. First is a murder case where the suspect's phone would give clues to the path he took leading up to, during and after the murder. Another would be a drug enforcement investigation, where an accused dealer's phone records could corroborate an undercover agent's movement and activity reports. And finally, in a divorce case where one spouse wants to prove the other was unfaithful. I'm sure there are many other creative ways law enforcement can use this info against suspects, and plaintiffs can use it against defendants in civil court.

I also read this morning in an article on this subject that a company in New York has already assisted police with mining this data from phones and backup files, and has been doing so for a little while.

I personally am not affected as I doubt I'll own an iDevice in the foreseeable future; I loathe both Verizon and AT&T, and have no need or desire for an iPad, 3G or no. However, I am mildly alarmed at the implications, and I wonder how long it will take Apple to fix this issue.

Reply Parent Score: 2

times change...
by kamil_chatrnuch on Fri 22nd Apr 2011 09:23 in reply to "RE[2]: Except they do tell you..."
kamil_chatrnuch Member since:

"The California Supreme Court allowed police Monday to search arrestees' cell phones without a warrant, saying defendants lose their privacy rights for any items they're carrying when taken into custody.

Under U.S. Supreme Court precedents, "this loss of privacy allows police not only to seize anything of importance they find on the arrestee's body ... but also to open and examine what they find," the state court said in a 5-2 ruling."


"Alarmingly, in many cases, extracting data from a mobile device is possible even if the device password is not known. Such extraction techniques take advantage of widely known vulnerabilities that make it disturbingly simple to access data stored on a smartphone by merely plugging the device into a computer and running specialized forensics software. For instance, Android and iPhone devices are vulnerable to a range of exploits, some of which Ars documented in 2009."

source: (page2)

Reply Parent Score: 4

dayalsoap Member since:

"well our guys here in the US still have to get a warrant to search the phone's contents if you don't give them permission to"

No. The federal judge ruled that TSA and border control do not need warrants to search your phones or computers.

Reply Parent Score: 2