Earlier today, a story broke about a database on the iPhone that appeared to track the user’s location. The implication was that anyone could discover where, and when, the device’s owner had been.
As far as I can see, this is only partially true. I looked at the database on my own phone, and could see places I’ve been, including my home and office. However, contrary to what the current buzz seems to be, it’s not a long-term breadcrumb trail of my activities.
Instead, the database seems to be used for geolocation services, in the event that a live location update is unavailable. In the database on my phone, I found 127,793 entries in the WifiLocation table. Each entry included a MAC address, latitude and longitude, and a timestamp (among other data). How many unique MAC addresses were there? Exactly 127,793. The CellLocation table had similar results – 11,418 entries, each with a unique combination of (MCC, MNC, LAC, and CI) (which should uniquely identify a cell tower).
If my device can’t get a current location from GPS or a cell tower, but it sees a WiFi point that’s in the DB, then it’ll still be able to guess pretty much were I am.
So though this can tell me where I’ve been, it can’t tell me how often I’ve been there. It only seems to record a single visit to each location. At this time, I’m not sure whether it’s the last visit, or the last time anything significant changed. But it’s certainly not going to be able to follow me around town.
Are there privacy implications? Certainly. If the association between a user and a given location should be kept confidential, then this database could reveal that assocation. But I don’t think the concerns are earth-shattering. Frequent users of Google Maps likely disclose far more information to Google than is contained in this file. Even beyond Google maps, mobile users already have location aware google searching in their mobile browser. (though you can opt-out of that)
Bottom line: How can you protect this data on your own device? Simply follow the same steps you take to secure any data on any iOS device: Use a passcode to lock it, and require a password to back it up. These will prevent anyone from simply grabbing your locked phone off a bar and stealing your data. Note, however, that the file does not appear to be encrypted, so if an attacker can jailbreak the phone without unlocking it, they will be able to read the data, no matter the other protections.
UPDATE - 25 April
I’ve spent some time this weekend looking at the data from three iOS devices (with very limited data from a fourth), and my conclusions haven’t changed. This is simply a database to help applications use location-based services faster, and more accurately. This also fits with what many other folks have been saying all along.
The details are probably too boring for this venue, so I’ve posted them here, on my personal blog. It’s a bit wordy, but hopefully it’ll be useful to folks who really want to dig.
Also, I’ve hacked together a simple python script that’ll extract the data from consolidated.db and put it into a nice little KML file. Download it here (but be warned – it’s pretty bare-bones, and if you’ve got a lot of data, it can really slow Google Earth down. :) )