consolidated.db
The key question for Apple: Given that this file was widely known among iOS forensics experts back in September, why does it still contain historical (as opposed to just recent) location history today?
It’s also, frankly, another reason why I value my iPhone’s “remote nuke” feature and wish it were possible to nuke all data directly from the handset. I can’t think of any circumstance under which my location data would possibly be damaging, incriminating, or even just embarrassing. That’s not the point: if I can’t control the data that my phone is collecting, I should at least have the power to destroy it utterly.
Update (2011-04-22): Guy English:
That said and done, no one has yet asked the really interesting question — if this had happened once Apple was shipping an iOS device that backed up automatically to an Apple server how much more of a shit storm would this have been? A very shittier shit storm is the answer. I’ll bet there’s more than a few managers who’re thinking very carefully about how to make damn sure they don’t have to spend an Easter weekend working to prove to Stuart Smalley that they’re good enough, and smart enough, doggone it.
Update (2011-04-23): F-Secure (via Alex Levinson):
And the real question is: How did Apple create their own location database? They did not have cars driving around the world. They didn’t need to. They had existing iPhone owners around the world do the work for them.
If you run a modern iPhone, it will send your location history to Apple twice a day. This is the default operation of the device.
Update (2011-04-27): Apple:
The iPhone is not logging your location. Rather, it’s maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested. Calculating a phone’s location using just GPS satellite data can take up to several minutes. iPhone can reduce this time to just a few seconds by using Wi-Fi hotspot and cell tower data to quickly find GPS satellites, and even triangulate its location using just Wi-Fi hotspot and cell tower data when GPS is not available (such as indoors or in basements). These calculations are performed live on the iPhone using a crowd-sourced database of Wi-Fi hotspot and cell tower data that is generated by tens of millions of iPhones sending the geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple.
Your location data is being transmitted to Apple, although if you trust that there aren’t bugs in the anonymization and encryption this shouldn’t be of concern. Apple is trying to downplay the accuracy of the data, but it’s certainly accurate enough to track you for some purposes. They will be fixing the OS to cache less data, not back it up, and (in iOS 5) encrypt it on the device.
8 Comments RSS · Twitter
Given that Apple is already transmitting your personal location tracking info from your iOS device to their servers completely separately from consolidated.db
@Chucky It’s not coming to mind what you’re referring to. Do you have a link?
"@Chucky It’s not coming to mind what you’re referring to. Do you have a link?"
Sure. Here ya go. It's old news. (My bolding.)
In its letter to Congress last year ... Apple also said in the letter that it collects Wi-Fi and GPS information when the phone is searching for a cellular connection. Apple said the data it transmits about location aren't associated with a unique device identifier, except for data related to its mobile advertising network.
Apple gathers the data to help build a "database with known location information," the letter says. "This information is batched and then encrypted and transmitted to Apple over a Wi-Fi Internet connection every twelve hours (or later if the device does not have Wi-Fi Internet access at that time)," the company wrote in the July letter to Congress.
My understanding is that consolidated.db is not transmitted to Apple in any way, so the location info is coming from a different mechanism. Consolidated.db could be eliminated in the next iOS update, and the personalized location tracking info will continue to be sent to Apple's servers.
My understanding is also that disabling location services in the iOS prefs will prevent personalized location info from being transmitted to 3rd party iOS apps, but will not prevent personalized location info from being transmitted to Apple servers. However, I don't have a link for this last bit on short notice.
In a post today about consolidated.db, Marco gets it wrong:
Most of what your iPhone knows about you is stored on your iPhone — a device in your physical possession that you can quickly wipe locally or remotely at any time — and, as far as we know, is not transmitted to Apple
(Assuming that he's including personal location info in "most of what your iPhone knows about you", which I am assuming he's doing, since the piece is hooked around consolidated.db.)
The general gist of his post is incorrect as well. Apple's iOS devices and Google's Android devices both transmit a huge amount of personal tracking info on their users to the OS makers' servers. While he is correct that Google currently is using more of that personal info to boost its bottom line than Apple currently is, I don't think Apple is one iota less interested in having future access to that personal info than Google is...
@Chucky Yes, I noticed that, too, and tweeted in response to Arment’s post. No response yet.
"Your location data is being transmitted to Apple, although if you trust that there aren’t bugs in the anonymization and encryption this shouldn’t be of concern"
Well, if I am correctly parsing Apple's carefully worded press release, there is still non-anonymized location data being transferred to Apple's servers via the iAd escape clause.
And there is no reason to suppose Apple isn't storing that non-anonymized location data on its servers in perpetuity, since everyone seems to agree that there is big money to be had in collecting that particular kind of personal data.
So if I'm parsing the press release correctly, if you don't mind Apple having a long-term copy of your personal movements stored on its servers without your consent and without any way to opt-out, then this shouldn't be of concern...
[...] response to the consolidated.db controversy seems to explain what people wanted to know about its crowd-sourced location database and put that [...]
[...] it had already been studied. I wonder whether anything interesting could be deanonymized out of consolidated.db. It doesn’t worry me personally, but it would be nice if Apple provided a way to [...]
"That said and done, no one has yet asked the really interesting question — if this had happened once Apple was shipping an iOS device that backed up automatically to an Apple server how much more of a shit storm would this have been? A very shittier shit storm is the answer."
Given that Apple is already transmitting your personal location tracking info from your iOS device to their servers completely separately from consolidated.db, (something we've known about for many months now), this seems more than a bit besides the point, no?
The consolidated.db kerfuffle has been solely driven by the fact that someone made a groovy map viewer for the data that created pictures that freaked everyone out. Apple could delete consolidated.db going forward, and they will still have a continually updated map of your movements stored on their servers...