Security Researcher Alasdair Allan at the University of Exeter has revealed that iPhone and iPad 3G regularly tracks your iOS device and records the co-ordinates along with timestamp in a hidden file.
Allan and Pete Warden will speak about this topic at O’Reilly Where 2.0 Conference that started yesterday at Santa Clara, CA.
Allan has provided the following details about the information that is being recorded:
All iPhones appear to log your location to a file called “consolidated.db.” This contains latitude-longitude coordinates along with a timestamp. The coordinates aren’t always exact, but they are pretty detailed. There can be tens of thousands of data points in this file, and it appears the collection started with iOS 4, so there’s typically around a year’s worth of information at this point. Our best guess is that the location is determined by cell-tower triangulation, and the timing of the recording is erratic, with a widely varying frequency of updates that may be triggered by traveling between cells or activity on the phone itself.
Allan has raised privacy concerns as the hidden file is also backed up to your computer when you sync it, in unencrypted and unprotected form.
There is currently no evidence to suggest that this file is being uploaded to Apple servers but the researchers point out:
“Apple has made it possible for almost anybody – a jealous spouse, a private detective – with access to your phone or computer to get detailed information about where you’ve been.”
The researchers have created an application called iPhone Tracker (download link) that can be used to look at the contents of the hidden file. They have also reached out to Apple for comment but haven’t received a response yet.
If you’re worried about someone accessing this file then you can encrypt the iPhone backups through iTunes (click on your device within iTunes and then check “Encrypt iPhone Backup” under the “Options” area).
You can checkout the video that shows the data points pulled from an iPhone backup plotted on a map:
Are you worried that Apple is recording your location data?
[via O'Reilly Radar]