A Look Into Apple’s Geo-Location Tracking
At the center of the debate is an unencrypted consolidated.db file which resides within the file system of Apple’s devices. Simply put, this file stores information regarding a user’s whereabouts for over a year. Every 12 hours, the data stored in this file is anonymized and sent to Apple. The reason behind Apple’s design is purely technical and is not as “big brotherish” as some would think. Most users are aware of geo-location tracking on their phones when using GPS features. Most people, however, are unaware that information regarding the range of cellular towers that any given mobile device utilizes for communication are also being stored in this process. This data can technically be used to triangulate a person’s general vicinity depending on which cellular towers are being tapped, which is precisely the cause of recent privacy and security debates. What complicates matters is that users are not given the option to turn this functionality off–unlike GPS. Others – notably Google – also collect geo-location data. The notable difference between the two is that Google does not store this information locally, within the device at hand. So why is this so controversial?
Simply put, anyone with access to a device’s file system can obtain this data, including the criminally-minded. The consequences of this information getting out could range in severity from that point on. Granted, breaking into a mobile device is no walk in the park, it is still possible. In fact, the process of jailbreaking a phone also makes this data readily available.
In the end, users are highly unlikely to toss newer, smarter devices for simpler ones. Therefore, users should be clearly informed of the personal data collected by mobile devices. Apple has yet to release a fix for this, and they may never do so, and as long as this data continues to be collected, the security community and privacy advocates worldwide will continue hovering over a panic button in the coming weeks, possibly months.