Depends.
Someone could infer that info, if the cell cache says that around 2am you visited the town Harry's is in, and it's the only store open at that time.
That's some town.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Officially Addresses Location Data Controversy
- Thread starter MacRumors
- Start date
- Sort by reaction score
That's some town.
I am amazed with the number of people who use the word privacy when they mean secrecy. This was never a privacy issue, it was a secrecy one, those who complained wanted to keep their data a secret. Their privacy was never in danger, never invaded.
I never read one instance of how this data could be misused to harm someone in a way that couldn't have been done in an easier and more harmful way. I read from those paranoid about law enforcement agencies misusing this data, it would be easier for any corrupt law enforcement agency to falsify location files for you than go through the convoluted path in gaining access to your actual files. You would also find it very difficult to use the actual files on your iPhone as a defence as they show such random inaccurate data (look at the number of people including myself who have a log erroneously showing them to have visited Las Vegas!). There were more cheating men worried about their wives finding out their whereabouts than I have heard in a long time, again wanting to gain secrecy, not privacy; let's face it your wife has a right to know where you are!
Be careful of your secrets, they may creep up and bite you one day.
I never read one instance of how this data could be misused to harm someone in a way that couldn't have been done in an easier and more harmful way. I read from those paranoid about law enforcement agencies misusing this data, it would be easier for any corrupt law enforcement agency to falsify location files for you than go through the convoluted path in gaining access to your actual files. You would also find it very difficult to use the actual files on your iPhone as a defence as they show such random inaccurate data (look at the number of people including myself who have a log erroneously showing them to have visited Las Vegas!). There were more cheating men worried about their wives finding out their whereabouts than I have heard in a long time, again wanting to gain secrecy, not privacy; let's face it your wife has a right to know where you are!
Be careful of your secrets, they may creep up and bite you one day.
Ummm.... Reading a little further down in that same Arstechnica article you cite, it says "Further analysis by developers and security experts suggests that the data points recorded are more likely cell tower and WiFi basestation locations, and not necessarily actual device locations.".
.
.
You need to think more like a criminal, someone that want to create mischeif, or someone that wants to cause you harm. Using that viewpoint, you may be able to more easily come up with an instance of where the data could be used in a harmful way.
Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_2 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Mobile/8H7)
I was saying that when you are in public you have no right to an expectation that your location will be a secret.
samcraig said:
Wrong. Are you saying that my privacy can't be violated if someone breaks into my car? That my privacy can't be violated by someone illegally tapping my cell phone? That my privacy can't be violated if someone breaks into my doctors office and opens my medical records?
Perhaps you just wanted to think you were being cute/clever with your short post. But you're wrong
Surely you perceive the difference between potential misuse but no actual evidence of such, and actual felony theft.
(And I'll stop calling you Shirley
I do. I just don't see the point in discussing Sony when Sony has nothing to do with Apple's DB file which is the actual topic here.
I was saying that when you are in public you have no right to an expectation that your location will be a secret.
Credibility is a funny thing, after its gone there is nothing to cash against.
logging personal data indefinitely in unencrypted form - "Bug"
logging personal data with location services disabled - "Bug"
Those are two big arse bugs! How many other "Bugs" have they got in there?
This is the classic PR mistake, not admitting what you are doing, refusing to be humble about it and expecting your users to be idiots. Jobs himself assured us that disabling location services would prevent tracking. Despite the spin the net effect is tracking.
I have and idea why don't you let ME decide what is acceptable behaviour on MY device?
On the other end of this I don't like that Apple (or the the others) are mapping and logging MY ssid and leveraging it to their own advantage.
Quit spitting in my face, I'm you customer. The reason I am your customer is because I expected this behaviour from Google and mistakenly thought that Apple might have more respect for their customers.
logging personal data indefinitely in unencrypted form - "Bug"
logging personal data with location services disabled - "Bug"
Those are two big arse bugs! How many other "Bugs" have they got in there?
This is the classic PR mistake, not admitting what you are doing, refusing to be humble about it and expecting your users to be idiots. Jobs himself assured us that disabling location services would prevent tracking. Despite the spin the net effect is tracking.
I have and idea why don't you let ME decide what is acceptable behaviour on MY device?
On the other end of this I don't like that Apple (or the the others) are mapping and logging MY ssid and leveraging it to their own advantage.
Quit spitting in my face, I'm you customer. The reason I am your customer is because I expected this behaviour from Google and mistakenly thought that Apple might have more respect for their customers.
Ummm.... Reading a little further down in that same Arstechnica article you cite, it says "Further analysis by developers and security experts suggests that the data points recorded are more likely cell tower and WiFi basestation locations, and not necessarily actual device locations.".
.
I am not sure what that means (article is not clear) but consider this. Storing location of cell towers is pointless (those are well known) whilst because of the nature of WiFi location of WiFi base stations is the same as your location (with 30 feet accuracy)
That's not what you were saying at all. Maybe that's what you meant. But that's not what you wrote...
Also, the unencrypted part must be a very interesting kind of bug. Not only the code that was recoding the data had a bug (and stored data unencrypted), the code that later used this information also had a bug which allowed it to read unencrypted data (where supposedly an encrypted one was expected).
It can send info about wifi stations 500 feet away, 2 miles away, 10 miles away, in addition to the one I use. And it's anonymous info that does not identify me or my specific phone. It's not the same as my location.
I did not know Apple's WiFi is that good that it can receive signals from 10 miles away. I am lucky if my WiFi works good enough inside my house.
Actually it is not used for that at all. Did you read any of the actual information on the subject? You don't seem to understand it at all.
Go ahead though and explain how a database of cell towers and wifi hotspots is going to be translated into being used for marketing. I own a marketing firm, and I would love for you to enlighten me of what value that information is.
I am all for it. The Assisted GPS is an awesome feature and I personally want my device contributing data to that project as it helps my own usage of my devices and those of other people. So I am 100% in favor of Apple anonymously collecting this data as it improves the experience for all iOS devices with GPSs perform better.
Yes, I believe that even very weak signals can be detected, although not necessarily used for web surfing. Check out some earlier posts in this forum about this. Apple claims up to 100 miles, which may be a bit of a stretch according to some earlier posts.
Not at all. That's strictly up to the individual. If you want to secure it, by all means find a way to do so.
In this case - yes, individual (provided they are given that option) I will agree with. But that's not the case across the board. I'm sure you didn't mean it was either. I think we all can agree that information such as credit card info should be encrypted. In fact - it's mandated via PCI compliance regulations.
Also, the unencrypted part must be a very interesting kind of bug. Not only the code that was recoding the data had a bug (and stored data unencrypted), the code that later used this information also had a bug which allowed it to read unencrypted data (where supposedly an encrypted one was expected).
Some companies pile all sorts of development issues under the term "Bug". Everything from problems in the spec to defects in the code. What likely happened here is that the spec for the SQLite DB work that was done in 4.0 (previously it was a plist which wasn't very RAM friendly, or quick to parse) didn't adequately address the security concerns. This type of oversight is more common in existing features where they make changes, since you don't always get a spec that takes the whole system into account.
One person can read the spec and say "Well, it's a cache of cell sites and wifi basestations, I don't see how someone can invade privacy with this information." An actual attack on the design was probably never performed by someone that can show the interesting ways you can visualize the information and turn it into a privacy invasion with the DB in hand. White box inspection isn't always useful here.
Anyone else starting to suspect this "discovery" was intentional? I know it sounds farfetched, but hear me out.
Let's say Apple sees that Google and its partners are indifferent about abusing this kind of tracking data on Android because they're able to make a lot of money off mining that info which is Google's bread-and-butter. So, Apple intentionally makes this tracking database easy-to-find in iOS 4, makes sure they're being completely hands-off with it, and then waits for the inevitable sh*tstorm. Let said sh*tstorm brew for a week or so until anger at Apple spreads out and people start wondering if other phone companies are doing the same. Apple goes on record saying they don't use the data and will remove it or make it harder to access. That leaves Google and their partners completely exposed and an angry public (including some politicians) waiting for answers.
Have to wonder how intentional this was. Apple could certainly have done a much better job hiding or encrypting this database. It almost seems like it was put out there on purpose.
Let's say Apple sees that Google and its partners are indifferent about abusing this kind of tracking data on Android because they're able to make a lot of money off mining that info which is Google's bread-and-butter. So, Apple intentionally makes this tracking database easy-to-find in iOS 4, makes sure they're being completely hands-off with it, and then waits for the inevitable sh*tstorm. Let said sh*tstorm brew for a week or so until anger at Apple spreads out and people start wondering if other phone companies are doing the same. Apple goes on record saying they don't use the data and will remove it or make it harder to access. That leaves Google and their partners completely exposed and an angry public (including some politicians) waiting for answers.
Have to wonder how intentional this was. Apple could certainly have done a much better job hiding or encrypting this database. It almost seems like it was put out there on purpose.
