Some more information about the iPhone/iPad Keeps Detailed Records of Your Movements story posted yesterday.

Will Clarke points out a subtle but important bit of info missing from the largely exaggerated coverage of the story: the devices aren’t storing the location of the device, but rather the location of the cell towers the device is connected to.

This may seem like a small detailโ€”and there are still real concerns about how this data is being used (don’t know) and whether it should be much more explicit to users that it’s being collected in the first place (it should)โ€”but it makes the difference between knowing precisely where you are, and just knowing what town you’re in. As Clarke points out with an example from his phone, the points in the log file were generally 500 to 1500 meters or more away from his actual location.

My guess is that this is information that is commonly collected by phones (and of course your cell carrier) as part of the routine hopping from one tower to another as you move around. It should be more transparent that it’s happening, it should be encrypted, and it shouldn’t be retained forever (unless you want it to be), but I’m having a hard time smelling anything malicious here. I’ll also be surprised if we don’t soon find that lots of other phones are doing something similar. Gizmodo asked Google if Android does something similar and they had no comment. If they weren’t doing something similar, I think they would have jumped at the chance to say so.

Anthony Hecht is The Stranger's Chief Technology Officer. He owns no monkeys.

25 replies on “Re: iPhone/iPad Keeps Detailed Records of Your Movements”

  1. except for the wifi version of the iPad.

    it’s just an unencrypted log file with a .db extension used by the GPS and cell devices.

    encrypt it and problem solved – use the 128 bit key

  3. It appears that windows phone and android do keep this information, but clear the cache. They keep the last one or two towers you connected to (and you really shouldn’t need more than that). Apple is either doing something with the data, or they made a stupid programing error and didn’t clear what was supposed to be a temporary cache.

  5. Can the phones connect to more than one tower that is in range? Enhanced 911 uses tower triangulation to pinpoint the location of callers — if the device tracks where you are in relation to three or more towers, then in most cases your location could theoretically be tracked to within a few feet.

  6. Is it always just the cell tower, or is it using the cell tower when a GPS signal is unavailable?

    Because maps and shit do the same thing – use cell tower triangulation only when the GPS signal isn’t there.

  8. @Smartypants

    Unless there truly is only one tower in range (and this is very unlikely) your phone is always sort of connected to multiple towers. It’s only using one tower to send voice and data to, but it’s in constant contact with the other towers in range. It’s always figuring out how strong the signal is from each of them to decide if and when it should jump to a new tower. Every time it spots a new tower, it’s telling it that it might be needing a hand off to it. Otherwise when you moved out of range of one tower, you’d drop your call/data until you connected to the next tower.

    Just with access to the towers you have connected to, I can get a pretty good idea of where you are and what you were doing. I may not ever be able to pinpoint where you were exactly, but based on the handoffs and how long you were connected to each; I can get a good idea of where you were travelling.

  9. i don’t have a iphone but my friend tells me that if you take a picture with your iphone the location of where it was taken is added to the pics info. this would be part of the tracking log.

  11. @10 Android does the same thing. gave you the link already. plus the browser app for that is even cooler for the log file.

  12. @9, that’s only true if geotagging is enabled. You can turrn it off. Hell, you can turn all this stuff off. And probably should.

  13. It is the nature of cell phones that your cell provider knows what tower you’re near to at all times, whether or not that information is also mirrored in a log file on your phone. If you have any kind of cell phone, your telco has this data, and who knows how long they keep it for?

    Keeping the logfile on the phone does put additional risk on that data being exposed to hackers (or police), but the mere fact that cellular providers know where your phone has gone is nothing like a new thing.

    https://www.eff.org/deeplinks/2011/03/wh…

  14. @Will in Seattle

    Android does the same thing, but there version is coded correctly. There is a certain number of location entries stored, and once you reach the limit, the oldest one is purged every time you add a new location. The difference is Apple is never purging this data.

    I’m more inclined to believe this is a programming bug than something nefarious.

  15. @11, that link you posted says the exact opposite of what you’re claiming it says. More proof that you do not even know how to read. Arbeck @3 is right, and you are wrong — Android phones cache the last five towers, not every tower.

    @13 is also correct: your provider has always been tracking you, as long as there have been cellphones.

    You really shouldn’t be calling people “dickweed”, dickweed.

  16. @14 i can still hack the files. I’m crowdsourcing a 3D movie of Steve Jackson right now, using cell-enabled Cthulhu Dice bags.

    @15 you can always pull the cell tower log files, but the GPS log is only in your phone, unless you’re using superGPS and you civs can’t use that.

  19. @16, I’m sorry, you said “I’m crowdsourcing a 3D movie of Steve Jackson right now, using cell-enabled Cthulhu Dice bags”?

    Is that humor? Because I think you need prompt medical attention.

  20. Oh Fnarf, why don’t you and Will get a room already? I haven’t seen such sexual tension since the days of Sam and Dianne were on “Cheers”.

  22. I would, however, get off a little from hitting him in the face with a length of motorcycle chain, or pinning him against a wall with my car and gently racing the engine. In drive.

  24. So, if someone uses Latitude, etc. I really have to wonder which is worse–the person who willingly allows the authorities to eventually get their location (without a warrant, because that’s how things are headed) or a file used to store tower information that’s there to help the device function better. Apple should’ve handled this better but I don’t understand the “OMGZ, shocking!” reaction to this story when the phone is location-aware and you can share that on the internet. Many dumbasses do this on Twitter and you could mine/collate the info in the same way using any number of location-aware web applications (like OnTheRoad or Footprint Feed) if you really want to stalk/spy on somebody.

  25. @13 Your cell phone company does not keep a log of every single tower you’ve ever registered on.

    Depending on the traffic switch (of which there are at least three different types) you may be able to tell which tower you are hitting right now (but I couldn’t tell what towers you were on before this current one.) If you hit send and your call timer starts (even though you may get a busy signal or a hang up before someone picks up), that will register as a call on a particular cell site, and, again, depending on the traffic switch, that info could be held for 30 minutes or (the longest I’ve seen) 45 days. Your cell phone carrier can also tell which system (SID) you are currently registered on, but the SID only tells you which carrier, and what region of the state you are in (eg, the Seattle SID covers all of NW Washington state, so I’d know you were in Washington, but I wouldn’t know if you were in Seattle, Bellevue, or the other side of the Olympic peninsula.)

    I kinda wished we had that info, because it would have made processing subpoenas much easier. “I’m sorry, Mr Federal Agent, but all I can tell you is that the rapist/kidnapper/bad guy you are looking for is somewhere in Western Washington.”

Comments are closed.