Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Shock: iPhones store location data (Gimme a break...)

Mike Elgan | April 24, 2011
Worried about LocationGate? I'll give you something to worry about

If some shady hacker type steals my iPhone or hacks my laptop, the last thing I'm worried about is a database that shows where I went last month. I'm far more concerned about passwords, financial information, private e-mails, my list of contacts, information that would enable hardcore identity theft, and so on. Who cares if they know I went to Whole Foods last month or that I entered a Starbucks at 2:36 p.m. last Wednesday?

To me, it would be far more problematic if my location data -- and even truly sensitive information -- were being shared without my knowledge with companies I've never heard of. And in fact, that is happening every day.

First, iPhone and Android apps store and share all kinds of data, including location data.

Hundreds or thousands of apps routinely zap location data and personal information back to the companies that made the apps without your knowledge. Many of them share that information with advertisers without your consent. Much of that information is associated with your phone's unique identifier, along with personal data like gender and ZIP code.

Other apps store information that's far more sensitive than location history. Security researcher Michael Sutton found that many apps store data backups, passwords and other login credentials, and other sensitive information in a format that's readable by anyone who downloads a widely available tool from the Internet.

One particularly problematic example is that the popular Evernote app on the iPhone stores authentication details in plain text format. If anyone got his hands on that information, he'd be able to read everything you've put into Evernote. The same goes for Google Docs and Apple iDisk.

Unlike many cell-phone-enabled violations of your privacy, whose purpose is mainly to enrich the app maker, the storage of location data on iPhones and the gathering of location data by Android phones at least provide benefits to users and are under user control.

The database works behind the scenes mainly to improve wireless data service, traffic maps and other basic functions of a smartphone.

Location data isn't even gathered if location services are turned off.

Yes, the storage of unencrypted location data on your phone is a potential privacy breach waiting to happen. But there's a whole list of privacy violations taking place through your phone every day.

The hard reality is that there's only one way to guarantee privacy with a cell phone: Remove the battery.


Previous Page  1  2 

Sign up for Computerworld eNewsletters.