Apr 20, 2011
Numerous news outlets have reported a discovery today that since the release of iOS 4, iPhones and iPads have been maintaining time-stamped lists of users’ GPS locations. This information is stored both on the device itself, and in an unencrypted file on the computer. The file stored on the computer is called “consolidated.db,” and you can easily use it to generate a visual map of your location history with the freeware utility iPhone Tracker.
So, what does this mean for you? It means that if you have an iPhone or 3G iPad, anyone with access to your computer can see all of the places where you have been — and when — for nearly the past year. Your device is also at risk if someone steals it. This should cause a serious privacy concern; ordinarily, even the police would be unable to obtain this information without a court order. Anyone with a slight amount of technical knowledge could use this information to stalk you and violate your privacy.
Apparently, the information recorded comes from the cell tower triangulation data that the iPhone and iPad obtain to assist the internal GPS receiver. If you use the GPS with the cellular radio turned off, the device does not save this location data. So far, Apple has not issued a comment addressing users’ privacy concerns or explaining why this data is collected — not to mention why it is done in such an insecure manner.
What can you do to protect your privacy? iTunes contains an option to encrypt the iPhone and iPad backups that it stores on your computer. Using this option, you can encrypt “consolidated.db” making it extremely difficult for anyone with access to your computer to steal your location history. After enabling this option, configure your iPhone or iPad for maximum security so that if the device is stolen and an incorrect password is entered ten times, it will automatically wipe all data.