Tech talk Digest

Last week, a news firestorm started after the public revelation by researchers Alasdair Allan and Pete Warden that iPhones and iPads keep a log of location data based on cell tower and WiFi base station triangulation in a file called consolidated.db. The news led many to believe that Apple was using or could use the information to track iPhone and iPad 3G users, and raised privacy concerns that the information could make it into the wrong hands.

iOS security experts noted that the location log wasn't new—previous versions of iOS stored the same information in a different database. Nor was consolidated.db necessarily a secret—forensic teams often accessed and analyzed this file in addition to SMS logs, e-mails, contact databases, photos, and more during investigations. Further analysis by developers and security experts suggests that the data points recorded aremore likely cell tower and WiFi basestation locations, and not necessarily actual device locations.

Developers soon revealed that Android devices record a similar, if smaller, location dataset as well. This data can only be accessed by others if someone has physical access to your mobile phone, though iOS users may be more susceptible to a data breach as the data is backed up via iTunes to a computer. These backups can be encrypted, but they are unencrypted by default.

Concerns were raised that this location data is collected and used by Apple to "track" individual users (in fact, two iOS users have filed a federal lawsuit against Apple on Monday alleging privacy invasion related to consolidated.db). Apple explained last year that location data derived from cell tower and WiFi triangulation is batched and sent to Apple periodically to maintain its own database of these locations to assist in GPS accuracy and speed. The data sent to Apple does not contain any identifiable information, however, and users opt-in to the data collection via iTunes.

Though Apple hasn't made any official statement about the recent controversy, CEO Steve Jobs allegedly told one concerned iPhone user via e-mail that Apple does not track anyone, while at the same time implying that Google does. Google likewise collects location information based on cell towers on an opt-in basis, but only if you use cell towers and WiFi to assist the GPS location—turn that feature off, and the data is gone. iPhones, on the other hand, will continue to log the locations on the device itself even if you opt out of sharing the data with Apple. For its part, Google has insisted that the information it collects is anonymous, though each device is associated with a unique random number that could potential be correlated with an individual user usingincreasingly sophisticated deanonymization techniques.

The Atlantic noted that the existence of location data on a mobile device is perhaps not as alarming as one might expect. "The big deal about location data isn't the data itself; rather, the location data makes all the other information [e.g. photos and e-mails] that can be extracted exponentially more useful. That's why mobile forensics is different, and why our devices may be where the bubbling privacy concerns of the last decade come to a head."

Those concerns seem to be coming to a head in Michigan, where state police are using CelleBrite's Universal Forensic Extraction Device to gather data from mobile phones. Michigan State Police representatives say no such evidence is viewed without a warrant, though legal precedent suggests that it can be if a mobile phone is found on a suspect at the time of arrest. The ACLU has suggested that officers may be using the device to collect evidence on routine traffic stops or other situations, sometimes without consent or notice.

Mobile forensics expert Steven Whalen told Ars that mobile devices are increasingly becoming important to police and other investigators. "I find it kind of silly [to be] worried about one single file when the entire device contains information that can be easily extracted by anyone with some training or basic research," he said. "If I had a choice between doing forensics on a computer or a cellphone, I'd choose the cell phone. Unlike a PC, a person keeps their cell phone with them all the time." In other words, mobile devices will have a more complete record of a person's activities over a given timeframe.

If maintaining utmost privacy is a top concern, users should definitely enable data encryption on their mobile device, set a passcode, and enable the device for automatic wipes in the event of loss or theft. iOS users should also enable encryption of backup files in iTunes. While advanced techniques may be able to extract location logs and other data even while encrypted, the only truly "safe" alternative is to avoid using any mobile device at all.