Wireless SnoopingGoogle joins Apple in privacy furor

Published 25 April 2011

iPhones transmit locations back to Apple, and Apple is not alone in this activity; Google has disclosed that its Android cell phones have been transmitting location data for some time; members of the Congress and Senate have begun to demand answers and explanations

This past Friday, HSNW reported that two British researchers had discovered a hidden file on the G3 versions of Apple’s popular iPhone cellular phone and iPad that maintained a log of the users location.

The file is created and updated by software included a little over a year ago in a software update for the iPhone and iPad that users downloaded and installed.

The furor erupted over the tracking programs existence because its existence was not clearly disclosed by Apple, and users were not given the option to opt out.

To make matters worse, the file’s content was not encrypted, though the user could choose to do so, but generally did not because they were unaware of the file’s existence.

On top of that, whenever users synchronized the iPhone with their computer, the file was transferred to the hard drive, where it was vulnerable to being accessed if not properly secured.

The researchers, Alasdair Allen and Pete Warden, announced their discovery at the T3 conference in San Francisco, and have created a Web site where they discuss the hidden functionality. On that Web page, they make available a free download program that will allow a user to see their location data projected onto a map. For the security’s sake, the mapping program created by Warden and Allen contains constraints on the data display that are not included in the data gathered by the program. In other words, the mapping program will not display the detail that is present in the captured location data.

When discussing the matter on the Frequently Asked Questions (FAQ) page Warden and Allen said they had no evidence that the user’s location was being transmitted anywhere, and that Web activity indicated by the device when the program was run are integral to the software’s operation.

The reality, it turns out, is quite different.

The Wall Street Journal has reported that in actuality, Apple collects location data intermittently and, every twelve hours, transmits that data to itself. The data itself consists of GPS cooridinates, and nearby Wi-Fi networks, the company admitted in a letter to Congressmen Edward Markey (D-Massachusetts) and Joe Barton (R-Texas) last year.

In a statement on his Web site,Markey says that “Collecting, storing and disclosing a consumer’s location for commercial purposes without their express permission is unacceptable and would violate current law.”

Nor is Apple alone in getting attention on this matter. WSJ further reports that Google has been doing much the same thing, perhaps more aggressively than Apple.

According to the Journal, security analyst Sammy Kamkar discovered that an HTC Android cell phone gathered its location data every few seconds, and several times an hour, sent that back to Google, along with technical information, such as signal strength, on any nearby Wi-Fi networks. Included in the data was a unique cell phone identifier.

The Journal independently confirmed Kamkar’s findings.

The disclosures have attracted the U.S. Senate’s attention as well.

Fox News reports that Senator Al Franken (D-Minnesota), recently named chair of a subcommittee on technology and privacy, suggested that the Apple controversy may well translate into hearings by Franken’s subcommittee . The hint was given by the Senator to Fox affiliate KMSP.