Today at Where 2.0, two data scientists announced a discovery that iPhones are recording GPS positions into a hidden file on the device. I'll save a summary for an update of this post, but go read the original article for now.
I downloaded the logs from Amber Case's iPhone, and have been looking through them to see what's there. Turns out it's a lot more than just the cell tower positions of the phone. There's also a list of all wifi access points the device has seen, as well as the best-guess position of each wifi access point!
There also seems to be a table in the database containing a record of all the requests that other programs have made for your location, which includes the app's bundle ID. Here's a snippet of the logs:
| MCC | MNC | LAC | CI | RSSI | ARFCN | PSC | RSCP | ECN0 | Operator | Transmit | BundleId | Timestamp | Latitude | Longitude | HorizontalAccuracy | Altitude | VerticalAccuracy | Speed | Course | Confidence |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 310 | 410 | 56983 | 2067187 | -1 | 9721 | 414 | 96 | 7 | AT&T | -1 | 325045574.119049 | 37.39194315 | -121.977325016667 | 47.4216335497634 | 53.2738933563232 | 70.2810013757997 | 0.0 | -1.0 | 90 | |
| 310 | 410 | 56983 | 2067187 | -1 | 9721 | 414 | 109 | 12 | AT&T | -1 | com.geoloqi | 325044683.18984 | 37.3916252333333 | -121.9769063 | 47.4216335497634 | 35.2740898132324 | 70.2810013757997 | 0.0 | -1.0 | 90 |
| 310 | 410 | 56983 | 2039667 | -1 | 9721 | 276 | 76 | 4 | AT&T | -1 | com.localmind.ios | 325043720.464916 | 37.4044454 | -121.9751501 | 162.957953194342 | 28.2493667602539 | 228.343673256242 | 0.0 | -1.0 | 90 |
| 310 | 410 | 56983 | 2039667 | -1 | 9721 | 276 | 72 | 5 | AT&T | -1 | com.naveenium.foursquare | 325024994.168633 | 37.4042630166667 | -121.975922583333 | 162.957953194342 | 28.2504062652588 | 228.343673256242 | 0.0 | -1.0 | 90 |
| 310 | 410 | 56983 | 2070748 | -1 | 512 | 180 | 96 | 13 | AT&T | -1 | com.apple.camera | 324957354.61129 | 37.3848867333333 | -121.995491966667 | 162.957953194342 | 28.3031120300293 | 228.343673256242 | 0.0 | -1.0 | 90 |
| 310 | 410 | 56983 | 2068368 | -1 | 9721 | 180 | 99 | 14 | AT&T | -1 | com.alamofire.gowalla | 324956280.786805 | 37.3848867333333 | -121.995491966667 | 162.957953194342 | 28.3031120300293 | 228.343673256242 | 0.0 | -1.0 | 90 |
| 310 | 410 | 56983 | 2052127 | -1 | 9721 | 464 | 89 | 12 | AT&T | -1 | com.google.GoogleLatitude | 324940590.288545 | 37.4049282 | -121.976459016667 | 162.957953194342 | 28.2496871948242 | 228.343673256242 | 0.0 | -1.0 | 90 |
| 310 | 410 | 56977 | 2497652 | -1 | 4385 | 299 | 71 | 9 | AT&T | -1 | com.apple.Maps | 324879306.751405 | 37.5537628166667 | -122.309797466667 | 76.3568859153783 | 46.2922878265381 | 113.17575656752 | 0.0 | 158.0 | 90 |
| 310 | 410 | 56976 | 2757485 | -1 | 9721 | 252 | 89 | 9 | AT&T | -1 | com.yelp.yelpiphone | 324873997.281525 | 37.7768964333333 | -122.3948506 | 162.957953194342 | 50.9832305908203 | 228.343673256242 | 0.0 | -1.0 | 90 |
The Bundle IDs of the apps that requested location are clearly visible, and it also shows where the phone was when the app requested the location. This suggests to me that the purpose for these logs is not malicious on Apple's part at all.
I also observed that the timestamps of the logs in the CellLocation table were not very granular. There seemed to be batches of 30-50 significantly different locations at a time, with anywhere from 1 to 12 hours between timestamps. My guess after asking Amber about her syncing habits, is that the timestamps correspond to the date the phone was synced with the computer, not necessarily the date the timestamp was recorded. This is speculation at this point, and I will hopefully be able to come to a better conclusion after some more analysis of the data.
If it in in fact the timestamp of the sync, this would seem to further contradict the notion that Apple is covertly tracking your every move, since location data is far more useful when it contains a timestamp associated with it. This data says something more like “Here are all the cell towers the phone has seen since it was last synced.” I'm not sure exactly what purpose this would serve.
Some of the other database tables that piqued my interest included:
WifiLocation - a database of all wifi hotspots seen, their mac addresses and latitude/longitudes
Fences - my guess is this corresponds to Apple's CLRegion API, which allows iOS developers to define fences which trigger a method when the user crosses the boundary.
Harvest - All tables ending in Harvest correlate with the different location tracking types, Cell, CDMA, Wifi, etc. These tables track requests made to the various location providers.
So far it's been a lot of fun to look through this data, and I'm looking forward to continuing to play with the data. Many thanks to Pete Warden and Alasdair Allan for pointing out this log!
Aaron Parecki is the co-founder of Geoloqi.com, a private, real-time location sharing platform. Geoloqi allows you to securely track your location and you always have complete control over who can see your location. You can leave yourself a Geonote at a place which will be sent to you next time you're there. Geoloqi has an API which lets you download all of your location history, as well as build fun apps on top of the platform!
