Thursday, April 21, 2011

The iPhone 4 you spy? Info and brainwashing, you need to know

The iPhone 4 you spy? Info and brainwashing, you need to know

Security - The security researchers have discovered an unencrypted file in iOS 4 containing geographic positions associated with schedules that trace the path of a user. Scary but this discovery is not one ...

All iPhone and iPad 3G iOS 4 record in the regular location of users and store information in a hidden file in the terminal.




This was discovered two security researchers who have reported to the Guardian. The data in question contain the latitude and longitude associated with hours that are stored in a file named "consolidated.db.

The latter is not encrypted and is transferred to any device with which the iPhone 3G or iPad are synchronized. In some cases, the database can contain thousands of entries since the collection began with four iOS released in June.


Anyone can access this file can study the movements of a person simply by converting these positions into points on a map, say the researchers.

Except that this discovery is anything but a scoop. Indeed, since the announcement of the iPhone 4, and accompanying OS, Apple has clearly set the tone.

"To provide services to locations on Apple products, Apple and our partners and licensees may collect, use and share accurate data from your location, including geographic location in real time on your computer or your device." Here's what one could read its privacy policy, amended in June 2010.

Clearly, Apple announced it would collect new data about users of its products, particularly those concerning their "location in real time." A collection made after acceptance of the license, and extended to applications available on the Apple Store.

Each installation of an application of this type, the user can accept or not the location. In addition, Cupertino had been careful to note that these data would be anonymous and would not identify individual users.

"These data are collected anonymously position in a form that does not identify you personally and is used by Apple and its partners and licensees to provide and improve services and products based on the location."

However, and this is the most sensitive, therefore they allow to "track" a user, and our two researchers propose an application to discover precisely its data, and visualize your journey on a map. One imagines the possibilities and intrusion investigations. Can not hide anything from an iPhone!


What can you find in your file?

A database related to satellite phones and Wi-Fi which has connected the iPhone on the go. These data provide points on a map, and then view your route.

Can we hide data?

By default, this file is not protected. Any "hacker"(and thief) can therefore access the file, and view your itinerary. And this, over several months ...

Since this file is stored on your computer each time you synchronize the iPhone, it can also be accessed through this means. In this case, there is still a parade. Simply, in iTunes, encrypt your backups by protecting them with a password.

How to avoid registration of location data?

The only way is to disable the GPS, called "location service" in the iPhone. You can find the option in the first Settings screen. You can also, in options, or define the applications that you can geotag.

No comments:

Post a Comment