SECURITY RISK: Your iPhone and iPad is Tracking Everywhere You Go! - ITS Tactical

Shop the ITS Store!


SECURITY RISK: Your iPhone and iPad is Tracking Everywhere You Go!

By Bryan Black

Data Scientists Alasdair Allan and Pete Warden have just released new research detailing how Apple is keeping track of your every move in an unencrypted file that resides on the computer you use for backing up your iPhone and iPad 3G.

While there’s no evidence this data is being transmitted to Apple, we strongly feel this is a security risk, as this tracking information is located in a file called location.db in your backup files and records every cell tower you’ve accessed.

Allan and Warden notice that the first instance of location tracking started with the install of iOS4 in both the iPhone and iPad, which was released almost a year ago. This means there’s nearly a year’s worth of locations stored in this consolidated.db file. This is thousands of data points!

See it for Yourself

If you’re interested in finding out where you’ve been for the last year, Allan and Warden have written a desktop app that you can download here. You’ll be presented with a graphical image and heat map of where you’ve been in the world, it’s quite interesting and scary at the same time.

The image you see above is what Apple has tracked on me around the D/FW area in Texas. It’s fairly accurate at displaying your local locations as well as the places you’ve visited.

All that would need to happen for someone wanting to use this information for the wrong purposes, is to gain access to your computer and simply open this application to find out where you’ve been. Hopefully everyone reading this has also taken the proper precautions to protect their computer as well.

The good news, for those of you using different phones out there, is that Allan and Warden were not able to find anything similar on other platforms like Android. Update: Android phones are definitely at risk too.

What can I Do?

iPhone Tracking Security Risk 02The first step is to encrypt your backups! By default, your iPhone backups are not encrypted. With your device plugged in to sync, click on the device and bring up the summary tab. Under options you’ll see a check box next to “Encrypt iPhone Backup.” Check it and set a password, which will force a backup that will now be encrypted.

We’d like to strongly encourage everyone out there to encrypt their backups, if not only for this security risk discussed in this article, those backups also contain all your contacts, text messages and pretty much everything you do on your phone. The ability to store this data unencrypted is just ridiculous on Apple’s part.

Please also distribute this information to everyone you know that has an iPhone or iPad and help mitigate this security risk for all those you know!

Are you getting more than 14¢ of value per day from ITS?

Thanks to the generosity of our supporting members, we’ve eliminated annoying ads and obtrusive content. We want your experience here at ITS to be beneficial and enjoyable.

At ITS, our goal is to provide different methods, ideas and knowledge that could one day save your life. If you’re interested in supporting our mission and joining our growing community of supporters, click below to learn more.


Do you have what you need to prevail?

Shop the ITS Store for exclusive merchandise, equipment and hard to find tactical gear.

Do you have what you need to prevail? Tap the button below to see what you’re missing.