Since the iPhone 4 launched last year all Apple devices with 3G have been recording and storing bits of data in a nifty little file called consolidated.db including Latitude and Longitude; a time stamp and the device I.D.
The information isn’t obvious, in fact its buried deep down within the backups iTunes makes of the devices – buried so deep that its existence was unknown until now. The data is NOT being automatically sent to Apple nor is there any indication that its been exploited by any third parties, but its existence poses a huge security threat to anyone who owns one of these devices. Now that the data is known to exist hackers everywhere will begin to design their software to seek out the consolidated.db file on the hosts computer and send it back to them. Ars Technica hits the nail on the head when they say that this is:
bringing out serious privacy concerns and opening the door for a jealous spouse, thief, or even a crafty trojan to take a detailed look at your whereabouts. And it’s information that no one should have access to—not even law enforcement
Check out the video below to see Pete Warden and Alasdair Allan, the two who discovered this cache of data, discuss how they found it and some of the implications of the finding.
As a final note, while this raises some big questions try not to panic if you use an iPhone or iPad. As the announcement page for this discovery is quick to point out:
there’s no immediate harm that would seem to come from the availability of this data. Nor is there evidence to suggest this data is leaving your custody. But why this data is stored and how Apple intends to use it — or not — are important questions that need to be explored.