Researcher: iPhone Location Data Already Used By Cops

Alex LevinsonWhen British programmers Alasdair Allen and Pete Warden took the stage at the Where 2.0 conference to unveil their work on iPhone location tracking, it was clear they had some big news on their hands. The duo outlined what they called the discovery that your iPhone and 3G iPad is regularly recording the position of your device into a hidden file. Their findings started a firestorm of media coverage.

But as the details came to light, one researcher was left scratching his head because hed already made the same discovery last year.

Alex Levinson, 21, works at the Rochester Institute of Technology in upstate New York, and hes been studying forensic computing and working with Katana Forensics, which makes tools for interrogating iOS devices.

In a post on his blog, he explains that the existence of the location database which tracks the cellphone towers that your phone has connected to has been public in security circles for some time. While its not widely known, thats not the same as not being known at all. In fact, he has written and presented several papers on the subject and even contributed a chapter on the location data in a book that covers forensic analysis of the iPhone.

(One b! logger r eviewing the book in January mentioned the cell tower data and says more and more you realize how much information Apples mobile devices could contain and how valuable this could be for your investigation).

In his post, its clear that Levinson takes issue with the claim of discovery. In fact, he told me by email that Allan and Warden had apparently missed out a whole area of existing research conducted by forensic analysts.

It was a shock to me when this came out labeled as a discovery, he explains. I watched the video and they dont appear to be interested in the forensic side of this, which is honestly where the research lies.

Part of it seems to be a failure of researchers across different disciplines to plug into each others work. As Levinson put it they basically built a bridge without turning to the civil engineers Im not the only one familiar with this stuff.

However, its not just bad communication among researchers that is to blame. He adds that the press missed the story first time around, and now seems more focussed on the horror of data storage than the reality (there, for example, is no evidence that the data is sent back to Apple at the moment).

I do blame the press somewhat for sensationalizing them without recourse, he says. I emailed 20 of the top media outlets who covered this, linking them to my side none of them replied, except a famous blogger who cursed me.

Sometimes this is the case with research, and just because its not new to you, doesnt mean its not news. Sometimes the people credited with breakthroughs are the ones who have been able to communicate their ideas to the right people. And clearly Allan and Wardens presentation is having a lot of impact, not least because they have released the tools to make the data obvious to users.

The ! truth is that there may be more important things to consider than the issue of who discovered what. Levinsons revelations are more important than that, because he explains that the location data is already being put to use. In his blog post he says (my emphasis):

This hidden file is nether new nor secret. Its just moved. Location services have been available to the Apple device for some time. Understand what this file is log generated by the various radios and sensors located within the device. This file is utilized by several operations on the device that actually is what makes this device pretty smart.

Through my work with various law enforcement agencies, weve used h-cells.plist on devices older than iOS 4 to harvest geolocational evidence from iOS devices.

Thats very interesting. Its not that the location data was only already known about in some circles, but its actively being used by law enforcement agencies as part of their investigations. Levinson declined to divulge the names of those agencies, but told me that he had worked with multiple state and federal agencies both in the U.S. and internationally.

So when Allan and Warden say Dont panic theres no immediate harm that would seem to come from the availability of this data, you have to ask whether thats the case. There are no court orders needed to track your location history via an iPhone, since the devices are relatively open. All the investigator needs is the device itself.

Related content from GigaOM Pro (subscription reqd):

IDrive Online Backup: Dont spend your time recovering from disaster.


Comments

Popular posts from this blog

China Watch: Magical New Maglev, Fire the Ambassador?

Live Blog: GMIC G-Startup Competition 2011

Chinese Pinterest Huaban.com Grabs Money and Attention