Security experts Alasdair Allan and Pete Warden have discovered a potential breach of security and privacy that should be of some concern to iPhone and iPad users around the globe. The two researchers have come across a hidden file in the phone’s operating system that keeps detailed information about locations, dates, and times. In other words, iPhones and iPads running iOS 4 are configured to keep tabs on its users and store this information in an unencrypted file saved to the phone’s internal storage device. Based on their research, they determined that the file keeps a record of where the device has been taken and provides these locations in addition to the time and date that they were visited.
This hidden file is named consolidated.db. The contents of this file include latitude-longitude coordinates detailed with a timestamp. Although the coordinates may not be exact, they are detailed. It is assumed that the collection started about a year ago, with iOS 4 release. We can also assume that cell-tower triangulation is the method used to determine the location.
While they did not find any information that would indicate that this location data was being sent back to Apple, AT&T, or Verizon, it does make you wonder what the ultimate purpose of this file would be. Since Apple did not make customers aware of the file’s existence, you can be certain that it is not a “feature” of the mobile device, so why is it there? One item that should be of particular concern to iPhone and iPad users is that this file is going to be stored on any computer that you use to backup or sync your device. This, in turn, means that anyone who has access [granted or otherwise] to your computer can get a hold of this information and has a very clear cut explanation of where you have been and when you were there.