2011 has almost come to an end, and we’ve already seen some great Android apps come out this year. But 2012, which is just around the corner and it looks like it will be another eventful year for Android. Now that the latest OS version, Android 4.0 Ice Cream Sandwich (ICS), has hit the market, several device makers are expected to release ICS handsets for a ready consumer market. LG is the latest to reveal its plans around ICS, kicking into high hear during the second quarter of next year. Among the first phones to get the upgrade are the Optimus 2X, which made waves as the world’s first dual-core smartphone earlier this year, and the Optimus LTE. Others in the Optimus lineup, including the 3D, Black and Big, will also receive the ICS update by Q3 of next year.
Android’s competition in the mobile and tablet market, Apple has had a long head start in mobile apps over it’s new archival Google. However, new data shows that the number of Android apps has grown 127 percent since August and offerings in Google’s Android Market should outnumber the total for iPhone apps by mid-2012.
2012 has some great apps in store for the open-source mobile platform. (more…)
New data on mobile usage shows the number of smart phones continues to grow rapidly, increasing 12% from June of 2011 to 87.4 million in Sept. of 2011, and that the Android platforms continues to grain market share, hitting 44.8%. The data, which shows a three month average for the period ending Sept. 2011 and is based on a survey of over 30,000 U.S. mobile subscribers by the comScore MobiLens service, is notable because it once again highlights the growing importance of the Android platform for the mobile strategies of media and entertainment companies. (more…)
A major security flaw in Apple’s iOS operating system that could allow hackers to remotely gain unauthorized access to an iPhone, iPod touch or iPad has been uncovered by a security expert. Described by Forbes as a “serial Mac hacker,” Accuvant LABS computer security researcher Charlie Miller has uncovered a security flaw that allows hackers to build apps that look legitimate and pass through Apple’s App Store approval process. Using a code-signing vulnerability, however, the malicious apps will automatically connect to a remote server following installation and download new unapproved code that might grant hackers access to system files, personal data and a host of unauthorized functionality. Read on for more.
Apple’s closed App Store approval process has been touted by security experts and pundits alike as a much more secure option than an open system like Google’s Android Market. While Apple has been largely successful in keeping malicious software out of its iOS App Store, this newly revealed vulnerability illustrates that no system is ever fully secure. “Now you could have a program in the App Store like Angry Birds that can run new code on your phone that Apple never had a chance to check,” Miller told Forbes in an interview. “With this bug, you can’t be assured of anything you download from the App Store behaving nicely.”
Miller isn’t just talking the talk, either. The security expert actually planted an app in Apple’s App Store that utilizes the exploit he detailed. Miller submitted the app to Apple for approval using his developer account and, following Apple’s standard testing and approval process, the app became available in the App Store. Miller then recorded a video illustrating some of the many functions a hacker would be able to perform using this exploit, which include executing a payload that will give the hacker complete control of an iOS device from a remote terminal.
iPhone users needn’t panic; the offending app is already gone, and Miller expects Apple to squash the security bug to prevent legitimate attacks. Still, this exploit proves that the App Store’s strict security measures aren’t impenetrable. Security researchers have been saying this for years, but Miller has actually demonstrated it in the real world.
In a way though, you have to agree that Miller did violate the very specific developer program agreement by hiding the PoC inside a legitimate application. That probably wasn’t his smartest idea, but then again it’s helping Apple and he’s not doing it in a malicious way to infect people – he’s doing it as a security researcher.
Apple should be more proactive on working with people like this, people who are actually fixing bugs in their products for free and improving the user experience. It’s the way Apple operates though, secretive, exclusive, domineering etc. If you don’t do things their way, screw you. The way in which Miller uncovered the flaw once again shows his technical brilliance – something which Apple really should be harnessing rather than turning away.
A lot of people noticed changes with iOS 4.3, but couldn’t actually figure out what was going on. Well that’s what we know in the public realm anyway, no doubt the bad guys had their eyes on it and were digging in with much more malicious exploits.
It basically seems like a way to bypass any kind of code validation by Apple and execute arbitrary code from an attack server – dangerous indeed.
Steve Jobs’ legacy at Apple Inc. goes well beyond cool gadgets, a thriving retail chain and a music empire. He also launched the company’s all-out legal war on Google Inc.
In the last months of Jobs’ life, Apple unleashed a patent-suit blitzkrieg on its Silicon Valley rival, filing 10 lawsuits in six countries that accuse the Internet search giant of stealing its smartphone and tablet computer technology.
The campaign is rooted in Jobs’ belief that Google and mobile device manufacturers that use its Android software copied key design and technology features from Apple’s iPhone and iPad.
“I’m willing to go to thermonuclear war on this,” Jobs told author Walter Isaacson for his recently released biography. “I’m going to destroy Android, because it’s a stolen product.”
He then vowed to battle Google until “my last dying breath.”
Google and manufacturers using Android are vigorously contesting Apple’s claims, which could take years to play out in court. But one thing is certain: There is a lot at stake for the company Jobs built. If it is unable to protect the iPhone’s distinctive look and feel, lower-cost competitors imitating its technology could threaten the future of its most profitable products, analysts say.
“Unless they can keep Android at bay, they cannot sustain their incredibly high margins,” said Florian Mueller, a patent specialist who has been closely following the disputes. “They’ll have to compete with much lower-priced devices with essentially the same features coming out of China and other places.”
Alternatively, victories by Apple would enable it to extract hefty ransoms from any phone maker that uses Apple-like technology, or even force its rivals to water down or remove popular features from their smartphones, including screens that respond to multiple finger touches, the graphical display of text messages, and the way users send email and browse the Internet.
That type of technological rollback, analysts and patent attorneys say, could demolish much of Google’s recent success in the $160 billion smartphone market, and gain Apple an unparalleled advantage in the industry. The market is growing rapidly as many consumers dump simpler cellphones for the more powerful and versatile smartphones.
“Some of the revelations from the Jobs biography suggest that this is almost a religious war,” said Toni Sacconaghi, an analyst at Sanford C. Bernstein Co. The question is whether Apple’s battle is based on a rigorous legal analysis of company’s patent holdings or part of a personal vendetta by the company’s late co-founder, he said.
Apple’s aggressive legal attack comes as it is losing ground to its rivals in the smartphone industry. Samsung Corp., whose devices run Google’s Android software, dethroned Apple in the most recent quarter to become the world’s largest vendor of smartphones, accounting for nearly a quarter of handsets sold last quarter, compared with about 1 in 7 for Apple, according to data from Britain-based Strategy Analytics.
Apple has hired some of the nation’s top patent lawyers, including William F. Lee of WilmerHale, who helped win networking chip maker Broadcom Corp. an $891 million infringement settlement against rival Qualcomm Inc., and Harold McElhinny of Morrison & Foerster, who led Pioneer Corp. to a $59 million judgment against Samsung.
In recent weeks, Apple has been successful in temporarily banning sales of Android-powered tablets in Australia, Germany and the Netherlands. The company is now involved in lawsuits covering dozens of patents, some of which date to the technology created for 1990s-era personal computers designed a decade before smartphones were invented.
But what may look like a shotgun approach may actually be a carefully crafted battle plan. Apple is using its initial round of lawsuits to see which of its many patent claims can survive intense legal scrutiny, analysts said. The ones that are successful will become the spearhead of Apple’s litigation strategy.
“Once they’ve found the battle-tested patents that can survive challenges,” Mueller said, “they’re going to assemble all of them, put the winning team together and enforce them against everyone.”
Although Apple’s patent war stretches around the globe, the heaviest assault is in the U.S. The company is currently locking horns with Samsung in separate federal lawsuits in Washington, Delaware and Northern California, where Apple’s attorneys have demanded court orders preventing Samsung from selling its smartphones and tablets in the U.S.
“This kind of blatant copying is wrong,” Apple spokeswoman Kristin Huguet said in a statement. “We need to protect Apple’s intellectual property when companies steal our ideas.”
Google has called the patent attacks “bogus,” but in August it made a major move to defend itself, announcing the largest acquisition in its 13-year history by paying $12.5 billion in cash for Motorola Mobility Holdings Inc., one of the leading Android manufacturers and the holder of 17,000 technology patents that Google could use as ammunition to fend off the lawsuits.
Google allies Samsung and HTC Corp., two major device makers, are also striking back against Apple, filing countersuits that ask courts around the world to ban Apple’s iPhone and iPad devices. Each patent case can cost upward of $8 million, according to attorneys and analysts said.
So far, Samsung has had mixed results with its legal fusillade against Apple, with courts in Italy and the Netherlands initially denying its motions to bar sales of Apple’s recently released iPhone 4S.
Samsung has denied that its phones infringe Apple’s patents, and has instead accused Apple of illicitly using Samsung communications technology in multiple iPhone, iPod and iPad models. The company said it has spent tens of billions developing its own digital technology in recent years, and has amassed nearly 30,000 patents in the U.S. alone.
Apple “continues to violate our intellectual property rights by selling these products,” Kim Titus, director of public relations for Samsung Telecommunications America, said in a statement. “The courts will find Apple has indeed been free-riding on our technology.”
But many of the technologies that these patents protect are so abstruse or vague that companies may end up running afoul of the law without even knowing it, said Bijal V. Vakil, a partner at law firm White & Case in Palo Alto, Calif.
“It’s become a virtually unmanageable task to go and see if you have the freedom to operate,” he said. “Procedurally it would be impossible to check all of (the valid patents) – even large companies can’t afford to do that.”
Many organizations around the world fear competition. They are scared that another bigger badder organization is going to come along that can offer the same features and benefits but will offer them: quicker, cheaper, with more customization, with better customer service, etc. Competition is actually a good thing, in fact it’s a great thing.
Without competition Apple would have never created their Ipod, Microsoft would have never created Windows, and Google would probably be non-existent. Competition is essential because it leads to one very important thing, innovation.
People are always looking for products with more features and capabilities, products that cost less but can do more, and products that just plain solve their needs/wants better than any other product can. When companies compete, consumers get what they want.
Competition pushes you to be more creative and innovate, and to truly master your skill set. A lack of competition may lead to your skills getting stale or hitting a plateau. Competition sharpens your skills and ultimately helps you achieve long-term success.
Right now there are 1.3 million public Wi-Fi spots around the world, but Informa reckons that’s going to jump to 5.8 million by 2015 with tablets and smartphones driving the deployments. This is not surprising to find, as Android over takes the iPhone and iPad. Since purchasing my own Android phone I can say I am setting at my desktop 30% less.
Those figures don’t include the 4.5 million “community” hotspots – privately owned but publically shared – the 5.8 million hotspots up and running in 2015 will be available to anyone who wants to pay, but most will be run by mobile network operators who want to offload as much of their data traffic as possible.
Informa, which compiled the data for the Wireless Broadband Alliance, spoke to 259 network operators around the world, and discovered that tablet computers already account for a tenth of hotspot connections, while smartphones account for 36 per cent and laptops less than half (6 per cent are unaccounted for).
Network operators are very happy to offload traffic onto Wi-Fi, so China Mobile is planning to deploy more than a million hotspots in the next few years, and Japan’s KDDI has announced plans for another 100,000 within the next six months. In the UK things get a bit weird thanks to our regulatory environment, but we too are heading in that direction.
The Wireless Broadband Alliance is pushing its single-sign-on standard to make it easier for devices to authenticate themselves, so users can roam onto Wi-Fi connections without having to ask, though if they’re switching regulatory environments that might come as a shock.
Getting seamless roaming means adding the capability to handsets and access-point hardware, which is what the Alliance hopes will be promoted by this report.
The security by obscurity myth is finally blown out of the water…Mac’s are pretty much mainstream these days and it yet again proves my points about Mac virus resistance, it may be virus resistant, but unless you upgrade the users, no platform is Trojan proof.
Apple has updated the malware protection built into its Mac operating system to flag a recently discovered trojan that hijacks users’ machines by masquerading as a benign document. Malware disguised as an Adobe Flash installer, meanwhile, remained unchecked.
The file quarantine, which Apple snuck into a prerelease version of Snow Leopard in 2009, was updated to include a definition for Trojan-Dropper: OSX/Revir.A, which antivirus provider F-Secure disclosed on Friday. According to an update on F-Secure’s blog, the malware disguises itself as a PDF file in an attempt to trick users into clicking on it.
“The malware then proceeds to install a backdoor, Backdoor:OSX/Imuler.A, in the background,” stated the F-Secure analysis, which was posted Monday. “As of this writing, the C&C of the malware is just a bare Apache installation and is not capable of communicating with the backdoor yet.”
By Tuesday morning, Apple had added a definition for Revir.A into the file quarantine feature, our review of a Mac running OS X Lion, aka 10.7, has shown. By our count, it’s the 10th definition to be included, although two of them cover malware with the identical label of “OSX.HellRTS.” The definitions are stored in a file called XProtect.plist tucked away in the /System/Library/CoreTypes.bundle/Contents/Resources/ folder.
Apple engineers pushed out the update around the same time that a new trojan was discovered menacing Mac users. According to Mac antivirus provider Intego, the Flashback trojan is built on a sophisticated code base that installs a backdoor on infected machines, and covers its tracks by using encryption when communicating with remote servers.
“The backdoor is able to download further software, but, for now, we are not seeing this activity,” Intego’s analysis stated. “It is also able to update itself, and creates an Sha1 hash of the malware to see if it has changed. If the Sha1 of the software version on the server is different from that installed, this means that an update is necessary.”
With the explosive growth of Macs, iPhones, and iPads, malware purveyors have finally begun targeting Apple products after years of almost exclusive focus on Microsoft users. Earlier this year, an outbreak of fraudulent Mac antivirus products ignited a huge spike in support calls from frantic Mac users who had been tricked into installing a piece of malware called MacDefender. Apple eventually added definitions for it to its file quarantine, as well.
I think the difference between Microsoft and Apple here is that Microsoft weren’t the ones to create a condescending “I’m a PC” commercial insinuating that their operating system was virus free…With the amount of braindead Apple fans who claim that Apple Virus / Malware is an oxymoron, that 30 second spot could turn out to be some of history’s most damaging tech-related FUD.
Early I wrote that actually most targeted vulnerabilities are in Flash, PDF or Java these days via Internet Explorer (IE) and once you take IE out of the equation, Windows does quite well, especially given the rich rewards and vast selection of low-hanging fruit users can offer.
How else would they protect their interests these days, Being able to re-purpose a computer, or just wipe Windows OS completely from the computer to start with, has always been refreshing to me. Look out, those days may be at an end. Linux is not owned by anyone entity or corporation, and has free market reign, allowing consumers a choice, albeit one that is rarely known, so rarely do people even know of it’s existence. However, Android is built from the Linux kernel, and is quickly becoming the king in mobile devices, supplanting the iPhone.
Stopping dual boot or changing the OS by users would stop the market penetration by Linux. Maybe the knowledgeable Linux crowd might build their own computers but this is beyond the capacity of probably 99% of computer users. Market penetration by a competing OS would be stopped cold which is what MS wants. They want to stop the downward slide of Windows. Yes, Linux has a very small share of the OS market, but what about some new and different OS that is developed in the future. This would stop them from even starting. It’s not just about Linux.
Windows 8 PCs will boot super fast in part because of the next-generation booting specification known as Unified Extensible Firmware Interface (UEFI). The latest UEFI, released April 8, includes a secure boot protocol which will be required for Windows 8 clients. Secure UEFI is intended to thwart rootkit infections by requiring keys before allowing executables or drivers to be loaded onto the device. Problem is, such keys can also be used to keep the PC’s owner from wiping out the current OS and installing another option such as Linux, says Matthew Garrett, a mobile Linux developer at Red Hat, in a blog post .
‘If a vendor key is installed on a machine, the only way to get code signed with that key is to get the vendor to perform the signing. A machine may have several keys installed, but if you are unable to get any of them to sign your binary then it won’t be installable. … Microsoft requires  that machines conforming to the Windows 8 logo program and running a client version of Windows 8 ship with secure boot enabled.’
Microsoft’s requirement of secure UEFI is verified by a presentation  at the BUILD conference given by Arie van der Hoeven, Principal Lead Program Manager of Microsoft. Slide 11 of the presentation states:
- Current issues with boot
- Growing class of malware targets the boot path
- Often the only fix is to reinstall the operating system
- UEFI and secure boot harden the boot process
- All firmware and software in the boot process must be signed by a trusted Certificate Authority (CA)
- Required for Windows 8 client [emphasis mine]
- Does not require a Trusted Platform Module (TPM)
- Reduces the likelihood of bootkits, rootkits and ransomware
Secure boot uses a PKI scheme so that UEFI 2.3.1 firmware will only run digitally signed EFI bootloaders and device drivers. A recent article in The H  notes that it can be “designed to accept a software key management service (KMS), a network-accessible key server or a hardware security module (HSM).” The hardware module would likely be a Trusted Platform Module (TPM 1.2), though as van der Hoeven points out, TPM isn’t required.
The Linux community has been on alert about secure UEFI for a couple of months, according to an article in June from LWN.net: 
‘The basic idea behind secure boot is to sign executables using a public-key cryptography scheme (RSA with 2048-bit keys with SHA-1 or SHA-256 as the hash). The public part of a ‘platform key’ (PK) can be stored in the firmware for use as a root key. Additional ‘key exchange keys’ (KEKs) can also have their public portion stored in the firmware in what is called the ‘signature database’. That database contains public keys that can be used to verify different components that might be used by UEFI (e.g. drivers) as well as bootloaders, and operating systems that get loaded from external sources (disks, USB devices, network, and so on). The signature database will also contain ‘forbidden’ signatures which correspond to a revocation list of previously valid keys. The signature database is meant to contain the current list of authorized and forbidden keys as determined by the UEFI organization.’
The fear expressed by the Linux community in June was that proprietary operating system vendors could demand an implementation of Secure UEFI where device makers do not or cannot share private keys with the buyers/users of the device. Without that, only the entities in the signature database will be able to authenticate drivers and OSes for the hardware.
There are two ways Microsoft could go with its required secure UEFI, says Garrett. Windows can be signed with a Microsoft key and the public part of that key can be included with all systems. Or, each OEM could have its own private key and therefore be the one to sign its own pre-installed version of Windows.
Without a key, Linux will be unable to boot off the machine. It may be possible for Linux distro makers to somehow offer signed versions of Linux, but this too, is problematic as this would require a bootloader not covered by the GPL. It also doesn’t help people who want to run their own custom-tweaked versions of Linux.
Enterprise users should be sure to voice their concerns with their hardware supplier (Dell, IBM, HP, Toshiba and so on). Let them know that just because the technology exists to take choice away from you, doesn’t mean they should use it.
Google Chrome’s rise in popularity has been remarkably fast and it has just hit a new milestone. More than 20% of all browser usage has hit 20 percent market share, according to StatCounter. Net Applications has Chrome cracking 13 percent. Either way, Chrome is growing fast versus IE and Firefox.
Chrome rose from only 2.8% in June 2009 to 20.7% worldwide in June 2011, while Microsoft’s Internet Explorer fell from 59% to 44% in the same time frame. Firefox dropped only slightly in the past two years, from 30% to 28%.
Most Internet researchers agree that Google’s Chrome Web browser is steadily gaining market share at the expense of established rivals, Microsoft Internet Explorer and Mozilla Firefox.
Two top browser researcher disagree on just how much market share Chrome has worldwide. StatCounter said Google claimed 20.7 percent browser share for June, up from 2.8 percent a year ago. Net Applications claimed Chrome actually corralled 13.1 percent, up from 12.5 percent through May.
More broadly, StatCounter said Firefox is next in line to be passed by Chrome at 28.3 percent, with IE at 43.6 percent. On the (much) lower end of the scale, Safari is at 5 percent, with Opera claiming 1.7 percent through the month. Net Applications meanwhile has IE at 53.7 percent, Firefox at 21.7 percent, Safari at 7.5 percent and Opera at the same 1.7 percent. While there is a wide differential between both firms’ figures, it’s clear Chrome is gaining share and momentum.
From Google Chrome officials own lips at Google I/O in May, Chrome had racked up more than 160 million users, up from 120 million in December. If that trend holds true, Chrome should crack the 200 million mark in October. Looking at some numbers based on StatCounter’s stats and guessed Chrome could pass Firefox this November and IE by June 2012. Assuming Chrome’s ascent continues at its average growth rate over the past six months (consider that it took Chrome only two years to hit 10 percent share) Chrome could even hit 50 percent share by November 2012.
Chrome first hit 10% in August 2010 and was still at 19% in May before surpassing 20% in June. If Chrome’s numbers seem a bit high that’s because StatCounter’s method of tracking highlights Google’s strength: attracting power users. Net Applications, another usage tracker, shows Chrome rising fast as well, up to more than 13% usage compared to Microsoft’s 54% and Firefox’s 22%.
“It is a superb achievement by Google to go from under 3% two years ago to over 20% today,” StatCounter CEO Aodhan Cullen said in a press release. “While Google has been highly effective in getting Chrome downloaded the real test is actual browser usage which our stats measure.”
But the groups count differently. While Net Applications tracks a browser’s total number of users, StatCounter measures the total number of website clicks. That means a Chrome user who surfs the Web more often than an Internet Explorer user has more weight in the StatCounter ranking. The discrepancy between the two groups’ findings suggests that users who spend the most time online have switched from Internet Explorer to Chrome or Firefox. There are many reasons for Chrome’s upswing and accelerated release cycles, which means Google is putting snazzy new features that other browsers lack in front of users faster. Case in point: the Chrome Speech capabilities to enable voice search on the desktop.
Chrome advertising and marketing for the browser and Chrome Operating System have also been playing their parts in the growth. Google last year began advertising Chrome on ESPN.com, the New York Times and other high-profile Websites for a year. In May, Google began pushing Chrome as the center of users life experiences, planting a marketing seed for Chrome OS notebooks.
The first Samsung Series 5 Chromebook launched June 15, while it’s unclear how many Series 5 Samsung sold through Amazon.com and Best Buy online. Google made Series 5 Chromebooks vailable for flights as well now. Virgin America is maintaining its reputation as the darling airline of the tech sector, and today it announced a new partnership with Google that will give travelers the option to test Google’s Chromebooks in their flight beginning tomorrow.
The promotion will last until September 30, and passengers will be able to check out a Chromebook at their departure gate and use it freely with Gogo in-flight Internet on their whole flight. In addition to the currently available Chrome apps, Virgin America has co-developed a special Chrome app with Google that includes discussion boards about Virgin America’s trip destinations, city guides based upon data from UrbanDaddy, and information about packing and travel planning. The app will be available in the Chrome Web Store later this month.
Chrome’s rise has been most pronounced in South America where it is the second-most used browser ahead of Firefox and behind Internet Explorer. In the United States, “Chrome has risen to 16% behind market leader IE on 46.5% and Firefox on 24.7%,” StatCounter said. StatCounter measures 15 billion page views per month, including 4 billion from the United States across a network of more than three million websites. Data from Net Applications, which tracks unique visitors to 40,000 websites, show that IE usage dropped from 60.5% in August 2010 to 53.7% in June 2011, while Chrome rose from 7.5% to 13.1% in the same period.
Net Applications also tracks usage of mobile devices, and has found that more than 5% of all Web browsing is now occurring from smart-phones and tablets. The trend toward mobile browsing is even more pronounced in the U.S., where 8.2% of all browsing takes place on mobile devices. Of that, 2.9% of U.S. Web browsing comes on the iPhone, 2.6% on Android devices, and 2.1% on the iPad with BlackBerry next at 0.57%.
That means Apple’s iOS accounts for 5% of U.S. Web browsing, making it the most popular mobile platform.
Their mission is to provide excellent and affordable warranty coverage to consumers. The warranties are offered by many fine consumer-oriented retailers such as Amazon.com, Crutchfield and Buy.com. When you go to purchase from a retailer and if it does not offer SquareTrade warranties, you can always purchase one directly through website – you will likely get a much better warranty for much less than what the retailer offers.
Square Trade’s prices are up to 70% less than other warranties. Check out this price comparison to see how much you save with Square Trade. In fact, they are so serious about providing the best warranty price possible, they can back it up with their Low Price Guarantee.
We’re serious about providing the best warranty price possible. You can save up to 70% on your warranties with SquareTrade and we back it up with a unique Low Price Guarantee. If you find a comparable 3-year warranty that is less expensive than SquareTrade’s Care Plan, we will gladly refund you 110% of the difference. Comparable warranties must meet the following criteria:
- Be available for this item,
- Have no deductible for service,
- Valid for 3 years from date of purchase or 2 years from the expiration of the manufacturer’s warranty,
- Underwritten by an insurance carrier rated A or more by AM Best Company.
- Found within 30 days of your SquareTrade purchase.
To claim on this guarantee, just call or email us and let us know which warranty you’ve found a better price for. You’ll be required to verify the price, either by showing us the website you found it on or by faxing/emailing the warranty price on a receipt.
They are also the only warranty service consistently rated 5-stars by consumers. Check out the customer reviews on the following sites like:
Summary: Privacy fears raised as researchers reveal file on iPhone that stores location coordinates and timestamps of owner’s movements. It’ has been discovered that the iPhone secretly tracks its user and stores the data on the user’s PC. That’s a deal-killer. I don’t want to be tracked like a dog.
Apple’s iPhone saves every detail of your movements to a file on the device. Security researchers have discovered that Apple’s iPhone keeps track of where you go – and saves every detail of it to a secret file on the device which is then copied to the owner’s computer when the two are synchronized.
The file contains the latitude and longitude of the phone’s recorded coordinates along with a timestamp, meaning that anyone who stole the phone or the computer could discover details about the owner’s movements using a simple program.
For some phones, there could be almost a year’s worth of data stored, as the recording of data seems to have started with Apple’s iOS 4 update to the phone’s operating system, released in June 2010.
“Apple has made it possible for almost anybody – a jealous spouse, a private detective – with access to your phone or computer to get detailed information about where you’ve been,” said Pete Warden, one of the researchers.
Only the iPhone records the user’s location in this way, say Warden and Alasdair Allan, the data scientists who discovered the file and are presenting their findings at the Where 2.0 conference in San Francisco on Wednesday. “Alasdair has looked for similar tracking code in [Google's] Android phones and couldn’t find any,” said Warden. “We haven’t come across any instances of other phone manufacturers doing this.”
Simon Davies, director of the pressure group Privacy International, said: “This is a worrying discovery. Location is one of the most sensitive elements in anyone’s life – just think where people go in the evening. The existence of that data creates a real threat to privacy. The absence of notice to users or any control option can only stem from an ignorance about privacy at the design stage.”
Warden and Allan point out that the file is moved onto new devices when an old one is replaced: “Apple might have new features in mind that require a history of your location, but that’s our speculation. The fact that [the file] is transferred across [to a new iPhone or iPad] when you migrate is evidence that the data-gathering isn’t accidental.” But they said it does not seem to be transmitted to Apple itself.
Map shows location data collected from an iPhone that had been used in the southwest of England.
Although mobile networks already record phones’ locations, it is only available to the police and other recognised organisations following a court order under the Regulation of Investigatory Power Act. Standard phones do not record location data.
MPs in 2009 criticised the search engine giant Google for its “Latitude” system, which allowed people to enable their mobile to give out details of their location to trusted contacts. At the time MPs said that Latitude “could substantially endanger user privacy”, but Google pointed out that users had to specifically choose to make their data available.
The iPhone system, by contrast, appears to record the data whether or not the user agrees. Apple declined to comment on why the file is created or whether it can be disabled.
Warden and Allan have set up a web page which answers questions about the file, and created a simple down-loadable application to let Apple users check for themselves what location data the phone is retaining. The Guardian has confirmed that 3G-enabled devices including the iPad also retain the data and copy it to the owner’s computer.
If someone were to steal an iPhone and “jailbreak” it, giving them direct access to the files it contains, they could extract the location database directly. Alternatively, anyone with direct access to a user’s computer could run the application and see a visualisation of their movements. Encrypting data on the computer is one way to protect against it, though that still leaves the file on the phone.
Graham Cluley, senior technology consultant at the security company Sophos, said: “If the data isn’t required for anything, then it shouldn’t store the location. And it doesn’t need to keep an archive on your machine of where you’ve been.” He suggested that Apple might be hoping that it would yield data for future mobile advertising targeted by location, although he added: “I tend to subscribe to cock-up rather than conspiracy on things like this – I don’t think Apple is really trying to monitor where users are.”
The data inside the file containing the location and time information. This is used to plot the map above
The location file came to light when Warden and Allan were looking for a source of mobile data. “We’d been discussing doing a visualisation of mobile data, and while Alasdair was researching into what was available, he discovered this file. At first we weren’t sure how much data was there, but after we dug further and visualised the extracted data, it became clear that there was a scary amount of detail on our movements,” Warden said.
They have blogged about their discovery at O’Reilly’s Radar site, noting that “why this data is stored and how Apple intends to use it — or not — are important questions that need to be explored.”
The pair of data scientists have collaborated on a number of data visualisations, including a map of radiation levels in Japan for The Guardian. They are developing a Data Science Toolkit for dealing with location data.
Davies said that the discovery of the file indicated that Apple had failed to take users’ privacy seriously.
Apple can legitimately claim that it has permission to collect the data near the end of the 15,200-word terms and conditions for its iTunes program, used to synchronise with iPhones, iPods and iPads, is an 86-word paragraph about “location-based services”.
It says that “Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services.”
I don’t know about you, but the fact that this feature exists on an iPhone is a deal-killer. I wouldn’t use such a device. It’s not that I care if someone knows where I’ve been. I just do not like the idea of being tracked like a dog. Apparently, the researchers did not find a similar program on an Android or other smart-phones.
There appears to be no explanation for this feature, but I have a few guesses.
The obvious reason for this data is to reverse engineer individual patterns, so marketing snoops can make some determinations about how to sell us more junk. Are we in and out of cafe’s all day? Do we drive around a lot? It’s all good data.
The researchers did not discover that the phone is reporting the data to HQ, but I’m sure it’s doing it somehow.
Unlike the cell tower information that the police can access, this sort of information could be retrieved by anyone through accessing the PC or Mac where the info is transferred. Thus, patterns of behavior could be used to benefit robbers looking to burglarize your home, or kidnappers looking to grab someone. Not to get too grisly, but assassins would love access to this sort of thing. “Yes, he is always on Pine Road at 9 AM.”
Spouses could use the data to deconstruct suspicious movement, and your boss could use the data to show you have been consistently late to work on Tuesdays—by 10 minutes every day.
There is no end to the dubious usefulness of this sort of tracking information. And it could be argued that drug traffickers could be ferreted out, but few are dumb enough to use an iPhone in the first place. They use disposable cheapies.
While the security researchers have discovered this “feature,” there is no clear way to get rid of it. An interesting iPhone Tracker Web site has cropped up that allows you to look at your data (see where you’ve been!). There’s no real way to prevent the phone from building the database, but the site suggests encrypting your backup, so snoops cannot access the data from your PC.
This is an out-and-out scandal, as far as I’m concerned. And I’m certain that more than a few screenwriters will use this as a mechanism for an upcoming Law & Order or CSI episode.
Users should demand answers from Apple immediately and request that the feature be removed. Nobody wants this. And I do not see it as something that has been used to bring down any drug cartels, either.
It’s just another pathetic part of this surveillance society that we’ve meekly accepted. Thank you, Steve Jobs.