My take on the iPhone location services hubbub

Tech sites and developer blogs have been reacting to the recent release of iPhoneTracker, a Mac OS X app that can easily plot where you’ve been, and when, since you started using your iPhone. While it might sound “scary” or “creepy” from the get-go, it’s not horrible – it carries roughly the same privacy concerns as leaving your laptop or phone unlocked and inadvertently allowing people to peruse your recent calls, emails, or other personal data.

Some Mac/iOS developers on Twitter have been bemoaning the backlash from this not-so-new revelation – that the iPhone keeps track of every time you geolocate and stores it in a relatively easily-accessible database. I’ve heard arguments like, “this outrage is coming from a population that regularly checks themselves into Foursquare,” or “you’re at fault if you let this information get into the wrong hands.” I think these defensive statements are missing the point, and border on zeal toward Apple.

I need to reiterate my stance on this issue, lest I be grouped in with the down-with-Apple FUD crowd (or with the non-Apple-shareholder crowd): I don’t think this is a very big deal. As it’s been stated over and over again, recently: cell phone companies track your location and record your calls all the time, so the DHS or FBI or whoever can come down hard on you if the need arises. A history of where you’ve been over time might even seem useful to some. But I still think that blame can be placed on whoever at Apple decided to retain this tracking data indefinitely, and do so in an easily-accessible database file.

The reason Apple stores location data on your phone is so those who explicitly opt-in to provide “diagnostic” data to Apple can help improve their geolocation services. If Apple’s phones can tell them where Wi-Fi networks are physically located, then even devices without GPS technology can still be geolocated rather confidently. It’s a fascinating effort that I have opted to take part in, but I have two main concerns, which I have yet to hear good answers to:

  • Why has Apple decided to retain tracking data on your phone indefinitely? According to Apple’s terms, diagnostic information might be sent up to twice a day. If that’s the case, why isn’t the data destroyed locally afterwards? Why can’t I destroy it without starting from a fresh iOS installation? Is there any further use for it?
  • Why is it so easy to access this tracking database? When you sync your iPhone to any computer, the tracking database is saved along with the rest of your backup – and applications like iPhoneTracker have access to these files without administrator privileges.

I am not an iOS developer, and I can’t even claim to know the ins and outs of file permissions, let alone how the internal storage of my iPhone works. But I do find it alarming that this file can be accessed and I won’t even be notified or requested for permission. iPhoneTracker was created as proof of this. It’s child’s play for a malware developer to access this database and upload the information anywhere, and you don’t know the first thing about security if you trust in good faith that this sort of thing won’t happen.

I’m not mad at Apple. I’m not mad, period. I just have some unanswered questions, and it’s hard to get them answered amongst the squawking from all sides.

P.S. one non-argument I read earlier is that Android keeps a cache of your location tracking as well. I will hold Google equally responsible, but only if that cache can be accessed without root privileges, and if it is stored indefinitely. I might be wrong (by all means, prove me wrong), but I don’t believe either to be the case.

Europe Trip Omg

Anna and I are going to Europe! For 2.5 weeks! In November!…

Yes, we’re really, really jumping the gun and planning way too far in advance. But what the heck there is not much else to do during downtime at work. At this point we’re planning on visiting these places:

  • London
  • Paris
  • Cinque Terre
  • Rome
  • Venice
  • Munich
  • Berlin
  • Amsterdam

We’ve already bought some pretty cheap airplane tickets. We’re planning on taking trains from place to place, and using as many sleeping cars as possible to save time and money.

Doing this in 2.5 weeks is a little ridiculous, so we are considering dropping Rome, Venice, Amsterdam, or some combination thereof. We’ve never been to Rome but there are definitely enough churches to see along the way, I’ve been to Venice but hear that it’s murky and ugly in November, and I’ve also been to Amsterdam and while it’s beautiful, I’m not really sure what there is to do for 2 days unless you plan on taking mushrooms.

I’ve been nerding out in planning this thing. We’re using Google Wave to collaborate on all the aspects of the trip – airfare, trainfare, lodging, things to see, dates and locations, etc. etc. The events we’re proposing so far are on a Google Calendar, which I am sending through Yahoo! Pipes, entering into Google Maps, and back into an iframe in Google Wave so we can see a map of places we plan to go to. I’ve already put a Google Spreadsheet together of possible times, durations and fares for train travel from place to place.

The only real downside to planning so far in advance is that we have so long to wait and obsess over it. I’m hoping that when the time comes we aren’t too jaded or disappointed, but it’s not a genuine concern. In the meantime we can learn more about the places, cultures, and languages, so when we’re there we don’t just hang around the biggest tourist attractions we can find.

This also means that there’s time for you out there in blogland to give us suggestions on what to see and what to skip. C’MON, DO IT.