A pair of mobile forensic researchers who independently identified a location tracking system on the iPhone 4 several months before it was publicized earlier this week say that law enforcement agencies are currently using data from a hidden iOS file called "consolidated.db" in criminal investigations.
Evidence from the location tracking database stored on iPhones "has been used in actual criminal investigations and yes, it's led to convictions," said Alex Levinson, a Rochester Institute of Technology researcher and technical lead for iOS forensics consultant Katana Forensics.
But Levinson and Christopher Vance, a Marshall University digital forensics specialist, also contend that Apple probably included the technology in its iOS operating system to deliver location-based services like iAds rather than to create dossiers on the whereabouts of iPhone users.
A great deal of buzz has surrounded a Wednesday O'Reilly Radar blog post by researchers Pete Warden and Alasdair Allan that highlighted a hidden file on iOS devices like the iPhone and iPad which includes latitude-longitude coordinates and a timestamp to track where such devices have been geographically and when.
But Warden and Allan apparently weren't the first to discover the file.
Did you know that Apple is tracking your every move with your iPhone and iPad? A blog post published today on O'Reilly Radar claims that devices running iOS 4 are gathering location and storing it in an unencrypted manner.
"What makes this issue worse is that the file is unencrypted and unprotected, and it's on any machine you've synched with your iOS device. It can also be easily accessed on the device itself if it falls into the wrong hands. Anybody with access to this file knows where you've been over the last year, since iOS 4 was released," wrote Pete Warden, founder of the Data Science Toolkit, and Alasdair Allan, a senior research fellow at the University of Exeter.
The data is being stored to a file known as "consolidated.db," which includes latitude-longitude coordinates and a timestamp.
Of course, this shouldn't surprise anyone who read the entire 45-page EULA, as it clearly states the following clause when going into detail on the type of “non-personal information” that Apple can “collect, use, transfer, and disclose … for any purpose.”
We may collect information such as occupation, language, zip code, area code, unique device identifier, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising.
Update: Due to user backlash, Facebook has suspended this feature for now. One reason is that, while it is opt-in to give this information to an app, you have to make that decision before you get to actually see what the app does, during the install process.
This weekend, Facebook updated its developer blog with some new abilities for developers of Facebook apps. The biggest change is the ability from those apps to now access user contact information like home addresses and phone numbers. This data used to be kept confidential from apps, but now they will be able to access it if a user grants that permission. There are some obvious uses for that, such as a shopping app which fetches your address for shipping purposes. Apps will have to explicitly ask for user permission, which will appear as a new entry on the Request for Permission screen, and they will be expected to follow Facebook's rules of conduct. The safest course of action, of course, is to not add your contact information to Facebook in the first place.
Read More | Facebook
Ever since Facebook added photo tagging, it has become one of the most popular photo sharing service online; but tagging can be a chore, especially when you have to tag hundreds of photos containing the same person. Recently, they made it a bit easier by allowing users to type one name and apply it to multiple photos. Today, Facebook is taking it even further with the introduction of tag suggestions. Based on a facial recognition system, the social network site looks at each new image that is submitted and suggests your name if you've been tagged before, as well as names of friends. This makes tagging more intuitive and look less like extra work. The Facebook blog is quick to add that you can customize that feature in your privacy settings, and turn off the possibility of being suggested in photos.
The feature should be coming to United States users in the coming weeks. The suggestion page will simply appear after you upload photos when the new service is available, and will help keep your life's precious moments more personalized.
Read More | Facebook
The Wall Street Journal published a report last week saying that the Obama administration could make a move that is being called a turning point in privacy oversight. The White House is pushing for new privacy laws and a new position to oversee the matter, an Online Privacy Watchdog. The US Dept of Commerce is currently said to be drafting a series of recommendations that, if made into laws, would add a significant layer of protection for consumers's privacy when dealing with online services, everything from buying items online and giving out your credit card information, to how sites like Facebook or Google handle your personal data. While nothing is final yet, this would bring the US in line with other countries like Germany and the UK who already are tackling the online privacy issue.
Read More | Wall Street Journal
Looks like Google agrees with the vast majority of us as it pertains to Facebook's insane policy where they will allow you to import the data of your contacts, but refuse to let you get that data back out of the service. When you attempt to export your contact data from Google to Facebook, you get the warning above, where Google lets you know that once you export your data to Facebook, it is stuck there, and that they "strongly disagree" with the practice. They don't stop you, of course, but they do make it known what's going on, while Facebook tries to hide it.
Read More | Google Contacts Export
Today Facebook introduced yet another new feature of the popular social networking site: Friendship Pages. The way they describe it, this feature allows two people who've shared a bunch of common Facebook interactions to have their own dedicated page. With this new feature, a couple, friends, or any two people can see on a single page all their common wall posts, pictures they're both tagged in, events they've both gone to, and so on. This adds a layer of personalisation to the site, and makes it easier to follow the happenings of the ones you want, through the sometimes overwhelming amount of 'stuff' that can plague your stream of posts.
Of course, being Facebook, this will also most likely bring out questions about privacy and security. It remains to be seen if Friendship Pages become popular, but we bet they'll at least bring more embarrassing moments to the masses, for those who enjoy that kind of stuff.
Read More | Facebook Blog
Remember when the Internet was a place where you could come to put a mask on, and say whatever you wanted, however you wanted thanks to anonymity? Those were the golden days. Nowadays, however, with the advent of Facebook, more and more people are wearing their hearts on their digital sleeves. And the simple truth of the matter is some people look a hell of a lot better masked.
So Facebook just launched Facebook Places, a feature that lets you check-in to local spots, and even lets others check you into those spots without your knowledge or approval by default. We figured some wouldn’t appreciate that, and would want to opt-out of some or all of the Facebook Places functionality, and we wanted to fill you in on just how to do it.
First, log in to Facebook and choose Privacy Settings from the Account menu at the top right. Click on Customize to get to where we need to go. The first area we want to check is called “Things I Share.” One of the categories is “Places I check in” - this is set to be visible to all your friends by default, and you can make that more or less restrictive in this area. Right below it is an option titled “Include me in ‘People Here Now’ after I check in” which is also on by default. This lets anyone know you are at a location if they are also there, or nearby.
The last option is the one that lets others check you in against your will, and it’s enabled by default. Scroll down to the “Things Others Share” area, and you’ll see a Enable/Disable toggle for “Friends can check me in to Places.” If you don’t want others associating you with a location, you can turn that off here.
There you have it! We’re sure Places is going to be huge for Facebook, and that a lot of people will be joining in on the fun, but we also know there are a bunch of you that would rather not be involved, so we wanted to let you know how to shut it off.
It seems that the social networking site Facebook is a lot more social than previously thought. That is, thanks to Ron Bowes of Skull Security, who created a 2.8GB torrent file containing the personal information of about 1/5th the total number of users on Facebook (500 million for those who haven’t heard.)
Ron accomplished this by crawling Facebook’s open access directory with a program that stored and filed each users data. The victims come in the form of FB users who have not changed their privacy settings to avoid search engine detection. The torrent contains the profile information of each stalked users most intimate details, such as addresses, phone numbers, and the URL to each of their profiles. Also, searching a logged user’s Facebook profile will allow you to search their friends list and find people despite their unique privacy settings.
Ron is under legal authority in how he obtained the information, so nothing illegal has been committed. But you may want to think twice about what you are sharing with others in your social network, before your entire life becomes public domain for some creep browsing torrents.
Read More | Thinq
© Gear Live Inc. – User-posted content, unless source is quoted, is licensed under a Creative Commons Public Domain License. Gear Live graphics, logos, designs, page headers, button icons, videos, articles, blogs, forums, scripts and other service names are the trademarks of Gear Live Inc.