Watts Martin on the iOS Location-Tracking Log

Watts Martin points to this piece from Christopher Vance on the iOS 4 “consolidated.db” location-tracking log — which was written back in September. Martin:

The forest that’s being missed for the Apple trees here? Go back to the observation I made about where this has been discussed: digital forensic circles. I don’t want to claim that consolidated.db exists to aid forensics investigations, but it’s digital manna from heaven for law enforcement (and hackers). Yet any phone you use stores information locally — and if it’s a smartphone, that can be a lot of information, from your calendar to your browsing history. Call me a bleeding heart if you will, but the amount of “digital fingerprints” we leave has increased exponentially over the last two decades, and that trend shows no signs of slowing down.

The problem with “consolidated.db” is that the information it contains is not something we know or expect our phones to contain. Common sense tells you that your iPhone contains a record of the calls you’ve made, your mobile browsing history, your email, your calendars, your contacts. Until yesterday, though, most of us were unaware that the iPhone contained a persistent location log.

The key question for Apple: Given that this file was widely known among iOS forensics experts back in September, why does it still contain historical (as opposed to just recent) location history today?

Thursday, 21 April 2011