iPhones and 3G iPads are regularly saving position data to a hidden file, say two presenters at today’s part of the 2011 Where 2.0 conference in Santa Clara, California. The file, consolidated.db, is reported to have a “long list” of stored locations and time stamps, and moreover carry it over between backups and device migrations. A history can potentially hold “tens of thousands” of data points stretching back to the introduction of iOS 4.
The data is thought to be created using cell-tower triangulation, but with erratic timing, which could be a result of traveling between towers or else a device’s own activity. People can access the information by downloading a custom application. At the software’s download site, users can also read extra technical information.
The file may represent a security and privacy threat by default, it lacks encryption or any other form of protection. The only immediate safeguard is to choose to encrypt backups through a device panel in iTunes. Apple is noted to have been informed of the vulnerability for months now, but has not yet responded.
