Poisoned Tracks

Like everyone else yesterday, I downloaded the iPhone Tracker app and peeked into the cached location database.

Iphone location

Nothing too unexpected (there’s a cluster of NYC data too), but I quickly noticed some spurious data. Specifically the cluster of data at Edwards Air Force Base (just to the left of the lake in the center) and the scattered plots just south of CA-58 in the Tehachapis. I figured that the location data was cached cell tower locations instead of GPS tracks which today’s follow-up stories seem to confirm. A Ihnatko commenter nails it:

Look at the timestamps on the data: rows occur as big clumps with IDENTICAL timestamps, ranging over a wide region. It’s not saying you were in a couple dozen locations all at once; it’s listing off all the visible cells (and their estimated locations, and the quality of the estimates) at a particular instant.

That’s the real reason you see data points in places you haven’t been: it’s not an artifact of the imprecision of cell triangulation. It’s one of the cells that was used *for* triangulation; i.e., your phone was able to detect a faint signal from a cell site at that approximate location.

Scroll back in time in the tracker tool, to the earliest weeks around home. (Helps if you choose a week when you didn’t travel anywhere). They’re probably almost empty, and the few data points that exist are in outlying areas you haven’t been to. Is this because you weren’t using your shiny new iPhone much in the first few weeks? Of course not! It’s because every other cell that was seen at that time has been observed again, more recently — so the corresponding row has been updated with a more recent timestamp. The remaining points for those weeks from long-ago represent the few cells that your phone *hasn’t* seen since then.

Apple isn’t trying to keep a location history at all; that’s just a side-effect of the thoroughness of this cell location caching.

Yes, in nefarious hands, this data can be used to track past locations — but only on the order of showing the most recent time your phone visited a given city. For a wide and frequent traveller, this could be upsetting. For someone that mostly sticks to just a few cities, the database reveals practically nothing.

To be fair, Android phones also caches location in a similar way (and there’s an app to read it out). so ease down on the “Big Steve Is Watching You” paranoia, but I got to wondering…

Could a location cache with false data be written to the phone? Could these location caches be introduced as evidence if regular call log/cell tower information is unavailable? How soon until someone devious enough frames a mark by changing the phone files to indicate that they were someplace they weren’t.

If you use this idea in a screenplay, I’ll only charge a modest 8%.

Author: Chris Barrus

You are not cleared for this information.

Leave a Reply

Your email address will not be published.