[liberationtech] iPhones/iPads secretly track 'scary amount' of your movements

Rafal Rohozinski r.rohozinski at psiphon.ca
Wed Apr 20 19:51:53 PDT 2011 

It's not just iPhones that record vast amount of data that can be easily geo-located and reconstruct  person's movements,  networks, and personal  communication - any cell phone going back 15 years stores  data through log files, message  and SMS traffic that can be reconstructed and retrieved to create pretty comprehensive profiles of usage and location.  Devices that do forensic extraction (UFED) are quite widespread and in use throughout police forces intelligence agencies as well as  most cellular carriers  around the world. For those of you for whom  this is a revelation, I'd advise you to take a look at this website of a leading provider of UFEDs.  There are some interesting videos, and once you're done,  take a look at where this company has  it's permanent representatives.

http://www.cellebrite.com/forensic-products/ufed-physical-pro.html

Time for a reality check. Mobile phones are essentially digital dogtags so if you're concerned about  the ability they have to track your movements and  communications -  do like Osama, use  exclusively off-line means through trusted intermediaries.  Otherwise  accepting that cell phones are  a risk to privacy is just  the flip side of the convenience that these devices bring.  With or without Apple  networks are essentially  spiderwebs    -  that's the essence of modern signals intelligence. 

It's worrisome that there are a lot of myths   among the activist community about cell phone security. True, you can "drive up the negatives" and make it  more difficult for a casual actor to scan or  obtain PII  from your  phone ( so I  I agree with Nathan) -  but if you're up against  well resourced opponents, most of these tools  plain ineffective and their very presence on your phone may be more of a giveaway that  actually makes you more  of a a target of interest.   Unfortunately security is not a product or something you can buy shrink-wrapped in code.  Its practice and process  and  ultimately comes down to the risks you're willing to take in the service of an objective  or cause.  And if you want to play in the big tent, it's  good old-fashioned tradecraft and not better toys that make a difference.

Rafal



On Apr 20, 2011, at 5:43 PM, Frank Corrigan wrote:

> 
> I am aware of the general principle of mobile phone tracking, it is just
> that most people assume this data is only accessible via cell tower
> providers or via a court order/lawful request, not recorded on the
> device itself and accessible in an easy to read format to anyone who has
> access and inclination or has impounded it for law enforcement purposes.
> I suppose it's a bit like the Windows IE index.dat files. Now of course
> anyone crossing a USA border can have such devices taken away and such
> location data easily copied for later in-situ analysis.
> 
> Frank
> 
> ----- Original message -----
> From: "Nathan Freitas" <nathan at freitas.net>
> To: "Frank Corrigan" <email at franciscorrigan.com>, "Liberation
> Technologies" <liberationtech at lists.stanford.edu>
> Date: Wed, 20 Apr 2011 16:20:13 -0400
> Subject: Re: [liberationtech] iPhones/iPads secretly track 'scary
> amount' of    your movements
> 
> On 04/20/2011 03:55 PM, Frank Corrigan wrote:
>> More reasons for activists/protesters in hostile (ordinary) environments
>> not to bring along their mobile phone, latest cell connected gizmo.
> 
> ... and return to megaphones, flags, smoke signals, carrier pigeons and
> frantic arm waving instead? If our ordinary environments are truly
> hostile, then either we give up ever using a mobile phone, or we find
> some way to address the problem.
> 
> Don't get me wrong, this latest revelation on mobile privacy is indeed
> scary, and Apple better fess up. I just think we can fix these issues,
> instead of allowing them to be disempowering.
> 
> In this case at least, turning your phone into "airplane mode" would
> have stopped the phone from broadcasting its availability to and
> registering with mobile towers. This would stop the active triangulation
> of your location from being logged into the local iOS database.
> 
> I have an "airplane mode" icon on my Android phone home screen. Anytime
> I am not expecting an important call, or am reachable by another means
> (email, IM, irc), I generally activate it. Not only does it reduce my
> location footprint data trail, but it also saves quite a bit of battery
> life!
> 
> I also like Google's Latitude Dashboard which encourages user to really
> "own it" when it comes to mobile location data tracking. They have a
> really pretty UI, charts, etc, that can show you how many minutes a day
> you spend at home, the gym, work or your local pub. Their point is that
> if government and mobile phone operators already have this data, why
> shouldn't you (the user and human being tracked) also benefit from it?
> 
> https://www.google.com/latitude/history/dashboard
> 
> All in all, we shouldn't cede the advantage technology can bring to the
> movements and causes we care about because developers at Apple and Skype
> (see their recent issue with Android app data permissions) are clearly
> make very bad decisions about how they implement their closed-source
> software.
> 
> Best,
> Nathan
> 
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> 
> You will need the user name and password you receive from the list moderator in monthly reminders.
> 
> Should you need immediate assistance, please contact the list moderator.
> 
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech

_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders.

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list