According to Guardian report, independent researchers Pete Warden, a former Apple employee, and Alasdair Allan, a data visualisation scientist, announced that they’ve explored a file hidden inside iOS backups which appears to track the location of the device going back as far as the installation of iOS 4.
The file contains the latitude and longitude of the phone’s recorded coordinates along with a timestamp, meaning that anyone who stole the phone or the computer could discover details about the owner’s movements using a simple program.
For some phones, there could be almost a year’s worth of data stored, as the recording of data seems to have started with Apple’s iOS 4 update to the phone’s operating system, released in June 2010.
“Apple has made it possible for almost anybody – a jealous spouse, a private detective – with access to your phone or computer to get detailed information about where you’ve been,” said Pete Warden, one of the researchers.
The only way be sure your information never falls into the wrong hands is to encrypt your backups. If you do this, your location data will be accessible only by password.
Follow these steps to add this extra layer of security:
* Plug your device into your computer and connect to iTunes
* Select your device from the iTunes menu
* Scroll down to the bottom of the device’s main screen
* Clock the button that says “Encrypt iPhone (or iPad) Backup”
* Enter a complex password
Particularly worrying is that this file is unencrypted on the device (and on your Mac or PC, unless you encrypt your iTunes backups) and so easily accessible by anyone with access to your computer’s iTunes backups folder or with jailbreak access to your device. Because of the way iTunes handles backup-and-restore, the data will even automatically persist across devices if you replace your iPhone.
You can watch Allan and Warden’s discussion about the data and how it can be surfaced in this video: