How Long Was the iPhone Location Vulnerability Known?
I’m very intrigued by the Guardian’s piece iPhone keeps record of everywhere you go | Technology | guardian.co.uk but I’m wondering how new this information is, and whether other less transparent folk have already been using this gaping hole. Charles Arthur writes:
But it seems that folk on a forum have already been talking about it since January: Convert Iphone 4 Consolidated.db file to Google earth:
Someone called Gangstageek asked on Jan 6:
Is there a way to, or a program (for the PC) that can read the Consolidated.db file from the Iphone 4 backup folder and accurately translate the cell locations and timestamps into Google earth?
Other forum members helped him out. Indeed, an earlier forum, from November 2010, looked at the same file. kexan wrote on Nov 26:
We are currently investigating an iphone used during a crime, and we have extracted the geopositions located within consilidated.db for analysis. During this we noticed that multiple points have the same unix datestamp. We are unsure what to make of this. Its kind of impossible to be on several locations at once, and the points are sometimes all over town.
Going back even further, Paul Courbis wrote on his site (translated from the French), including a demo:
Makes it relatively easy to draw the data on a card to get an idea of places visited by the owner of the iPhone..
I don’t have an iPhone so I’ve not been able to test this. But I’m guessing that this issue may have already been known for some time by some kind of folk. Indeed, there are tools in use by police and others that may have already exploited this kind of vulnerability.