Skip to main content

Apple and YOUR privacy.


Apple know's your Wifi SSID and where it's located.
You may say, no news here because I authorized it in my iPhone.

Yes, ok.. but did you authorize Apple to know MINE too?

Ok.. you're confused.. I'll explain:
every time you use google maps on your iPhone or any other application
which uses the location service, you are sending Apple your GPS position along with 
the Wifi mac adresses of the networks
(access points) your phone sees.
So, let's say, you didn't authorize Apple to know where you are but someone else has.
Now picture that someone else passing by near your house.
As soon as that someone uses the location service, Apple will know the position of your wifi access point.
I wonder how this passed totally under the radar of "privacy aware" organizations.
It won't be long till someone will exploit this and the pandora box will be opened.

A proof: one of my access points mac addresses is in Apple database. I don't have a 3G or 3Gs iPhone and I've never authorized Apple to map my access point location.
But if I check with my iPod Touch and google maps, while I'm connected to that access point, Apple gives me my position and in a pretty accurate way.
Of course if I switch to another access point in my network, or if I change the mac address of the same access point, Apple doesn't know "yet" where I am.

At least until someone, passing by my house will use the "location" services.

This behaviour is TOTALLY against the law, at least here in Europe.

Feel free to spread the word about this "issue", and please link back to this article.

Comments

  1. It's certainly shifty, though I imagine they'll keep on doing it and just argue that your network is publicly visible and accessable, therefore has no expectation of privacy.

    Not saying that's a goodthing, but I suspect it's how it will all go down.

    Note: I've no idea of the specifics of local law where you are.

    ReplyDelete
  2. You may be right. But it should be the same with photography! I can just go and shoot pictures of people without their consent. Even google maps had to hide people faces.
    Because that puts someone in some place at some date and time.
    It should be the same with wifi mac addresses.

    ReplyDelete
  3. Also my door or my car plate are publicly visible.

    What if someone maps the location of car labels?

    What do you think will happen?
    A riot.

    Wifi mac address and SSID are visible (sometimes) that doesn't mean anyone can know where an access point is.

    Same for cars: you can't know where a car is based on it's plate.

    And you can't make a map of were a car plate is in a single date/time.

    It's exactly the same thing.

    This behaviour is illegal.
    Period.

    ReplyDelete
  4. Are you sure they are not using the IP address to know your location ?
    When ISP register IP adress they give locations of the IP adress.
    when using DSL, the location is the location of the nearest pop which in dense area is nearby your location.
    Are you sure they are not using this ?

    ReplyDelete
  5. 100% sure.

    They are using the access point mac address.

    ReplyDelete
  6. Yeah, I agree with you 100%. Whether it's strictly legal or not aside, it opens doors to a whole world of problems down the road; particularly given it's mac addresses being recorded, without consent.

    Makes me cringe too. All those wifi finder apps that are constantly scanning and geotagging access points for users, just one guy going for a drive would provide Apple with physical locations and mac addies of every network along the way, without his even attempting to join them.

    ReplyDelete
  7. Hi Zibri,

    I guess it is an issue of GMaps. I'll try ASAP to sniff GMaps internet traffic off my Android Magic Smartphone.

    Cheers Zibri!

    ReplyDelete
  8. P.S.

    Your article just published on my FB wall

    ReplyDelete
  9. Gmaps is a little different.

    This is what happens when you use gmaps on the iPhone:

    1) The iPhone contacts Apple sending your gps position and the wifi mac addresses it sees (on an https connection).

    2) Apple answers with the position (if they have it).

    3) The iPhone asks gmail for the map based on the coordinates Apple gave it and/org cell tower id.

    Note: that last one method is the one used on PC and on android too.
    I don't care if google know the gps position of cell towers, I care if they know the gps position of a wifi access point mac address.

    ReplyDelete
  10. Zibri, you're entirely incorrect. Apple does not get this information from iPhones that send them the MAC addresses of nearby routers when using CoreLocation. Apple licenses this information from a company called Skyhook that drives around in various towns and cities with trucks that index MAC addresses and log their exact GPS locations.

    When you use an iPod touch and use CoreLocation while connected to a Wi-Fi network, it will report all of the MAC addresses of base stations it sees around it and will connect to some server and grab the GPS coordinates of those locations.

    See http://en.wikipedia.org/wiki/Skyhook_Wireless

    ReplyDelete
  11. Now the news has spread even outside the iPhone world...

    http://www.theregister.co.uk/2010/04/22/google_streetview_logs_wlans/

    ReplyDelete
  12. Magari l'hai già letto...

    http://www.repubblica.it/tecnologia/2010/05/15/news/guai_per_google_street_view_ha_registrato_dati_wi-fi_privati-4087621/

    ReplyDelete

Post a Comment

Popular posts from this blog

TP-LINK Configuration file encrypt and decrypt.

Here we go! TP-Link is another company that thinks that security by obscurity could ever work. If you "backup" the configuration from most TP-Link routers, you will get a .BIN file which is "encrypted". Use this utility below, to decrypt it (so you can edit it) and encrypt it again. Have fun. Drop files here or

Huawei E585 Unlock download!

Here is the unlocker for you to download! Highlights: 1) very fast (2-3 seconds) 2) Compatible with Xp, Vista and Win7 3) easy to use. Instructions: Download the program. Run the program. Donate via paypal and PASTE the  confirmation number  of your donation. The transaction id should work after a minute from your donation. Donate using the window opened by the program. The code will work only on the PC you run the program. This program works only with Huawei E585. Send me an email if you need an unlimited version. (Unlimited number of unlocks) Note: If the program says "Connect card." that means that E585 drivers are not installed correctly. Remove any "wifi manager" and old drivers, then reinstall E585 drivers from it's virtual cdrom. Please be sure that you have run "autorun.exe" which should have appeared in a pop-up window when you first inserted the Mifi.  This is required to install all the drivers that are needed for the modificatio...

Huawei E585 Unlock download!!!

Here is the unlocker for you to download! Highlights: 1) very fast (2-3 seconds) 2) Compatible with Xp, Vista and Win7 3) easy to use. Instructions: Download the program. Donate via paypal and PASTE the confirmation number  of your donation. The transaction id should work after a minute from your donation. Donate using the window opened by the program. The code will work only on the PC you run the program. This program works only with Huawei E585. Send me an email if you need an unlimited version. (Unlimited number of unlocks) Note: If the program says "Connect card." that means that E585 drivers are not installed correctly. Remove any "wifi manager" and old drivers, then reinstall E585 drivers from it's virtual cdrom. Please be sure that you have run "autorun.exe" which should have appeared in a pop-up window when you first inserted the Mifi.  This is required to install all the drivers that are needed for the modification.  If you have ...