It appears that unlike Apple, this isn't unlimited:
// Cache sizes
private static final int MAX_CELL_RECORDS = 50;
private static final int MAX_WIFI_RECORDS = 200;
This is true of the iPhone cache as well. See http://news.ycombinator.com/item?id=2467895
"The unlimited size of Apple's cache is probably just a mistake."
I think this is what concerns people most. This "mistake" has your triangulated location based on cell towers tracked for years and years, across multiple devices, when there really is no recognizable need to store/cache this much location data for this long. It seems, judging by the above linked source-code, that Android has it right on this one.
Which is helpful for me since I've long suspected AT&T has a dearth of towers in my section of the UES, maybe I can get a microcell out of this, haha.
Also iOS no longer uses Skyhook as of iOS 3.2. Plus Skyhook is for Wifi access point location data, not cell-tower location data. Apple uses its own database for that now which you consent to update with your location data. http://www.f-secure.com/weblog/archives/00002145.html
If they are using CoreData as the storage engine, it is possible they changed backends without ever looking at what was stored in it.
Looking at it now I guess it can be seen as misleading. It wasn't my intention though.
edit: changed the title ..
"OMG APPLE TRACKS US!!" thing going on is overblown
If a device tells you that it is tracking you; eventually giving you the possibility of opting out, deleting all tracks of you on request, then it's fine by me. But otherwise it isn't, and this practice should really stop.
And here I was a couple of months ago, thinking about how cool / evil would be to make an app that tracks someone's route for spying purposes (like your girlfriend for example). Apparently iPhones give it away for free, no extra work required ;-)
Phones with GPS incorporated can be mindbogglingly evil -- just think about the costs involved in hiring a private eye to track the daily route of someone, day after day, for a whole month. People don't do it because of the costs involved and because an incompetent can blow away his cover.
iPhones are equipped with GPS, and that data is there, waiting for you to retrieve it. You don't have to do anything special about it -- you just have to gain access to that iPhone somehow.
I'm not accusing Apple of anything, I really think it was just a minor slip-up on their part. But these things are dangerous ;)
The only records I have for example are from when I explicitly had Google Maps open, no other program on my iPhone has my permission to use the location based services, and as such it didn't track where I was going at all.
The location controls do not affect it at all.
If this was being tracked even when using non-location services wouldn't that be updated every time I pass by a new cell tower? Wouldn't it know about the trip I made with a co-worker to a town I've never been to before?
Can you point me where in the tables there is data (based on timestamps) that is updated more often and kept around?
It would make sense to store this information on a server, so why aren't they? Is it a mistake, or are there laws that preclude this? Maybe it's track now, figure out what to do with it later. The data is extremely valuable.
My suggestion: for the next YC application, invent a way for people to sell this data back to marketeers. I'll sell my data for a lot less than what Apple's or AT&T are charging.
and only your wireless carrier. Now anyone who you lend your phone to while you take a bite to eat can read your location data. Or Apple. Perhaps if it's not encrypted, and there's an iOS vulnerability, anyone could read the data. Not just your wireless carrier.
That's why this is a big deal. Why store this data? If it most be stored, why has no effort been put in to keeping it safe? Just because one company could read it before doesn't mean that it's okay others can too. We naturally assume (and rightly so) that our wireless carriers can and do track our every move. But we "trust" them; we sure as hell don't trust anyone else.
Edit: And it's even creepier that this was secret. It's not like we're getting mad at official Apple TOS or policy; they didn't tell us they were tracking our location and storing the data forever and ever. Fuck that, that's scary and unpleasant.
Also, I carry a lot more sensitive information on my phone than the cellphone towers it talks to-- I suspect this is the same for most people. Anybody that's installed, say "Mint" on their iphone, has used the "email" application, or sent the occasional drunken SMS message probably has a lot more to worry about than the location data stored on their phone.
I guarantee you I protect the data on my phone a lot more than Apple does. Apple sells it. Here's an opportunity for me to sell it too.
I won't get into paranoia mode, or conspiracy theories, _but_ I am fine with either phone being aware of my location, and even my recent movements (subject to disclosure) -- I am NOT fine with that log being undisclosed and perpetual
But hey, I'm not stopping anyone from hopping into the most recent episode of the iPhone hating bandwagon. It's what makes the internet go round (any hate bandwagon for that matter)
That's true in the sense that mercury thermometers do not measure temperature -- they measure the height of a column of mercury.
now it's all about a pair of sql queries or regexps.
It's not even in the same realm.
Am I wrong? I'm not really sure about this.
Imagine scenarios where people are reading your location data. Authorities, governments, espionage... all of them would be largely foiled due to the fact that root access is required and gaining that root access would leave trails.
Do I really have to explain the difference between data easily accessed via usb and data that is stored in protected areas of the rom on an Android device? Spot on with your comment voting there HN. Thanks as usual.
OK, but you've already got my phone!
Authorities and governments aren't foiled, they just got to AT&T and get the data from its source (where, incidentally, I can't have tampered with it).
As for espionage, I rather suspect the CIA and its foreign counterparts can figure out a way to root my phone quietly.
Again, it's not in the same realm considering that it's protected inside the ROM of the phone. Even if you HAD my Android phone, it's not game over. Please, go buy a Droid X, upgrade to the latest OTA rom for which there is no root exploit.
Then try to get into the (already very limited) timestamp/tower data on my phone. You won't be able to. That's my point. On the other hand, with your iPhone, like I said, "I've already got your phone" and it's game over for your location data.
How about just girlfriends, bosses, etc? Anyone with a usb cable and another mobile phone or laptop knows (roughly) exactly where you've been going for months.
Let's ask the so-far unasked question: Why? Both Google and Apple built in location-caching. Seems mighty suggestive of something, maybe something like the color printer Mysterious Yellow Ink dots (http://www.instructables.com/id/Yellow-Dots-of-Mystery-Is-Yo...).
Meanwhile, it seems the location DB is basically just a bog-standard cache to speed up the AGPS. Can we stop flipping the fuck out now?