Hacker News new | past | comments | ask | show | jobs | submit login
iPhone logs my complete movement profile (protecus.de)
158 points by ladino on Aug 7, 2013 | hide | past | favorite | 112 comments

That's how the iOS core location API works (and it has been this way since iOS 5 atleast, if not earlier).

In particular, there is a |startMonitoringSignificantLocationChanges| method (https://developer.apple.com/library/ios/documentation/CoreLo...), which "callbacks" into apps that have registered with the Core Location framework for significant change updates. The update is provided generally only when cell towers change, so it is not a battery drain (or not a significant one). Hence, your mobile operator definitely has this data, and is most likely already tracking it and/or piping it to the NSA etc.

Significant change monitoring is used by Google Now among other apps (I believe Facebook also does this, I find that more sneaky since they have no obvious need for it). Google Maps navigation does not use this, since it needs more granular and accurate data hence it uses the more battery-intensive location APIs.

If the complaint is that it's okay for Apple to collect this data for apps to use, but there is no need to log it, especially since the user might choose to not allow any apps to access their location data, then that's a fair point. I don't know if iOS shows these logs only on the beta versions, or whether they are stored persistently on release versions as well.

Source: I am a iOS dev, and have built location based apps.

One really important bit of information to add to the first full paragraph is that when the app tries to use startMonitoringForSignificantChanges: for the first time, the user is asked whether or not they want the app to. If they select "Don't Allow", then it's game over for that app until the user changes the setting in Settings. This doesn't stop iOS from doing what it's doing, but should quell fears that random apps are just logging all kinds of user data and sending it to who knows where.

Very true. I wasn't even aware of that part of the Settings app until I started developing. Apple should at least allow developers to "deep link" into the settings screen to remove that friction.

Apple used to allow that (well, developers figured out the right URIs to use), but they broke it in iOS 5.1.1 or 6 IIRC.

I doubt Apple shares this info with the Telcos or why this is even useful to the Telcos. They already know the cell tower you are in. Granted they don't know the exact coordinates but for the most part that should be enough for the NSA. The telcos already know your home address and in some cases where you work as well.

I was paraphrasing. Apple stopped doing giving carriers access with iOS 5.


Right now it just collects the data for traffic estimates. http://allthingsd.com/20110427/apple-breaks-its-silence-on-l...

@tsycho is right. I want to provide a little more "context" to this comment. This is hacker news after all.

As an aside and shout out: @willvarfar's demo reminds me of Jer Thorp's talk from a TedX a couple of years back: http://youtu.be/Q9wcvFkWpsM

Background: I have some experience with iOS location APIs too. My concept was called wrkstrm (Here is a quick 1.5 minute demo I made for the AngelHack 2012 summer finals: http://youtu.be/U0adNGyXsuE)

Apple has been refining CoreLocation almost every year since iOS 2 with a focus to battery life. A huge addition came in iOS 5 which introduced the API changes that @tsycho mentioned - significant location monitoring and geo fencing. Again, @tsycho was astute to note that this information was ALREADY being logged by the phone and provided to telcos (there was a huge scare about this a couple of years ago). All Apple did was give developers access to this data without having to hack (check out @willvarfar's demo and OpenPaths). Another aside: These two APIs are what prompted me to learn how to code. I was seriously disappointed when I found out that Apple was "cheating" the implementation of these APIs. The resolution to these APIs is crap - something like football fields of disparity. This is what started my journey into finding a more accurate way to geo fence and track locations.

The screenshots @ladino linked to use a different approach to generate. This information is NEW. Also it was made possible by two sensor driven user interface innovations which seem totally irrelevant. First, in iOS 6 Apple started running the accelerometer all day with it's raise to speak to Siri feature - (simply put the phone to your ear to activate Siri). Now with iOS 7, Apple has introduced a "constant on" gyroscope, with the introduction of the Parallax effect. Now Apple can (for FREE) measure "stay" events when the iPhone is not moving (using signal processing) without necessarily resorting to expensive / inaccurate geo fencing. That is what provides the new location data @tsycho showed. Why am I so sure that this is what Apple is doing? Apple was originally planning to go even further by providing step count data (similar to the Galaxy S4's S Health data) to developers. This is only possible by running the aforementioned sensors and using signal processing. This was shown in the new iOS 7 technologies during the keynote and even in the iOS 7 beta 1 documentation, but all mentions were abruptly removed with beta 2 and beyond. Look for this is iOS 7.1 or iOS 8.

If you are interested I've decided to elaborate on this post over at my nascent blog:


Siri uses the proximity sensor to implement raise to talk.

The gyro for parallax is only turned on when the screen is on.

The rest of your comment is pretty much tinfoil.

The proximity sensor is not enough to trigger "raise to talk", you also have to have a little jerk of acceleration. If you have the feature enabled, try slowly raising the phone... it won't trigger.

Fair enough - however there is no evidence of how far up the stack that data goes - accelerometers do sudden movement sensing on-chip - not via the CPU.

My other points still stand.

My main point is that Apple is looking to push sensor data up the stack via new APIs in an energy efficient manner by reusing / repurposing components.

True - I don't work for Apple. But I've sampled most "context aware" frameworks and talked to some of the developers that implemented them. Pretty much every "frequent location" tracking implementation works in a similar way. I'm not saying anything revolutionary here (look up sensor fusion).

My 2 cents is just pointing out how meticulous Apple is when it comes to battery drain. There are other examples of this in iOS 6. The best one is how the CoreLocation team used the new MapKit vector graphics to clip GPS coordinates to streets. Again, Apple didn't invent a new technology to improve GPS accuracy, it leverage a new user interface innovation. To implement this Apple released a activity type (driving, walking, etc) API which alerted CoreLocation as to when it would be appropriate to clip coordinates.

Fair enough!

If you want to build transparent context-aware services, your system will need to create this information. Nothing new to do with the iPhone, since Telcos already have had this information for ages (and could use them anonymously) - it's good at least that in this system you see how the data is being analysed and associated with Work/Home, etc... and not that it is hidden in the background.

> "your system will need to create this information"

Or it could ask me to identify locations that I care to have context-aware functionality for -- and then not build a complete history of my movements, with all the associated privacy risks involved, just so that it can guess at what's important to me.

This is my core complaint with Google Now as well. This "track everything and try to sift meaning out of the data" approach is not the only way. It requires someone amass have a massive pile of data on me that I am flatly uncomfortable with.

There's the concern about corporate data sharing/selling, corporate data breaches and now the NSA. It's flatly Just Not Worth It, just so that my phone can spare me the trouble of manually entering a handful of addresses. (Most of the addresses I care about are already in my contacts list.)

That telcos have this information is itself a fault in the system. Not an excuse to give it to everyone.

> This is my core complaint with Google Now as well. This "track everything and try to sift meaning out of the data" approach is not the only way. It requires someone amass have a massive pile of data on me that I am flatly uncomfortable with.

You're right, it's not the only way. That's why I leave only location history on and turn off everything else. I get weather, appointments, stocks and directions to home.


The biggest benefit I see for identifying frequently-visited locations is that it provides a shortcut for the system to narrow your location down much more accurately without relying on the full GPS+WiFi location-based tracking.

WiFi network + frequent location can probably put you at your house, your office, or your bus stop almost instantaneously (with corrections coming as GPS updates), meaning that using location-based services like Find my iPhone, map routing, or (my most frequent use case) nearest bus stops and their times, can be accomplished much faster and with less battery life.

Likewise, a poor GPS location + frequent locations can narrow you down much faster even with WiFi turned off.

As long as this data is stored only on my phone and not provided wholesale to applications, I'm fine with it; otherwise, it's concerning.

If adding SSID is helpful, then it can be included in the "location" definition that I'd still rather manually specify.

Given current affairs, it's bad that this system doesn't inform the user about a new feature being activated on default. It is hidden in the background.

Actually when you setup your iPhone (including these betas) it does ask you if you want to have the feature enabled. It certainly wasn't on by default for me, I agreed to it. Granted it doesn't go into incredibly great detail of exactly what it was tracking but it does give you the gist.

If the NSA wants to track you, there's far simpler ways than asking Apple to build a new product feature than can be disabled.

> "If the NSA wants to track you,"

It's not about when the NSA wants to explicitly track you. It's about things like their "3 step" policy, where they search this bulk data for anyone within 3 degrees of separation of an alleged "person of interest".

What happens if they start working in your location data to (attempt to) infer degrees of separation? And now you're getting searched/visited/explicitly tracked/placed on the 'more-thorough screening' list at the TSA, because you happened to take some MMA classes at the 'wrong' gym in Boston and your web history had some keyword hits.

If I picking a flaw with the line I might have gone for 'When' but you make a pretty fine point there.

However, I'm fairly certain they can already do that by tracking cellphone activity in terms of ping back to the network and asking the telcos to turn it over. This would just give them it in a more targeted capacity.

If telcos keep the data, in personally-identifiable format, beyond what's necessary to run their networks, that itself is a problem to be solved.

Plenty of research suggests that they don't need to have it as personal data but it can be extrapolated who's the subject of analysis.

>If the NSA wants to track you, there's far simpler ways than asking Apple to build a new product feature than can be disabled.

I don't know...letting a plethora of private entities collect and aggregate user data for easy access with (or without in many cases) a court order seems almost like the epitome of simplicity. Most of the hard work (both resource-wise and legal) has been done for you or is easy to do. Just cause one could design a simpler system of acquiring user data doesn't mean that features like this aren't profoundly simple and useful to them.

I take your point though, that the NSA doesn't need to direct a company to code features that collect data...because so many companies already do. It's a waste of their breath. They just need to concentrate on grabbing what has already been grabbed. We've been the product for a long time now, and we're either being sold to the government, or the government is taking what they want under (il)legal cover.

Which is why there's an off switch for the feature. Of course we don't know if the offswitch is an offswitch or a 'hide this from the user' switch but then we have to start mistrusting all the technology around us.

When you set up a new iPhone, it asks whether you want location services to be enabled or disabled.

How do you know that it doesn't? I mean it's a developer beta of an unfinished product, isn't it?

Android does this too with Google Now.

iOS7 uses frequent locations, pretty much like Google Now, to provide the travel times, with traffic, between your frequently visited locations.

Here's a screenshot: http://cdn.macrumors.com/article-new/2013/06/location2.jpg


Google Now is bordering scary

Here's what happens on Google Now when you travel

1 - Search for a place (this is usually the hotel you're going to)

2 - Get there

3 - Google Now will give a traffic alert "xx minutes until $PLACE" (the place you searched for in n.1 )

After owning an Android for a couple of days, it correctly identified my 'home' without me having to enter or setup anything and gave me traffic information on getting home whenever I drove anywhere out.

It also identifies searches for any location (like you said) and offers directions to get there.

When travelling abroad, it identifies your change of location and offers up currency exchange rates and places to visit nearby.

Awesome and scary at the same time.

I didn't even mind that. What really freaked me out about Google Now is when it started showing package tracking cards based on having shipping notices in my email. Of course Google has access to all of that, but it weirded me out the first time I saw it.


Most of the times I check invoice emails I am looking for the Tracking Information.

This is what makes it tough to move away from Google. Yes they give the NSA access to my data and border on scary by analyzing all of my usage but they offer some really handy options.

Last time I traveled abroad I used Airbnb. When I arrived at the airport, Google Now gave me direction (by rail!) to the apartment I had rented. Spooky.

I don't think I've seen Apple copy any more blatently recently. iOS7 is bad enough but the attempt to outdo Google Now with calendar appointments is going to take a lot of hard work.

Copy what? The idea of showing context aware information?

Pretty much, the new screen on iOS7 is really so close to Google Now that if Google had added it in Android 5 there would have been all sorts of arrogant smug blog articles about how Google can't innovate etc.

You're trying too hard to find an angle where there isn't one.

With respect, accusations of copying were levelled at Apple's competition over having rounded corners on their devices, and rounded corners on their icons.

Practically a carbon copy of one of Google's most advanced features is worthy of note I think.

If you are repeating that false 'rounded corners' meme then you are either paid by Samsung (who started that), or beyond reason.

That's a rather offensive false dichotomy. Please don't accuse me of being paid off or mentally incapable.

I apologize if you really didn't know that Apple didn't make that accusation.

On August 24, 2012 the jury returned a verdict largely favorable to Apple. It found that Samsung had willfully infringed on Apple's design and utility patents and had also diluted Apple's trade dresses related to the iPhone ... The jury found Samsung infringed ... design patents that covers iPhone's features such as the "home button, rounded corners and tapered edges" (US D593087) and "On-Screen Icons" (US D604305).

Source: http://en.wikipedia.org/wiki/Apple_Inc._v._Samsung_Electroni....

This seems to indicate that Apple did indeed assert what I claimed. Can you show me how this is false?

Pretty sure Google's own lawyers told Samsung the design was too close before it was even released.

This document proves that the meme is false and that Apple did not attempt to protect 'rounded corners'.

Apple asserted a design patent that protects the overall appearance of the iPhone - the 'trade dress'. Rounded corners are one of many attributes that describe the appearance of the iPhone. If you copy enough attributes - as the court ruled that Samsung did, you have copied the appearance.

Taking a single element out of context is a lie that Samsung originated, designed to give the appearance that Apple attempted to protect a ridiculously broad concept which the documents show that they did not do.

> This document proves that the meme is false and that Apple did not attempt to protect 'rounded corners'.

You are straight up lying here. Observe the patent: http://www.google.com/patents/USD593087

'many attributes' in this case meaning 'two attributes'.

Reading your post history you have a short history of only posting pro Apple and repeating many similar assertions. Yet you have the gall to accuse me of being a paid shill. Hilarious.

Yep, I realized that Google Now (aka the Google Search app on iOS) tracks your location only when my Google Activity reports started reporting Google Latitude data. At first I was confused since I haven't used that service since day 1 of launch, then after some digging around I noticed the search app is integrated with Now on the iOS and enables location services on tracking your every movement.

And to add to this point, a lot of apps seem to do it. I was wondering why my battery was draining so frequently and I took a look at my location services list and I noticed that Foursquare was another culprit that tapped into my location services very frequently.

You mean that thing it asks you for permission to do when you set up the phone, and gives you a slider to disable? It actually does it? Well, I'm shocked, I tell you, shocked.

Atleast they will show you the data, unlike phone companies who hold all this data anyway.

Once you have a phone device with an active signal you are tracked, and that's just not being paranoid either.

Example: Visualization of 6 months of cell phone data retention of a German politician:


But how much of the collected data do they show you? IMO services like this should be opt-in, rather than opt-out.

And perhaps when it's no longer a developer only beta - with all the additional caveats, agreements, monitoring and instrumentation which that entails - it will be.

it's currently ios7 beta, i really hope they do it opt-in in the future.

The difference between ios7 and previous versions is not that ios7 is logging. It's that ios7 is telling you that it's logging and what it is logging. Location Services always worked this way - it just wasn't exposed to the user.

The same happens with Google Maps https://maps.google.com/locationhistory/ unless you disable location history.

I think it's naive to suppose that your location information is not stored anywhere. Moreover, your location can be determined also if you're using a dumb-phone using cell towers triangulation.

A long time ago, when the first iphone location logs got attention, we made a little web-page for people to visualise this:


Blog post: http://williamedwardscoder.tumblr.com/post/15210221400/visua...

> It turns out people have no squirms dragging and dropping their private backup files - often all their files, and not just picking out the files we ask for even - onto a webpage running code we wrote.

I have been using the iOS7 beta since it came out, and before doing this, it had asked me for permission. This is opt-in, so if you don't like it you don't have to use it.

yes on install it asks if it is allowed to use location services at all (for all apps) but not for this tracking feature.

Both iPad and iPhone iOS 7 betas asked me separately about this feature.

What's wrong with this? Apple are openly providing this information for you to view - rather than others who don't even warn the user. Plus, it's improving their services which you more than likely need.

Why complain? You can opt out.

> Why complain?

Because the person in the article is German, and Germans love their privacy-by-default and opt-in. Datenschutz über alles.

Germany has the "benefit" of having experienced the Gestapo and Stasi so there is knowledge how dangerous omniscient parties are.

So learning lessons from totalitarianism is totalitarian? WTF did I just read?

i didn't complain i am just scared that they logged me without telling me.

On all my devices this was defaulted off. I didn't turn it on via settings screen, but in response to an early alert box asking if OK to keep track of usual locations to help compute travel times. Agreeing turned this on.

iPhone asks you if you want to enable Location Services when a) you set it up the first time, and b) when an app wants to use location data

Why do our European leaders even plan RFID in licenceplates? With this in the default 'ON' position on all smartphones they can already keep an eye on everybody. http://www.autoblog.nl/images/wp2013/tweet-2.jpg

Stop being paranoid - they can already track you from cell tower data.

We should stop being paranoid because we are already being tracked?

It is nothing new. In previous iOS, this data was not presented to users at all.

Android does this too.

At least you can turn this off in iOS 7 beta 5.

- It was invisible to the normal user! - It collects these exact data since iOS 7 beta 4 and shows it since beta 5!

This is just flat untrue. It has collected this data since b1 and I found the screen that showed it in b2 or b3 (but it was probably present in b1 as well). It also explicitly asks you if you want this feature (separate from the location services opt-in).

It also does analysis, similar to Google Now, that tells you how long it will take to get home from where you are now.

Society has accepted to be tracked all the time/everywhere with the introduction of mobile phones.

If we don't like this, we should start to talk more proactively to people about the dangers our technology brings.

In my opinion, "accepted" is not the most precise word to describe it. If telco companies would say at the beginning: "You can buy mobile phone from us, but the part of the deal is that you will be tracked. Do you accept that?" If most people say Yes, that would be accepting it.

The reality was, that it was slowly revealed over time that the tracking is being done, and most people realized it only after mobile phones became a norm and very hard to get rid of.


I'd say that it's the responsibility of those familiar with technology to reveal what possibilities it opens up.

And of course it's the responsibility of the Press to give these points the visibility they deserve.

And one problem of the past was probably the disconnect between tech people and Press people (tech was not understood by the people behind the presses). Today, we have tech bloggers and social media. Let's hope this will make up for something.

indeed. And the worst part imo is: it is simply too late now. Half the planet seems addicted to their phone and won't give it up no matter how deep it goes into your private life.

Since this is a developer preview, there are plenty of other logging options as well.

For example, if you got to the Settings -> Developer -> Logging menu, you can dump all your network traffic.

You can also do this on (some) application-levels, e.g. if you go to the iMessage preferences, you can enable "iMessage Logging" and "Registration Logging", same for FaceTime (though I'm not sure why any developer would need this, it looks more like this is an Apple-internal thing that they forgot to disable for the public).

I'm pretty sure this is completely against the NDA...No respect.

Wow, this is an amazing find.

I can understand that Apple/govt would love this information. But anyone has guesses on why this would be a public facing feature?

As another poster said, it will analyse your locations and predict your 'home to work' time, or between offices, so you can account for travel time (see OSX Mavericks calendar improvements).

I'm sure they will also use it some other ways too, but the gist is that it actually benefits end-user features and isn't just for dragnet data collection.

Four years ago I led a project like this. In this slideset you can see on page 4 what we wanted to build and on page 5 whate we would need: http://www.w3.org/2008/09/msnws/slides/vodafone-pye.pdf

This is a super-interesting project, but not something I would be interested in using.

If I arrive at Piccadilly Circus, I don't want my phone to tell me what service I [should need/should be using] - I want to easily and consistently access any service that I want from my phone.

I want to be in control of my phone, not for my phone to be in control of me.

Even then people were overwhelmed by the phone functions and could not navigate the directory when they needed something quick. With people having installed tens of apps nowadays, this problem is even worse...

I feel that the correct solution to this is approximately the one that now exists: allowing people to control how the navigation screens look, and control for themselves how to access the apps they use.

transparency for privacy (+1 for apple)

Would you rather not having this feature? It is better to have th ability to clear this data from your phone, which is currently provided in iOS 7 beta 5.

It's not an Amazing find at all, given that apple has built a relatively sophisticated UI for it.

It's public facing precisely because people are concerned about this kind of data collection. This way you can make an informed choice about what apps can see about you and what to send to apple.

BTW, it asks specifically if you want to share the information with Apple to improve maps data before activating that feature.

What depresses me is, I see how this information could be used in many kinds of amazing ways, but since I cannot control who gets it and what they will do with it, I refuse to use it for fear that it will be used against me.

It is the tragedy of the modern connected world, one that Stallman and others saw coming years ago. And it will keep getting worse.

iOS let's you choose:

- Whether this information is collected at all - which specific apps can access it - whether apple can receive an anonymized copy of it to improve their maps

The data is stored securely on your device and you can see it delete it.

What more control do you want?

Looks like they're just making visible what they've been doing for years, hardly a new controversy.

2011: http://www.pcworld.com/article/225845/Why_Apple_Tracks_You_V...

True, but we all know from marketing/propaganda lessons that frequent repetition is the only way to drive a point home in most cases... :)

This was covered in The Verge this week: http://www.theverge.com/2013/8/5/4590794/ios-7-will-ask-user...

Im not related to this project, but I thought its worth mentioning here:


I thought this only happens with your permission. I remember this is in the first few screens after you update. Also in the screen shot of his it clearly shows he gave permission to remember location. Why is this news? What am I not seeing?

a bit scary to see exactly how often and when i was where with my gf... nice to see they added a microphone privacy setting.

Anyway imho it's close to a perfect surveillance system.

I don't think it's wise to trust any such "privacy setting".

What devices really need is a hardware switch allowing us to physically disconnect cameras and microphones.

I've never understood why this was not introduced as a standard when laptop cams/mics started being built-in.

How can you trust a hardware switch any more than a software switch? Granted you can take your hardware apart to inspect it, but:

- can you put your laptop together again? (especially tablets) - will you be able to see the switch innards to ensure it is disconnected? - who will bother?

Someone could take apart such a switch once and verify that it works, and then tell everyone else who owns such a device. With software, this is very hard, and when software can be updated at any time it is impossible.

Because 99.99% of people wouldn't use that switch and then would call tech support because they accidentally switched it off and now their camera wont work. It already happened with those stupid WiFi hardware switches...

I'd say that will happen for some time after you introduce hardware switches. But it will certainly wear off. I don't see that as a valid reason.

>But it will certainly wear off

There've been WiFi hardware switches for 10+ years and it's not showing any sings of wearing off.

This does not exist :)) looked for it, and I have the same beta.

It does. Maybe you didn't look very closely, or maybe it doesn't exist on older devices (I have iPhone 4S and I have this feature).

My iPhone 4 does not have this, so it looks like it's a 4s-and-above thing.

iPad mini here A1455

If anybody was wondering, A1455 is the cellular model. So it should be able to collect this information accurately.

Although, let's look at the title:

> iPhone logs my complete movement profile (iOS7 screenshots) (protecus.de)

We're not talking about iPads here.

It probably only works on devices with GPS. If you have a Wi-Fi version of the iPad it doesn't have one, so they don't present the feature.

Maybe just not on noncellular devices then; my iPhone 5 definitely has it.

Counter-anecdote: I found it on an iPhone 5 running iOS 7 Beta 5.

The iPad does not have the “Frequent Locations” feature. At least my third gen iPad (with GPS) doesn’t.

tested on iPhone 5

Applications are open for YC Winter 2022

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact