Privacy fears raised as researchers reveal file on iPhone that stores location coordinates and timestamps of owner's movements
Apple’s iPhone saves every detail of your movements to a file on the device. Photograph: Linda Nylind for the Guardian
Security researchers have discovered that Apple's iPhone keeps track of where you go – and saves every detail of it to a secret file on the device which is then copied to the owner's computer when the two are synchronised.
The file contains the latitude and longitude of the phone's recorded coordinates along with a timestamp, meaning that anyone who stole the phone or the computer could discover details about the owner's movements using a simple program.
For some phones, there could be almost a year's worth of data stored, as the recording of data seems to have started with Apple's iOS 4 update to the phone's operating system, released in June 2010.
"Apple has made it possible for almost anybody – a jealous spouse, a private detective – with access to your phone or computer to get detailed information about where you've been," said Pete Warden, one of the researchers.
Only the iPhone records the user's location in this way, say Warden and Alasdair Allan, the data scientists who discovered the file and are presenting their findings at the Where 2.0 conference in San Francisco on Wednesday. "Alasdair has looked for similar tracking code in [Google's] Android phones and couldn't find any," said Warden. "We haven't come across any instances of other phone manufacturers doing this."
Simon Davies, director of the pressure group Privacy International, said: "This is a worrying discovery. Location is one of the most sensitive elements in anyone's life – just think where people go in the evening. The existence of that data creates a real threat to privacy. The absence of notice to users or any control option can only stem from an ignorance about privacy at the design stage."
Warden and Allan point out that the file is moved onto new devices when an old one is replaced: "Apple might have new features in mind that require a history of your location, but that's our specualtion. The fact that [the file] is transferred across [to a new iPhone or iPad] when you migrate is evidence that the data-gathering isn't accidental." But they said it does not seem to be transmitted to Apple itself.
iphone-data-map Map shows location data collected from an iPhone that had been used in the southwest of England
Although mobile networks already record phones' locations, it is only available to the police and other recognised organisations following a court order under the Regulation of Investigatory Power Act. Standard phones do not record location data.
MPs in 2009 criticised the search engine giant Google for its "Latitude" system, which allowed people to enable their mobile to give out details of their location to trusted contacts. At the time MPs said that Latitude "could substantially endanger user privacy", but Google pointed out that users had to specifically choose to make their data available.
The iPhone system, by contrast, appears to record the data whether or not the user agrees. Apple declined to comment on why the file is created or whether it can be disabled.
Warden and Allan have set up a web page which answers questions about the file, and created a simple downloadable application to let Apple users check for themselves what location data the phone is retaining. The Guardian has confirmed that 3G-enabled devices including the iPad also retain the data and copy it to the owner's computer.
If someone were to steal an iPhone and "jailbreak" it, giving them direct access to the files it contains, they could extract the location database directly. Alternatively, anyone with direct access to a user's computer could run the application and see a visualisation of their movements. Encrypting data on the computer is one way to protect against it, though that still leaves the file on the phone.
Graham Cluley, senior technology consultant at the security company Sophos, said: "If the data isn't required for anything, then it shouldn't store the location. And it doesn't need to keep an archive on your machine of where you've been." He suggested that Apple might be hoping that it would yield data for future mobile advertising targeted by location, although he added: "I tend to subscribe to cockup rather than conspiracy on things like this – I don't think Apple is really trying to monitor where users are."
iphone data The data inside the file containing the location and time information. This is used to plot the map above
The location file came to light when Warden and Allan were looking for a source of mobile data. "We'd been discussing doing a visualisation of mobile data, and while Alasdair was researching into what was available, he discovered this file. At first we weren't sure how much data was there, but after we dug further and visualised the extracted data, it became clear that there was a scary amount of detail on our movements," Warden said.
They have blogged about their discovery at O'Reilly's Radar site, noting that "why this data is stored and how Apple intends to use it — or not — are important questions that need to be explored."
The pair of data scientists have collaborated on a number of data visualisations, including a map of radiation levels in Japan for The Guardian. They are developing a Data Science Toolkit for dealing with location data.
Davies said that the discovery of the file indicated that Apple had failed to take users' privacy seriously.
Apple can legitimately claim that it has permission to collect the data: near the end of the 15,200-word terms and conditions for its iTunes program, used to synchronise with iPhones, iPods and iPads, is an 86-word paragraph about "location-based services".
It says that "Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services."
Wednesday, April 20, 2011
Thursday, April 14, 2011
Get wired performance from your Wi-Fi network
By Becky Waring
Although the Wi-Fi arms race isn't going to let up any time soon, wireless can never be as fast and reliable as wires.
So why fight it? Get the best of both worlds with a hybrid Wi-Fi and powerline network, perfect for streaming high-def video.
Why Wi-Fi doesn't cut it for streaming video
Recently I was asked to redesign a home network for a client who couldn't get reliable wireless Netflix streaming to his home theater. He was also frustrated by the feeble throughput in much of his house, despite investing in four (count 'em, four) 802.11n Wi-Fi routers.
Although his was an extreme case, with a 5,000-square-foot house spread over two wings and a central connector, his network challenges were typical of those upgrading from older Wi-Fi routers: how to get reliable and dropout-free throughput for media streaming as well as faster overall performance for high-bandwidth tasks such as network backup and storage.
You might think dropping U.S. $150 on the latest 300Mbps 802.11n router should do the trick, but in many cases even the fastest Wi-Fi routers can't deliver smooth streaming video where it's needed, and network backups might take hours or even days to complete.
Wireless throughput drops rapidly with distance from the router and is also subject to interference from a myriad of sources — from cordless phones and microwaves to neighboring Wi-Fi nets. Even momentary glitches in a video stream can be enough to ruin the movie-watching experience.
My client's Wi-Fi issues were compounded by the fact that his house is made of bricks, which along with stone, concrete, water tanks and pipes, stucco siding, and ceramic tile are very effective wireless-signal eaters. (Stucco siding has chicken wire inside that creates a Faraday-cage effect, blocking signals going in or out.)
His existing network was a mesh of four routers running in Wireless Distribution System (WDS) mode with three remote routers acting as wireless repeaters, receiving signals from the others within range and rebroadcasting them.
This system was adequate for ordinary Web surfing and e-mail, but it failed entirely when it came to streaming video to the TVs. By the time the Wi-Fi signal had hopped access points to the farthest corners of the house, it was degraded to practically nothing. The only place he could get a solid video stream was in the same room as the main router connected to his cable modem.
Today, with an added investment of about $300, he's got robust video and data everywhere in the house, and I have a happy client. Read on to find out how we brought wired performance to his Wi-Fi network.
The secret sauce: powerline network adapters
The secret to success? I ditched the wireless mesh design and connected each of the routers to the network with four new 500Mbps powerline adapters from Netgear.
By using powerline gear, which turns home electrical wiring into an Ethernet network, we turned a sketchy wireless network backbone into a rock-solid wired one without having to run new Ethernet cabling all over the house.
Although older 75- and 200Mbps powerline gear has been around for years, it has never really broken through to the mainstream due to both cost (about $75 per adapter, far more than Wi-Fi adapters) and the relatively slow throughput compared to Ethernet cabling.
The new 500Mbps standard finally breaks the elusive "Ethernet-equivalent" speed barrier, with real-world transfer rates of 70–80Mbps in one direction and more than 100Mbps in both directions at once, thanks to built-in gigabit Ethernet ports.
Perhaps more to the point, 500Mbps powerline gear can comfortably deliver 40Mbps streaming 1080p video (as from a ripped Blu-ray disc), the current gold standard. And it doesn't suffer the vagaries of wireless reception.
Thus far, only Netgear and TRENDnet are shipping 500Mbps adapters, with Netgear being the best performing, according to a SmallNetBuilder review. But expect many more products soon from other powerline vendors such as D-Link and Cisco Linksys.
The Netgear Powerline AV 500 Adapter Kit XAVB5001 we used (info page, about $140 retail) consists of two adapters. One plugs into your main router via Ethernet as well as into a wall power outlet, and the other plugs into a power outlet in the remote location where you'd like to deliver an Ethernet port. (See Figure 1.)
Netgear XAVB5001 Kit
Figure 1. The two parts of the Netgear Powerline AV 500 Adapter Kit
The kit is plug-and-play — no setup is required. You can also buy adapters individually. You can use up to a total of 16 adapters around the house, although you probably need them only in strategic locations such as your home theater or basement office.
In my client's case, I simply connected one powerline adapter to each of the four routers that covered the two wings of his house, then changed the wireless setup in the three remote routers so that each was creating its own Wi-Fi net rather than using WDS. (Each was already set in bridge mode, which turns routers into access points only — you can have only one true router per network.)
By using precisely the same SSID (Wi-Fi network name), password, and encryption type (use WPA2-PSK with AES if you can — it's the most secure) in each router/access point, I created a roaming Wi-Fi net where mobile clients such as laptops and smartphones see only one network. They simply connect to the access point with the strongest signal.
It's easiest to create a seamless roaming network with identical routers because manufacturers have varying encryption and channel-selection options that may not quite match up. However, you should be able to accomplish the same thing I did with most modern routers. I recommend the Cisco Linksys E4200 or E3200, which are the current performance and feature leaders in their price classes. (See Figure 2.)
Cisco Linksys E4200
Figure 2. Cisco Linksys E4200 Maximum Performance Wireless-N Router
Both have simultaneous dual-band 2.4 and 5GHz radios, which give you even more network design flexibility. (The 5GHz band is typically much less noisy and crowded.) They also have gigabit Ethernet switches, QOS (quality of service) support for prioritizing streaming media, and USB ports for shared storage drives. At a $160 list price, the E3200 (info page) is slightly less expensive yet full-featured enough for most users.
The top-of-the-line E4200 (info page; $180) pictured in Figure 2 adds a UPnP media serving capabilities for attached storage (a handy feature that can stream media directly to many set-top boxes) and up to 450Mbps throughput on the 5GHz band (assuming you have a matching 450Mbps-capable client card).
Mixed Wi-Fi/powerline network-design strategies
Although most houses don't need four Wi-Fi access points to get full coverage, using powerline gear gives you the freedom to put your routers/access points in the places they do the most good. You can place them pretty much anywhere you have a power outlet.
In my client's case, we located one of the access points directly behind his home theater. This way, I was able to take advantage of the 4-port Ethernet switch in the back of the router to connect his Blu-ray player, Apple TV, and Wii. This strategy saved the cost of a wireless adapter for the Blu-ray player; it also gave all his streaming devices direct wired connections — and glitch-free video.
A huge side benefit is that no streaming video or Internet gaming traffic is competing for scarce Wi-Fi bandwidth because it never leaves the wired network.
I could also have attached a standard 5- or 8-port Ethernet switch to the powerline adapter to achieve the same result. In fact, Netgear has announced a 500Mbps home-theater powerline kit with a four-port switch built into one of the adapters. It should be shipping any day now.
Note that any devices plugged into one powerline adapter need to share the bandwidth through that port, so you probably wouldn't want to put multiple high-bandwidth devices such as NAS drives on one adapter. In the case of a home theater, only one set-top box should be actively streaming at a time.
A powerline adapter is also a great way to network a printer. Even so-called wireless printers usually have an Ethernet port, too; so if you can't get a good wireless printing connection in your desired location, try powerline.
Finally, conserve your powerline bandwidth by placing network backup drives in the location where your computers reside most of the time. For example, if you spend most of your time in the family room, connect your backup drive or NAS to an access point in that room.
Because they are both connected to the same access point, data will flow straight from computer to NAS, without ever going back down the powerline connection to the main router. As a bonus, you'll have a strong Wi-Fi connection in the room where you need it most.
Using your Powerline gear successfully
Although powerline gear is plug-and-play, that doesn't mean it's infallible. Because it's dependent on your home electrical system, line noise from hair dryers, cell phone chargers, and the cycling of microwaves and refrigerators (as well as certain AFCI breakers) can all affect performance.
In addition, if you have very old wiring (I still have a bunch of knob-and-tube wires in my 100-year-old house) or a mixture of wiring and breaker panels, you could have problems.
So always buy powerline gear from a vendor with a good return policy, and test it immediately after you get it to be sure it works in your particular environment.
Fortunately, the Netgear kits are very easy to test. When you plug them in, the middle powerline light glows green, amber, or red. Green signifies a nominal link rate greater than 80Mbps, amber a link rate between 50–80 Mbps, and red a rate below 50Mbps. You can keep trying outlets until you find the best ones.
In my tests, amber was usable for light Web surfing, printing, and e-mail but not for video or heavy file transfers. Red was simply not satisfactory. On the other hand, green was great — it felt like regular Ethernet.
In my client's house, we ended up with three green locations and one amber. But in one room, the first three outlets we tested were red before we got a green signal. Luckily, the room in which we couldn't do better than amber was not a location for which we needed high throughput.
If you get a lot of amber results, make sure that you are not near sources of noise. Chargers, power supplies, or other devices plugged into nearby outlets can be culprits. If these are interferences for you, move them as far away as possible, or use a filter. Netgear also makes powerline adapters with a filtered outlet for problem devices (info page).
Another thing to remember is that powerline adapters need to be plugged directly into the wall, never into a surge suppressor, which wreaks havoc on the powerline signals.
Also, if you already have older powerline gear, don't mix it up. While 500Mbps powerline gear is backwardly compatible with the 200Mbps standard, you'll get greatly reduced performance. With powerline, it's best to stick with one vendor and one speed to avoid the inevitable finger-pointing when things go wrong.
Finally, if you live in an apartment building or other location where you may share electrical circuits with someone else, use the buttons on the side of the Netgear adapters to change the encryption key from the default so that no one can snoop on your powerline network. Press the encryption buttons on your adapters within two minutes of one another, and they will pair up.
Although the Wi-Fi arms race isn't going to let up any time soon, wireless can never be as fast and reliable as wires.
So why fight it? Get the best of both worlds with a hybrid Wi-Fi and powerline network, perfect for streaming high-def video.
Why Wi-Fi doesn't cut it for streaming video
Recently I was asked to redesign a home network for a client who couldn't get reliable wireless Netflix streaming to his home theater. He was also frustrated by the feeble throughput in much of his house, despite investing in four (count 'em, four) 802.11n Wi-Fi routers.
Although his was an extreme case, with a 5,000-square-foot house spread over two wings and a central connector, his network challenges were typical of those upgrading from older Wi-Fi routers: how to get reliable and dropout-free throughput for media streaming as well as faster overall performance for high-bandwidth tasks such as network backup and storage.
You might think dropping U.S. $150 on the latest 300Mbps 802.11n router should do the trick, but in many cases even the fastest Wi-Fi routers can't deliver smooth streaming video where it's needed, and network backups might take hours or even days to complete.
Wireless throughput drops rapidly with distance from the router and is also subject to interference from a myriad of sources — from cordless phones and microwaves to neighboring Wi-Fi nets. Even momentary glitches in a video stream can be enough to ruin the movie-watching experience.
My client's Wi-Fi issues were compounded by the fact that his house is made of bricks, which along with stone, concrete, water tanks and pipes, stucco siding, and ceramic tile are very effective wireless-signal eaters. (Stucco siding has chicken wire inside that creates a Faraday-cage effect, blocking signals going in or out.)
His existing network was a mesh of four routers running in Wireless Distribution System (WDS) mode with three remote routers acting as wireless repeaters, receiving signals from the others within range and rebroadcasting them.
This system was adequate for ordinary Web surfing and e-mail, but it failed entirely when it came to streaming video to the TVs. By the time the Wi-Fi signal had hopped access points to the farthest corners of the house, it was degraded to practically nothing. The only place he could get a solid video stream was in the same room as the main router connected to his cable modem.
Today, with an added investment of about $300, he's got robust video and data everywhere in the house, and I have a happy client. Read on to find out how we brought wired performance to his Wi-Fi network.
The secret sauce: powerline network adapters
The secret to success? I ditched the wireless mesh design and connected each of the routers to the network with four new 500Mbps powerline adapters from Netgear.
By using powerline gear, which turns home electrical wiring into an Ethernet network, we turned a sketchy wireless network backbone into a rock-solid wired one without having to run new Ethernet cabling all over the house.
Although older 75- and 200Mbps powerline gear has been around for years, it has never really broken through to the mainstream due to both cost (about $75 per adapter, far more than Wi-Fi adapters) and the relatively slow throughput compared to Ethernet cabling.
The new 500Mbps standard finally breaks the elusive "Ethernet-equivalent" speed barrier, with real-world transfer rates of 70–80Mbps in one direction and more than 100Mbps in both directions at once, thanks to built-in gigabit Ethernet ports.
Perhaps more to the point, 500Mbps powerline gear can comfortably deliver 40Mbps streaming 1080p video (as from a ripped Blu-ray disc), the current gold standard. And it doesn't suffer the vagaries of wireless reception.
Thus far, only Netgear and TRENDnet are shipping 500Mbps adapters, with Netgear being the best performing, according to a SmallNetBuilder review. But expect many more products soon from other powerline vendors such as D-Link and Cisco Linksys.
The Netgear Powerline AV 500 Adapter Kit XAVB5001 we used (info page, about $140 retail) consists of two adapters. One plugs into your main router via Ethernet as well as into a wall power outlet, and the other plugs into a power outlet in the remote location where you'd like to deliver an Ethernet port. (See Figure 1.)
Netgear XAVB5001 Kit
Figure 1. The two parts of the Netgear Powerline AV 500 Adapter Kit
The kit is plug-and-play — no setup is required. You can also buy adapters individually. You can use up to a total of 16 adapters around the house, although you probably need them only in strategic locations such as your home theater or basement office.
In my client's case, I simply connected one powerline adapter to each of the four routers that covered the two wings of his house, then changed the wireless setup in the three remote routers so that each was creating its own Wi-Fi net rather than using WDS. (Each was already set in bridge mode, which turns routers into access points only — you can have only one true router per network.)
By using precisely the same SSID (Wi-Fi network name), password, and encryption type (use WPA2-PSK with AES if you can — it's the most secure) in each router/access point, I created a roaming Wi-Fi net where mobile clients such as laptops and smartphones see only one network. They simply connect to the access point with the strongest signal.
It's easiest to create a seamless roaming network with identical routers because manufacturers have varying encryption and channel-selection options that may not quite match up. However, you should be able to accomplish the same thing I did with most modern routers. I recommend the Cisco Linksys E4200 or E3200, which are the current performance and feature leaders in their price classes. (See Figure 2.)
Cisco Linksys E4200
Figure 2. Cisco Linksys E4200 Maximum Performance Wireless-N Router
Both have simultaneous dual-band 2.4 and 5GHz radios, which give you even more network design flexibility. (The 5GHz band is typically much less noisy and crowded.) They also have gigabit Ethernet switches, QOS (quality of service) support for prioritizing streaming media, and USB ports for shared storage drives. At a $160 list price, the E3200 (info page) is slightly less expensive yet full-featured enough for most users.
The top-of-the-line E4200 (info page; $180) pictured in Figure 2 adds a UPnP media serving capabilities for attached storage (a handy feature that can stream media directly to many set-top boxes) and up to 450Mbps throughput on the 5GHz band (assuming you have a matching 450Mbps-capable client card).
Mixed Wi-Fi/powerline network-design strategies
Although most houses don't need four Wi-Fi access points to get full coverage, using powerline gear gives you the freedom to put your routers/access points in the places they do the most good. You can place them pretty much anywhere you have a power outlet.
In my client's case, we located one of the access points directly behind his home theater. This way, I was able to take advantage of the 4-port Ethernet switch in the back of the router to connect his Blu-ray player, Apple TV, and Wii. This strategy saved the cost of a wireless adapter for the Blu-ray player; it also gave all his streaming devices direct wired connections — and glitch-free video.
A huge side benefit is that no streaming video or Internet gaming traffic is competing for scarce Wi-Fi bandwidth because it never leaves the wired network.
I could also have attached a standard 5- or 8-port Ethernet switch to the powerline adapter to achieve the same result. In fact, Netgear has announced a 500Mbps home-theater powerline kit with a four-port switch built into one of the adapters. It should be shipping any day now.
Note that any devices plugged into one powerline adapter need to share the bandwidth through that port, so you probably wouldn't want to put multiple high-bandwidth devices such as NAS drives on one adapter. In the case of a home theater, only one set-top box should be actively streaming at a time.
A powerline adapter is also a great way to network a printer. Even so-called wireless printers usually have an Ethernet port, too; so if you can't get a good wireless printing connection in your desired location, try powerline.
Finally, conserve your powerline bandwidth by placing network backup drives in the location where your computers reside most of the time. For example, if you spend most of your time in the family room, connect your backup drive or NAS to an access point in that room.
Because they are both connected to the same access point, data will flow straight from computer to NAS, without ever going back down the powerline connection to the main router. As a bonus, you'll have a strong Wi-Fi connection in the room where you need it most.
Using your Powerline gear successfully
Although powerline gear is plug-and-play, that doesn't mean it's infallible. Because it's dependent on your home electrical system, line noise from hair dryers, cell phone chargers, and the cycling of microwaves and refrigerators (as well as certain AFCI breakers) can all affect performance.
In addition, if you have very old wiring (I still have a bunch of knob-and-tube wires in my 100-year-old house) or a mixture of wiring and breaker panels, you could have problems.
So always buy powerline gear from a vendor with a good return policy, and test it immediately after you get it to be sure it works in your particular environment.
Fortunately, the Netgear kits are very easy to test. When you plug them in, the middle powerline light glows green, amber, or red. Green signifies a nominal link rate greater than 80Mbps, amber a link rate between 50–80 Mbps, and red a rate below 50Mbps. You can keep trying outlets until you find the best ones.
In my tests, amber was usable for light Web surfing, printing, and e-mail but not for video or heavy file transfers. Red was simply not satisfactory. On the other hand, green was great — it felt like regular Ethernet.
In my client's house, we ended up with three green locations and one amber. But in one room, the first three outlets we tested were red before we got a green signal. Luckily, the room in which we couldn't do better than amber was not a location for which we needed high throughput.
If you get a lot of amber results, make sure that you are not near sources of noise. Chargers, power supplies, or other devices plugged into nearby outlets can be culprits. If these are interferences for you, move them as far away as possible, or use a filter. Netgear also makes powerline adapters with a filtered outlet for problem devices (info page).
Another thing to remember is that powerline adapters need to be plugged directly into the wall, never into a surge suppressor, which wreaks havoc on the powerline signals.
Also, if you already have older powerline gear, don't mix it up. While 500Mbps powerline gear is backwardly compatible with the 200Mbps standard, you'll get greatly reduced performance. With powerline, it's best to stick with one vendor and one speed to avoid the inevitable finger-pointing when things go wrong.
Finally, if you live in an apartment building or other location where you may share electrical circuits with someone else, use the buttons on the side of the Netgear adapters to change the encryption key from the default so that no one can snoop on your powerline network. Press the encryption buttons on your adapters within two minutes of one another, and they will pair up.
Subscribe to:
Posts (Atom)