They Know More Than You Think

I don’t want to sound like an alarmist, but companies like Google and Facebook know a lot more about you than they let on.  I certainly don’t want to cause a panic, but I do think that people ought to know what they’re really signing up for when they use services provided by these companies.

The prevailing thought about these web sites is that they only know what you tell them.  It would really be nice if that were true.  Unfortunately, it is not.  Let’s start with Facebook.

Facebook

It used to be that Facebook could pretty much only record what you are doing on their site.  They only had information on you that you gave to them (or they could collect about you from your friends).  Those days are long gone.  They have access to SO much more.

We all know that Facebook has the ability to build an absolutely enormous social graph of us.  It has more information than even our closest friends and family do about our past, who we know, where we’ve been and what we were doing when we were there, etc.  It’s pretty amazing that a site with so much personal information has become so popular, and that we continue to give it information.  But it goes way beyond what most of us are aware of.

You know that little “Like” button that shows up all over the web? Yeah, the one you see on the right.  Seems innocuous enough, right?  Well, that little tiny tag gives Facebook access to a wealth of information.  Every web site that has that (or any Facebook-provided content) knows you’ve been to that page.  The very act of putting the Like button on a page grants Facebook access to the information that you’ve been there.  And nobody knows what they’re doing with that information.  Since this button has been installed on a ton of very popular web sites, it’s pretty easy for Facebook to be able to build a profile of most every web site you’ve been to.  Not that this in and of itself is necessarily a scary thing, but it does have the potential to be scary.  When combined with other information on your profile, it would be pretty easy to build a dossier on you.  Worst case scenario, they sell that information to advertisers, or their site gets hacked and your personal surfing habits get into the hands of someone with less than pure intentions.  With the huge breach that Sony experienced last month, these things are not outside the realm of possible reality.

Is there a way to prevent this?  Yes.  If you sign out of Facebook before visiting other web pages, and use the Private browsing mode of your web browser (InPrivate in IE, Incognito in Chrome, etc.) there isn’t a way for Facebook to be able to follow you around.  Just be careful not to sign in again without doing it in the private browsing mode.

And just so you know… “deleting” information from the Facebook site doesn’t actually delete it from their databases.  It just turns it off so that they don’t show it to others.  But they don’t actually ever remove anything on anyone.  They’ve still got it filed away.

Google

If anybody on the internet knows more about your surfing habits than Facebook, it’s Google.  Their advertising network extends to an absolutely massive number of web sites.  And every site that contains ads provided by Google is also tracked.  They hold onto an overwhelming majority of the online advertising market, and the odds are in their favor that any particular web site you visit has advertisements served by Google.  Chances are that Google knows every web site you ever visit.

Combine this with Google wanting to get into other aspects of your life… providing the operating system for your cell phone or tablet, Internet service to your home, keeping your Health information, maps for driving directions, etc. on top of virtually every web site you visit and every Internet search you perform (this would include anything you shop for online), they have access to a lot more data than anyone could ever imagine.  It has the potential to be very scary, and a huge mess if that data were to get out.

Why Care?

For the most part I don’t care if the web sites I visit are known to the world.  But there are a few exceptions… If I were to get sick, and use the Internet to search for treatment or cures, I wouldn’t want the whole world to know what I’ve got.  Or if I had children, I wouldn’t want total strangers to know where they live or go to school.  It isn’t that we necessarily have to worry about what we’re doing, but who knows what we’re doing.

I’m not trying to say that the sky is falling here or anything like that.  I just want everyone to at least be aware of what information these companies have access to.  It goes way beyond what they appear to know at first glance.  They’ve got connections with literally millions of web sites, and together they all collect a lot more information on you that you could possibly dream of.

If nothing else, I’d advise caution.  Use the Private mode of your browser more, or maybe even all of the time.  Use different browsers for different web sites.  Sign out of web sites when you aren’t actually using them.  And above all, be careful in what information you’re willing to share with them. 

Q&A On the iPhone Location Tracking Issue

While it has been known for a while, news finally broke to the public yesterday that any model iPhone or iPad running iOS 4.0 or higher keeps a log file of its location, and that this file is copied to your computer every time you backup your device.  The problem is actually deeper than that, though.  This is a very serious privacy and security issue, IMHO.  The articles on the Internet don’t really seem to be painting a great picture of what this means.  So here’s my attempt… I hope it helps to clarify a few things!

Q: What’s going on?

A: All models of iPhone and iPad have been recording your location regularly into a file on the device.  The news stories here specifically relate to iOS 4.x, but prior versions of iOS are doing the same thing, they’ve just been recording it into a different file.  These files cannot be deleted, and this “feature” cannot be turned off.  The information even persists from one device to another if you replace one phone or iPad with another and restore a backup.

The data being recorded includes at least the device’s location, the time of day, and a list of WiFi networks available at each of these locations.  The file in and of itself does not contain your personal contact information, but it would be very easy to determine where you live or work.

Q: Does the phone send my location to Apple, or anyone else?

A: Not in and of itself.  Apps on your phone can be given permission to access your location, and there is no way to stop them from uploading your location information, but this flaw in and of itself does not cause your location to be sent to anyone else; it is saved on your phone and computer, but not uploaded anywhere else, at least as a direct result of this issue.  Jailbroken devices do not require that apps be granted permission to access location data; they can get to it anytime they want.

Q: Doesn’t that mean I’m safe?

A: Not necessarily.  There are several ways that anyone who wants to can get to this data if they are persistent enough.

Q: What does that mean?

A: If you have jailbroken your phone, any app on the phone can gain access to the location data without your permission.  In addition, a jailbroken phone that has not had its root password changed from the default is remotely accessible to anyone who wants to log in, and it is EXTREMELY easy to get to.  This includes access to the location log file.

Apple has also had a poor track record of security on iOS devices.  Hackers have been able to gain entry quite regularly ever since the device was first released (this is how some jailbreaks work, just as one example).  If someone were to want to target you, it’s entirely possible that someone with moderate hacking skills could obtain this file, whether it be through your phone (because it is always on the Internet) or computer (through software installed there).  Even if you haven’t been specifically targeted, once an exploit to a phone (or computer) is known, it is a consistent and regular practice of hackers to scan for vulnerable devices.  Computers are a little safer if they are behind a router, but phones are connected directly to the Internet without a hardware firewall to isolate them from attack.

Q: What if I’m not running iOS 4.x on my phone or iPad?

A: While it hasn’t been widely mentioned in the news, iOS versions prior to 4.0 also log location data.  The data is just stored in a different file in a different format.  But it’s there.

Q: Doesn’t someone have to have physical access to my phone or computer?

For most people, this is the case.  But not for everyone.  If your device is jailbroken and you haven’t changed the root password, remote access to your phone (and this file) is available for anyone who wants to get in.  It’s very simple to get to it.

As far as access to the data on the computer, ideally nobody else has access to your files remotely.  But that requires that you keep your computer fully up-to-date and make sure you’re running current and high quality antivirus and antispyware software, even on Macs.  Viruses and spyware could very easily gain access to this data, and make it available to third parties.

Q: How would I know if someone had gotten access to my data?

A: You probably wouldn’t have any way of knowing.

Q: What would happen if I lost my phone?

A: The chance isn’t high, but if someone with even moderate technical skills were to have access to your phone they could download the location data file and see everywhere you’ve taken your iOS devices since you got them.  Even if the phone is locked with a password, there are very easy ways around this.  Once your phone is in someone else’s hands, there isn’t really any guaranteed way of preventing them from getting access to your location data.  If you have signed up for the Find my iPhone program or connect to an Exchange server, you could remotely wipe the phone and hope that nobody had downloaded the data before you sent the wipe command.

Q: Some people seem to say this isn’t worth worrying about.  Is that true?

That depends.  The chance that someone wants to get your location information specifically isn’t very high.  My take on this is that you’re better safe than sorry.  If you don’t care if anyone knows where you’ve been, you may not need to worry about this much.  The chance that advertisers or hackers want location information in general is very high.

Q: What can I do to prevent my location from being recorded?

A: As of right now, the only thing you can do is turn off the phone completely (not just put it in standby) or put it in Airplane mode.  But this obviously prevents you from using the phone.  As long as the device is turned on and the cellular feature is turned on, it’s recording your location.

What makes this worse is that there is NO WAY to delete this file or turn the logging feature off.  It’s built into the phone at a very low level and it can’t be controlled by any setting on the phone.  iPhones have been recording this data for a very long time now, long before iOS 4 came out.  Forensic scientists have known about this for a while, but it is only now being made public.

Apple has not yet released a fix for this issue, and they haven’t even stated yet if they intend to do so.  We’ll just have to wait and see.

Q: I don’t believe it.  Can you prove it?

A: Right now the only way to see for yourself is if you are synchronizing your phone with a Mac.  In which case, you can download a piece of software and see the tracking data yourself.  It probably won’t be long before someone writes a similar utility for Windows, and if I see any news on that front I’ll update this blog post.  I’ve considered writing such a utility myself, but I have too many other things going on at the moment to bother.

Q: Does this affect other phones too?

A: This flaw does not affect other non-Apple devices.  The same researchers that found the flaw in the iPhone have also investigated other popular phones and haven’t found any evidence that any other phones exhibit the same behavior.

Q: If I wipe everything on my phone, does that mean the data is gone?

A: Your prior location information will be deleted from your phone, but it will be restored if you restore a backup from your computer.  In either case, the phone/iPad will start recording location data again, even after being wiped.

Q: Why should I care?

A: I can’t speak for you, but I’d rather my devices not record information about where I live, work, shop, and socialize. It’s bad enough that cell phone carriers record phone location continually; I’d rather that the location of my home not be recorded inside of a device that could be lost or stolen.  Not that I have anything to hide, but I personally just don’t want that information out there available to anyone, especially companies that might be trying to sell me something.

Q: Can any steps be taken to protect myself?

A: Turn on the encryption feature for device backups in iTunes.  That will at least prevent access to this data from your computer.  There isn’t much that you can do to prevent access to the data on the phone other than stop using it.  If you’ve jailbroken your device, at a very minimum change the root password, but I’d recommend removing the jailbreak entirely.

Q: Are you doing anything differently?

A: I don’t have an iPhone, but I am definitely going to be more selective about where I take my iPad.  I protect myself very well against attacks against my computer, so I’m not too concerned about that.  If I had jailbroken my iPad I would be taking that off right now.