Of course this setting is only half realistic:

• Every policeman would have to have a smartphone and use it during work time
• Every policeman would have to install the app of the criminal
• The criminal can distinguish between policemen and other people using the app (should be possible with data mining)
• The criminal can decide weather the policeman is currently working or in leisure time

But it should show and demonstrate the dangers…

To conclude:

We have to disallow policemen to use private smart phones during work! Or if they do so they must not install any applications from a source they don’t trust. And here is the crucial point. Who to trust and who not? Trust usually is created through social ties. So if the app is there and some policemen like the service and recommend it to their coworkers trust is created. Who does really ask about the source of an app and about who is running/owning the data servers. A service that is well known on the web can easily run by 2 or 3 people and even if they are nice it is easy to manipulate or blackmail them in order to get access to these very sensitive data.
And on another more technical topic: We need a decentralized mobile space. There has to be a frequency on which people are able to set up their own transmitters and create decentralized mobile networks. It is a shame that those frequencies are all owned by companies creating centralized services.
By the way this would be a good solution since it would also enable the police to have their own decentralized mobile networks giving them privacy against third parties!

Disclaimer:

I never thought I would write an article in this paranoid way telling people what is possible and where the risks are. I almost feel like a member of ccc, anonymous or finally like a real pirate. But one year of PhD in a very data driven environment having social networks, information retrieval and the web as a focus really makes me understand more and more what is possible (in particular easy to achieve). Also the low awareness of society about these dangers (probably due to the complex technologies) overwhelms me and makes me feel like I have to act and at least inform people.
To bad that mostly people who are already aware of these topics read my blog. Maybe I have to go geek and create this app to demonstrate the functionality in order to really rise awareness. There are just too many interesting things to do during a PhD program so I think this time only writing about this has to be sufficient.

Apple:
“6. People have identified up to a year’s worth of location data being stored on the iPhone. Why does my iPhone need so much data in order to assist it in finding my location today?
This data is not the iPhone’s location data-it is a subset (cache) of the crowd-sourced Wi-Fi hotspot and cell tower database which is downloaded from Apple into the iPhone to assist the iPhone in rapidly and accurately calculating location. The reason the iPhone stores so much data is a bug we uncovered and plan to fix shortly (see Software Update section below). We don’t think the iPhone needs to store more than seven days of this data.
7. When I turn off Location Services, why does my iPhone sometimes continue updating its Wi-Fi and cell tower data from Apple’s crowd-sourced database?
It shouldn’t. This is a bug, which we plan to fix shortly (see Software Update section below).”

This is redicoulus! This is no bug!

I have been developing software for many years. There are bugs in software developement. In this case it is very obvious that someone acted with full awareness of what he was doing. Thanks to this article and this piece of software I was able to extract the geo data from Nasir Naveed’s iPhone. Have a look at the table that he made available.

Apple is lying and distributing wrong information.

In their press release they state the following:

Apple:
“3. Why is my iPhone logging my location?
The iPhone is not logging your location. Rather, it’s maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested.Calculating a phone’s location using just GPS satellite data can take up to several minutes. iPhone can reduce this time to just a few seconds by using Wi-Fi hotspot and cell tower data to quickly find GPS satellites, and even triangulate its location using just Wi-Fi hotspot and cell tower data when GPS is not available (such as indoors or in basements). These calculations are performed live on the iPhone using a crowd-sourced database of Wi-Fi hotspot and cell tower data that is generated by tens of millions of iPhones sending the geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple.”

Note the lie that location tracking with GPS can take several minutes! If that was true how come every GPS in a car is working right away? Modern GPS in cars are able to quickly calculate the locations even in moving objects that are changing location quite frequently.

Apple is receiving your profile of motion

Apple:
“5. Can Apple locate me based on my geo-tagged Wi-Fi hotspot and cell tower data?
No. This data is sent to Apple in an anonymous and encrypted form. Apple cannot identify the source of this data.”

It is true that for most research cases I can all of a sudden think of Apple does only need the anonymous data. but let’s be realistic. Even if Apple really would send over this data in an anonymous way. They could still do a meshup with the usual data they collect (your phone calls) and would probably be able to identify you quickly. In any case they have never asked your persmission!

Apple is obviously not even thinking to change its politics

Apple:
“In the next major iOS software release the cache will also be encrypted on the iPhone.”

ok tht is the coolest part! In Future iOS Apple will still store the data on your phone. They will probably still send it back to the Apple servers. But don’t wory, the data on your phone will be encrypted so that no one else but Apple can access the data! (not even yout) Thank you Apple! You must really be telling the truth when you say:

10. Does Apple believe that personal information security and privacy are important?
Yes, we strongly do. For example, iPhone was the first to ask users to give their permission for each and every app that wanted to use location. Apple will continue to be one of the leaders in strengthening personal information security and privacy.

Help to stop Apple spreading missleading information

It is very sad to see how a lot of big news sites are just skimming Apples press release and thereby help Apple to spread wrong and confusing information. Please pass on what you have discovered right now and don’t let Apple win over your privacy. Just use your Facebook account or Twitter.
Btw I don’t know about the law in other coutries but in Germany you have a two year warrenty for your product. So if this really is a bug this means that you could probably return your iPhone and get back your money. Have you ever considered to change away from your iPhone or have been unsatisfied? Well now is great moment to change!

Please send me your i phone’s location data

In the quoted blog  article and piece of software it is explained how you can extract your moving behaviour from your I phone. Apple has this data without even asking you. I am a researcher and I can think of many scientific usecases. So please do not only share your data with Apple but also with some people here in University. Just attach the logfile you extract from your iPhone to an email to r.pickhardt@gmail.com. I promise I will anonymize your data and only share it within the scientific community.
Btw you can find the full press release here