Privacy Issues with the iPhone/iPad and DropBox

by saurav on April 20, 2011

There have been two recent developments exposing how false our sense of privacy is in this technological world. As all of us use the iPhone/iPad and/or the DropBox fairly regularly, this merits some discussion.

1) iPhone/iPad: Alasdair Allan & Pete Warden found that their iPhone has been tracking their location and the associated timestamp ever since iOS 4 was released (read more on wired.com). The iPad 3G does the same. The file called “consolidated.db” is stored locally and is restored across backups, resets, and device migrations  implying that Apple is doing this intentionally. To be noted is that the feature was introduced only in iOS 4. The file is also unencrypted and unprotected, meaning it can be accessed by anyone who gets their hands on your iPhone. Be careful when you sell your iPhone/iPad! If you have Mac OS 10.6 Snow Leopard, you can use Allan & Warden’s open source app “iPhone Tracker” to plot an interactive map of where you have traveled since you procured your iPad/iPhone.

I have no idea why Apple wants to store the data of my whereabouts, but I do not like being tracked. When I bought my iPhone, I do not remember signing an agreement to be tracked by Apple. Apple or any hacker can easily access that information by hacking into my iPhone or laptop that backs up the iPhone. Presumably, if Apple wants, they can easily fetch the file from every single iPhone via their software updates. Very powerful, and disturbing, stuff indeed!

This goes above and beyond what cellphone carriers do (and are allowed to do), as was recently seen in when a German politician sued his carrier for access to the data. As Allan & Warden point out, the cellphone carriers need a court order to provide the data; but now the same is sitting on your iPad/iPhone or its backups.

You might want to start encrypting your iPhone/iPad backups.

2) DropBox: We have extolled the the virtues of DropBox here, and they recently reached 25 million users. Their security and privacy policies have raised ire recently based on this statement or “explanation of their policies” (read the full story and the ensuing explanation from DropBox at TUAW):

As set forth in our privacy policy, and in compliance with United States law, Dropbox cooperates with United States law enforcement when it receives valid legal process, which may require Dropbox to provide the contents of your private Dropbox. In these cases, Dropbox will remove Dropbox’s encryption from the files before providing them to law enforcement.

There are two problems associated with this: (i) your files are not safe with DropBox, as in the government can get them with a simple court order and (ii) your files can be de-encrypted by the people over at DropBox. The first is understandable as a court order is binding. As for the second, while DropBox has since clarified that their employees are prohibited access to user files, they do explicitly say that they can be accessed if needed/wanted. The employees are prohibited, not unable to access your files. Even if you pay DropBox to use their service. As Dropbox states that their servers are encrypted (AES-256), i.e., cannot be decrypted with the key, I had assumed my files were perfectly safe from all eyes except mine. Not really.

Note that uploading a self-encrypted disk image instead of file(s) should provide a workaround, if you are willing to go through the trouble.

I use both the iPhone and DropBox fairly heavily, but such issues dismay me. If a cloud-based web means I have to sign off all rights to privacy, I think the future is pretty dim. Am I just being a pessimist and/or privacy-freak?

{ 9 comments… read them below or add one }

1 EB April 20, 2011 at 8:21 pm

Re: #2: Since Dropbox allows you access to your files via the web, it has to be able to decrypt them. [1] If you don’t need that convenience, more secure options are available, e.g. Tarsnap.

The government can seize files from your laptop’s disk with a court order, too.

[1] http://news.ycombinator.com/item?id=2461667

Reply

2 bph April 20, 2011 at 8:49 pm

From the FAQ

http://www.dropbox.com/help/28

To ensure everyone has the ability to view and share files on the web painlessly, Dropbox
currently does not support the creation of your own private keys. However, allowing user control
over this is something we might consider adding in the future.

Everything I want kept secret is separately encrypted in my Dropbox account.
I also put no sensitive information (stuff regarding proposals, blah blah blah) in my Dropbox account.

Reply

3 Matt K April 20, 2011 at 11:31 pm

I think the old adage still holds true – work with the expectation that anything you upload or write on the internet will be world readable.

What I imagine will happen with Dropbox is that the bandwidth will go through the roof as people use TrueCrypt drives on their Dropbox account and the deltas will jump up to the size of the whole drive.

Reply

4 Joseph Booker April 21, 2011 at 1:00 am

Keep in mind that there’s no evidence the file on the iPhones were sent out to Apple. I’m happily using Android (and really meaning to add an article on Android apps to your wiki), so this doesn’t really concern me, but it seems more like a security problem combined with a some unknown intent for keeping an indefinite cache of locations then anything being malicious (so far). Could it be used for the service that allows one to track down a stolen iPhone?

Reply

5 saurav April 21, 2011 at 1:18 am

A post on Android apps would be quite nice! Please email the post to any of us.

What the file is used for is not known yet; Apple has not commented. Storing it across backups and device switches seems weird. Of course, it could very well be just a glitch that Apple was yet unaware of.

6 Kelle April 26, 2011 at 8:48 am

Android App stub page created on the Wiki:
http://www.astrobetter.com/wiki/tiki-index.php?page=Android+Apps

7 Joseph Booker April 26, 2011 at 5:15 pm

Kelle, thanks, finally got around to it with that. I haven’t used Moon Phase and Galaxy Zoo personally, but I put them on because they seemed popular or relevant.

8 saurav April 21, 2011 at 1:26 pm

Apple does mention location-based services in its 15,200-word iTunes user agreement (tomsguide.com):

“Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services.”

Reply

9 Tom April 21, 2011 at 1:30 pm

To anyone who would call a proposal or paper a ‘sensitive’ file, think again. They have no value compared to a credit card number for example. Also bear in mind that if you use Gmail, or any other such email provider, they can technically access all your emails. The one thing about the cloud that comes to our rescue is that there is SO much out information out there that the only things you need to worry about are things that could be automatically harvested and that have significant financial value.

Note that if you use 1Password to store ‘real’ sensitive information such as passwords and credit card numbers, then note that the 1Password file is encrypted with a key that only you know, so even in the Dropbox employees can access the file, they won’t be able to extract its contents.

Reply

Leave a Comment

Previous post:

Next post: