Android Phones Track Users Locations, Just LIke iPhones

An Android enthusiast wrote a dumper that pulls location information from the Android location provider. The file is called cache.cell and cache.wifi.

The data is unencrypted. Unlike the situation with iPhones, however, the data remains on the phone, and to access it one needs access to the operating system itself, known as root access. On the iPhone, the location data was copied from the phone to a PC every time it was synced with iTunes. It was copying the data to the PC that creates a potential security problem.

Another difference is how big the location data files, called caches, are. On the Android phones they are limited in size to 50 unique cell sites and 200 WiFi access points. Apple's version was much larger.

The two operating systems keep the data in order to make it simpler for the phone to find out where it is, without having to ask for the information from the network repeatedly. This is similar to the function of a cache in any web browser.

The phone orients itself using local Wi-Fi hotspots or cell towers. After listening to the transmitters, it sends a list of them to Google. Google checks that information against the data it has already. The system then sends that information back to the phone, which allows the phone to increase the confidence it has that it is correct about its location. Essentially, the phone is asking am I right about where I am? and Google's database is saying yes or no. If the latter, the data is corrected.

When you travel with the phone, the vast majority of the information about the local cell towers will be the same, so only a small part of it needs to be updated. By caching that data, the phone can get a location by asking only for the data that is likely to change.

The process avoids the power consumption that would accompany using the GPS that some phones are equipped with.

While the data could be accessed via a piece of malware, the programmer who found it notes that malware has root access to the phone in any case, and could simply transmit location data (or anything else) on its own without having to access a file that might be out of date.

Apple's location data cache probably functions in a similar fashion. But David Lefty Schlesinger, a consultant who wrote his own blog post on the data Apple's iOS collects, notes that with the iPhone, the data isn't always exact. He looked at all the data points, and noticed that sometimes the location data was far removed from where he actually was.

Schlesinger notes Alasdair Allan and Pete Warden, the two researchers who initially publicized the issue of the iPhone data, smoothed over the data points on a weekly basis. That will, he says, mask the nature of the data. He experimented by taking a train ride between Den Haag and Amsterdam. The location data points didn't describe a neat line along the train tracks. If someone looked at it they would have thought I teleported, he said. Instead of a line describing the rail tracks, the points cluster. The data gathering is also very sporadic. Sometimes the data is gathered every hour, and sometimes not for two weeks.

That doesn't mean there are no questions Apple should answer. Schlesinger says an interesting one for Apple is how, exactly, it queries the network for its location and what the purpose is.

Schlesinger added that for those who want to make sure that the location data is safe, there is an option on iTunes to encrypt backups in the iTunes summary screen. The data will then require a password to decrypt.