Android secretly stores location data too -- though less of it, and with less detail

Magnus Eriksson has located a trove of detailed location history stored by Android phones that is very similar to the one stored by iOS devices. The Android file is a little harder to extract, but it isn't encrypted, and would be just as vulnerable to a phone thief, forensics expert, or malicious software as the iOS file.

Like iOS, Android stores these databases in an area that is only accessible by root. To access the caches, an Android device needs to be "rooted," which removes most of the system's security features. Unlike iOS, though, Android phones aren't typically synced with a computer, so the files would need to be extracted from a rooted device directly. This distinction makes the data harder to access for the average user, but easy enough for an experienced hacker or forensic expert.
Another important difference, according to developer Mike Castelman, is that Android keeps less data overall than iOS devices. "The main difference that I can see is that Android seems to have a cache versus iOS's log," Castleman, who contributed some code improvements to Eriksson's tool, told Ars. That is, Android appears to limit the caches to 50 entries for cell tower triangulation and 200 entries for WiFi basestation location. iOS's consolidated.db, on the other hand, seems to keep a running tally of data since iOS is first installed and activated on a device. iOS will also keep multiple records of the same tower or basestation, while Android only keeps a single record.

Android phones keep location cache, too, but it's harder to access

I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.

More at Boing Boing

Eurovision 2013: An American in London

The technology that links taxonomy and Star Trek

agnot

Unfortunately, Ars Tech failed to fact check their own article. So Google gave them a call to inform them that the location log is an opt-in service.

What should be a retraction or at least an erratum (because of the implication that there is little one can do about location tracking unless one is root) but is actually represented as some sort of a sad P.S., now trails the bottom of the article.
Sork

You apparently don’t need root to copy the storage medium and get possession of the file.

“The CelleBrite UFED is a handheld device that Michigan officers have been using since August 2008 to copy information from mobile phones belonging to motorists stopped for minor traffic violations.”
http://thenextweb.com/us/2011/04/20/us-police-can-copy-your-iphones-contents-in-under-two-minutes/
http://boingboing.net/2011/04/20/aclu-to-michigan-cop.html
Zoman

I’ve had a Â£9 phone for 5 years. You can laugh at my Sagem My150X, but it’s built like a tank. Still on it’s first battery.

Also, allow me to share my pro-tip on freeing yourself from technoslavery. First dispose of your television. Second never buy the following newspapers: Express, Mail, Mirror, Star, Sun, Telegraph or Times. BBC radio is “ok-ish”, but their news is a splattered mess of half-truths and government propaganda. Stop conforming – the vast majority of people are actually socially conditioned zombies whose opinions are worthless because they lack critical thinking. They simply regurgitate the same old socially accepted detritus. My opinion is of course pure gold. Follow me, Father Zoman, and I will heal you brothers & sisters! (Cheques and PayPal accepted).
notatoad

being open source, i imagine it’s a bit less “secretly stores location data” and more “openly stores location data”
Rich Keller

May I? May I?

In Soviet Russia, the Androids look for You!

And Zoman, since I’ve stopped watching television, I’ve been much happier with both myself and the rest of the world. Do you accept Linden Dollars?
- Zoman
  
  Congratulations on your emancipation Bother Keller. Welcome to The Family. Actually, this is starting to remind me of the Omega Man.
  
  One creature, caught. Caught in a place he cannot stir from in the dark, alone, outnumbered hundreds to one, nothing to live for but his memories, nothing to live with but his gadgets, his cars, his guns, gimmicks…
  - Matthias, Omega Man 1971
Columboss

What I find interesting is how people immediately ask: ‘does this affect me?’ but ignore the wider consequences. Most people visiting Boing Boing will be tech-savvy and capable of disabling any tracking log or cache. The vast majority of people with iPhones or Android devices don’t fall into this category and hence will not opt out when setting up their phone, and will be unaware of the data that is being gathered on them. This is particularly a problem for people living in politically repressive countries. Anything that makes a secret policeman’s job easier should be discouraged.
- SonOfSamSeaborn
  
  True, but even the dumbest of people pick up privacy concerns from the media, so I would hope that when one of the first questions they’re asked when turning their phone on specifically mentions the transmission of this sort of data to a third party (which Google really is, even when you’re using Android) alarm bells would ring and they’d do a little research.
Project2501

Isn’t this going to be the norm for our mobile devices? I am not too keen on it, but I mean there are some good uses for it. I just don’t know.

Our tech is out pacing our understanding of its impact on our individual lives.
von Bobo

My Samsung Epic (rooted android 2.2) has a setting in Location and Security called “Use Wireless Networks: See location in applications (such as Maps) using wireless services”. By default, this setting is unchecked. When I check it to activate it, a pop up warning box says “Allow Google’s location service to collect anonymous locaiton data. Collection will occur even when no applications are running”, and then asks me to accept or decline. I’ve also read through a couple privacy statements that clearly state location information is being transmitted by the phone at any time. But nothing I have seen, in my cursory look, says the data is being stored on the handset.

On a much more sinister level, apparently the rooted android OS I am using removes a stealthy application that continually uploads a transcript of the user’s every action to the service provider.
Cowicide

I guess this is one of the hazards that companies will run into when all they do is keep copying everything Apple does.
Anonymous

If Obama wins in court, then you can secretly stick a GPS on anyone or their private property, so all of this will become irrelevant.
lolbrandon

Yet another reason why Android SUCKS.
- retrojoe
  
  Yeah! That thing that it does that the other guy does, only less so and optionally, makes it totally sucky!
  - lolbrandon
    
    I actually like Android, as I think it’s giving Apple a run for their money and making smart-app phones available to almost everyone (at least those who can afford the ridiculous data-fees on AT&T and Verizon). And I agree that Android caches the data slightly better than the iPhone, although it’s still obviously a problem for anyone technical enough to retrieve the data (but unlike the iPhone, the fact Android stores data location won’t make the 10 o’clock news). That said, I think Android has some serious usability issues, but mostly in the UI department and the misguided decision to support Flash.
    
    My comment was, of course, to the 1st comment on the iPhone data tracking post, where someone exclaimed “Yet another reason why the iPhone SUCKS.” I was — and still am — disappointed that the iPhone sucks comment, as well as my Android sucks comment, were not quickly deleted. But when I saw the iPhone comment was still the 1st comment, I had to balance the scales and have a little fun at Boing Boing’s expense. Sosumi. :)
    - retrojoe
      
      I missed the connection. My apologies.
Yano

Also it’s opt-in, anonymized and the local file is only limited to most recent sessions for app caching.
Response sent to Techcrunch:
http://techcrunch.com/2011/04/22/google-responds-to-smartphone-location-tracking-uproar-says-android-is-opt-in/
- ScottTFrazer
  
  Also it’s opt-in, anonymized and the local file is only limited to most recent sessions for app caching.
  
  It’s opt-in in exactly the same way iOS is opt-in. Which is to say, the phone will not give out that information to programs without your permission. It WILL still store those cached locations in a database on the phone accessible only to programs with root permission. Just like iOS.
  
  Where iOS is entirely in the wrong is the length of time this data is stored. Where both these phone makers are in the wrong is in not disclosing this stuff to their users more clearly, and allowing them to the feature off (even if that results in longer times determining your actual location or connecting to a cell tower)
Anonymous

One big difference is that the Android OS is open source, so it is very difficult for Google to hide any “secret” instructions within the OS. With open source, the code for everything they do in the OS is available to anyone. And with the multitudes of avid Android community coders/hackers digging through the source code, someone will find it very quickly. Open source is a good way to keep companies honest.

Now with the closed source iOS, Apple can hide almost anything in the OS code, and it is very difficult to find it. You can only find the results of the code (and then only if they made it obvious like this issue). Knowing Apple, they are doing a LOT more than just storing a file…
- ScottTFrazer
  
  One big difference is that the Android OS is open source, so it is very difficult for Google to hide any “secret” instructions within the OS.
  
  Yeah, except for Gingerbread. Which they aren’t releasing source for currently.
  
  Also, you probably can’t see the source of the OS running on your actual phone, unless you root it and re-install using something you compiled yourself, since your carrier has probably added stuff to it.
  
  At some point you have to trust someone, unless you’re willing to inspect the code yourself all the way from the compiler through to the final application code.
  - ScottTFrazer
    
    Yeah, except for Gingerbread.
    
    You meant Honeycomb. You’ve got Gingerbread on your mind after the Peeps Catan link led you to this:
    
    http://www.boardgamegeek.com/image/185558/the-settlers-of-catan
    
    Self reply for the win!
- tim
  
  One big difference is that the Android OS is open source, so it is very difficult for Google to hide any “secret” instructions within the OS. With open source, the code for everything they do in the OS is available to anyone
  
  Do you really feel confident that all those Android phones have only the code that is presented as open? Are you really sure that no extra code is added before compiling it and installing it on the phone? Haven’t there been complaints of Android phones being preloaded with annoying crap, some of it even in ways that made it really tricky to get rid of?
  
  Sure, if you have the facilities and time and skills to download, compile and build, install and probably debug all that code on an actual phone that you use then you can be confident that you’ve got what you see in the open archive. Assuming you understand it all and feel happy there is nothing nefarious hidden away in some dark corner. And assuming you trust the compiler to not add little extras in the guise of optimisations. Or the linker/downloader/etc. Oh, did you check the ROM? Perhaps it has some nasty code in there that gets run as a side effect of an otherwise innocent routine.
OOMatter

Um, if you stole my phone then you obviously would know where I’d been. Since my phone was there. Also, there’s this thing called the yellow pages, it’s ridiculous. It’s got thousands of people’s names, phone numbers and home addresses, unencrypted!
- TriadX1
  
  You can also opt out of it.
Anonymous

note to self, research portable jamming devices that affect 2m diameter area.
Anonymous

Typical, copy the iPhone, but do it poorly… if you use a cell phone, they know where you are.
- Anonymous
  
  Typical, copy the Treo, but do it better… there, fixed that for you….
Terazilla

Not sure this is much of a secret, actually — in fact there’s a couple API calls that explicitly use it, so that you can get a position without actually turning on the hardware (and having the associated battery hit).

Here’s an example from the documentation:

http://developer.android.com/reference/android/location/LocationManager.html#getLastKnownLocation%28java.lang.String%29
peterbruells

I wonder how many commenters really checked the data on their iPhones, beyond at least only iPhoneTracker which does a bad job.

O’m a heavy iPhone user. Use it all the time, including location services.

What does Celllocation tell about me?

Well, I’ve got 12.630 entries in the span of 270 days.

Sound ominous, but when I break that down to timestamps, that’s far less.

It’s actually limited to 218 unique timestamps. The vast majority of timestamps are associated with a multitude of coordinates and only 51 days have timestamps at all.

What it does reveal is the general region I move around and at least two business trips, no question about this. But that seems to be the the extent of it. Some outliers are clearly wrong and create the impression that I was in a specific city on July 28th. Which I wasn’t, I consulted our company time tracking sheets to verify that I worked at HQ all day.

Mac OS X user who have perl installed can check their data very easiy using the terminal:

cd ~/Library/Application\ Support/MobileSync/Backup/

cell=`ls| xargs file | grep SQL | cut -c1-40 | xargs grep -li celllocation `

determines the filename of consolidated.db and assigns it to $cell. ,

This gives you the timestamps for all rows in the table celllocation, sorted to make sure that they are ordered

sqlite3 $cell ‘select timestamp from celllocation’ | sort | perl -n -e ‘print scalar(localtime($_)) , “\n”‘ > stamps

# a count tof said rows
cat stamps | wc -l
12630

# How many unique stamps
cat stamps | uniq -c | wc -l
218

# How many unique days
cat stamps | cut -c1-10 | uniq | wc -l
Lobster

Cory, I’m assuming that you know they aren’t doing this maliciously and it’s a function of their various geocaching services, intended to provide the user with information relevant to their position.

You aren’t really making that clear in these articles. They seem to be awfully close to the mainstream media coverage, which basically says they store this information so Steve Jobs can break into your house and steal all your pills.
osmo

Ok for those of us who don’t know shit about this: how can I disable this on a phone? If, for example, I go to a protest in England, get arrested – I would prefer it if the police couldn’t use my phone against me during an interrogation. Is there an easy way?
- SonOfSamSeaborn
  
  Disable the location service under “Location & Security” by unchecking “Use wireless networks”. It would appear that if you’re on 2.3/Gingerbread, the files will be deleted. If you’re on an older version of Android the files will remain but won’t be updated.
  
  So, if you need to use Google Maps or something similar on a pre-2.3 device you might want to only use GPS. On 2.3 use either or both methods and just turn off the wireless one after you’ve used it.
- penguinchris
  
  On android if you turn off “Use wireless networks” in the “Location & security settings” page, the cache is cleared. I just tried this myself (since just a few minutes ago I pulled the data from my android phone and threw it up in google earth to see), it literally just deletes the two files.
  
  That’s not to say the file would be unrecoverable, but if you’re really concerned about it it’s not hard to manage. Turn off the setting before going to the protest (or your secret lover’s house, or whatever), then turn it back on when you get home. A fresh cache file with just places near your home is probably good enough to cover your tracks. Or, you know, just leave that setting turned off if you’re really paranoid.
  
  I’m actually kind of disappointed that android stores so little data; I was hoping to get a complete picture like the iphone log. It would have shown me going all across the US and all around the world – twice – since I got this phone.
  
  However, all it shows me is the only place I’ve gone to outside walking distance of my house since the last time I updated the custom ROM I have installed. It’s actually a fairly detailed log of two car trips I took to go shopping; it shows roughly where I went and in what order, but it’s not accurate enough to really pinpoint anything.
  
  Funnily enough, though, when I made those two trips I was trying out different android apps made for making GPS tracks! So I do actually have near-perfect logs of those trips, and I’ve even given some to google… Needless to say, if you’re doing stuff like this, then you’re well aware of what you’re doing and are well aware that you’re giving the data to google. This isn’t done automatically or anything. Just want to make that clear. Although the cell company certainly logs your location, much longer than your android phone itself will, anyway.
- Pantograph
  
  Turn off your phone, or leave it at home and bring a cheap dumb phone with prepay sim if you really must communicate.
BikerRay

So write an app that spoofs the data so The Man thinks you spend all your days in a church praying for jeebus. Or hanging around secret government installations. Depending on how you want to mess with their heads.
- Spezz
  
  Brilliant.
- Anonymous
  
  How will that change the providers information?
  
  We see that your cell information is different from our information. Why is this?
Columboss

Apparently, this data is being collected for location-specific advertising. I guess this means that if you find yourself in Akron, Ohio you’ll get adverts for the Samaritans and a list of psychiatrists…
SonOfSamSeaborn

Plus, as I said in the iPhone article yesterday, the files are deleted the second you disable the service — on my handset at least. I notified Mr Eriksson of this and he can’t replicate it on his device, which might indicate a Gingerbread/Froyo difference or possibly just ROM differences (I don’t have another Android device to hand in order to see what happens with Froyo and am too lazy to back up and reflash my main device).