stalking – PrivaSecTech Wed, 13 Nov 2019 18:34:17 +0000 en-US hourly 1 Opening your social network profile Wed, 18 Apr 2012 19:12:05 +0000 Continue reading Opening your social network profile]]> There have been a lot of stories about what happens when you reveal your social network profile, especially your geo-location information. Probably made famous first with Please Rob Me which would post open Foursquare profile data, showing when you’re not at home. While it’s since been shut down, such information is still being used. The Girls Around Me app is getting media attention this week, which shows women in your area, with links to their online profiles.

I have no issue with using open profiles and geo-location, as long as you’re aware of the risks and making an education decision. If you’re not aware of the potential repercussions, you probably want to stay away until you’re better informed.

On all social networks, there are options to close your profile, so it’s not open for the general public to see. This applies to Facebook, Twitter, LinkedIn and Foursquare, for example. Try looking yourself up on each of these, see what you can find!


I’m showing your MAC with my Apple Thu, 21 Apr 2011 20:49:27 +0000 Continue reading I’m showing your MAC with my Apple]]> News broke yesterday that iPhones have been keeping user’s travel patterns in both the iPhone, as well as the computer it is being backed up to. Thanks to Alasdair Allan ( @aallan) and Pete Warden ( @petewarden) for releasing this finding, they even released an open source app that can demonstrate these maps called the iPhone Tracker.

Last night at Ideas – Victoria, my good friend Kevin McArthur (@kevinsmcarthur) started looking at the files that the iPhone left. We quickly realized that not only was his travel logged and can be mapped, we started seeing some other interesting tables. After a little more digging, we realized that his iPhone was also logging MAC addresses with latitude and longitude! This is what Google Streetview took all of the heat for in regards to privacy in many countries around the world.

To put this in perspective, every single iPhone or iPad with cellular plan has been doing this since iOS4 was installed on said device! The amount of data that apple users collectively has is unprecedented. It is being stored unencrypted on these devices.
In Kevin’s case, in about 6 months this equated to approximately 60,000 MAC addresses in Victoria, BC, that he had no idea he was logging.

MAC addresses around Victoria

A few questions to ask:

  • Why is Apple logging all of this information?
  • What it is intended to be used for?
  • Under what conditions is a MAC address considered personally identifiable information? When included with complete geo-referencing? IP address?
  • Is there a difference between people and corporations recording or logging MAC address information? Does it matter if there is consent (consent both from the collector and the collected) or not?
  • Is there a difference between having this information personally and it being published?


Technical details

Do you want to know what MAC addresses your iPhone or iPad has logged?
Requirements: You will need to have to have Xcode to complete the following.

If you take the source code tarball, open it, you’ll want to modify the following two lines of iPhone TrackingAppDelegate.m:

 const float precision = 100;


 const float precision = 3000;

* Warning, this will significantly slow down the loading of the map, as you will have a lot more reference points visible

now change:

 NSString* queries[] = {@"SELECT * FROM CellLocation;", @"SELECT * FROM WifiLocation;"};


 NSString* queries[] = {@"SELECT * FROM WifiLocation;"};

That will remove the griding, and include wifi MAC address location instead of cell tower locations. The next steps will allow you to reduce the granularity from 7 days to one:

 const float weekInSeconds = (7*24*60*60);


 const float weekInSeconds = (1*24*60*60);

Load in in Xcode, recompile and run!

Apple’s updated privacy policy Tue, 22 Jun 2010 19:42:39 +0000 Continue reading Apple’s updated privacy policy]]> “To provide location-based services on Apple products, Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device.”

They may also provide your location, and personal information, to others.

With no apparent way to turn off the GPSr in your iphone or other Apple device, how comfortable are you with them being provided your every move?

You can review it for yourself on Apple’s website , scroll down to “Location-Based Services”.