Re: [Fed-Talk] Response to Higher over The "Apple Tracking" Headlines?
Re: [Fed-Talk] Response to Higher over The "Apple Tracking" Headlines?
- Subject: Re: [Fed-Talk] Response to Higher over The "Apple Tracking" Headlines?
- From: Joel Esler <email@hidden>
- Date: Tue, 26 Apr 2011 11:28:49 -0400
I don't think 7 is completely correct. I'd like to see a Citation on that point.
On Tue, Apr 26, 2011 at 10:33 AM, Rimar, Lee D Mr CTR USA USACE USA
<email@hidden> wrote:
I've been following this subject here and in other forums. I've tried to sort out "just the facts" for my own satisfaction, and this might start a pretty good answer to the "How to respond..." question that started this thread. I'm trying to keep it factual and not too opinionated. Feel free to offer corrections or additional facts if you have them:
[1] iPhones and 3G iPads keep a database of all (or at least very many) of the locations it derives from cellphone towers, along with information about WiFi hotspots nearby.
[2] If you opted-in when you set up the iDevice, this data is sent in anonymous form (just location data, without any identifying device or user info) to Apple twice a day, to build/update their own location database.
[3] If you opted-in but change your mind later, you can erase all data, restore the iDevice to factory defaults, and set it up as a new device (not restored from a backup) in iTunes. This deletes the existing database and when you set it up you'll get the same opt-in prompt, which you can decline.
[4] Accessing the database directly on the iDevice requires root access, so it's unavailable to most users / apps / other purposes. It could be hacked if someone had physical access to the iDevice, as could any or all of your other data.
[5] If you lose your iDevice, you can wipe it remotely with Apple's Find My iPhone / MobileMe. In some situations, you or your system administrator may also be able to wipe it remotely without MobileMe. AKO's beta mail provides one example of this.
[6] The database from your iDevice is also stored on your computer, in a backup file created every time you sync in iTunes. By default, backups are not encrypted, but you can turn encryption on in iTunes. You can delete backups from iTunes whenever you want.
[7] There is no STIG for iOS devices. There was a draft some time ago, but it was pulled because DISA feels there are unmitigated security issues in iOS. This may include the location tracking we're discussing here, but there are likely other issues as well.
Have I got all that correct? Are there other relevant facts to that fit this theme?
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (
email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to
email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden