Editor’s Note: The following is based on one (detailed though not necessarily factual) report that relies on one reportedly inside (yet anonymous) source at Apple. We felt that it is detailed enough to relay to our readers, and if true, raises very troubling questions that Apple and AT&T need to address to their customers.
AddictiveTips is reporting in detail that a trusted source inside of Apple Inc. has told them that Apple is not only checking for jailbroken iPhones in conjunction with AT&T through OTA (over-the-air) updates every 7-14 days – and then relocking them and putting users on a blacklist – but is also storing Facetime location data, and that the un-encrypted WiFi chats can be snooped on. Beyond all of this, the source claims that Apple/AT&T shipped some iPhone 4′s early in order to test the OTA updates.
The source is reportedly an Apple employee – AddictiveTips says it will not reveal the name of the source, calling him/her only ‘Alpha’ – says that, “I will tell you this right now the things I am saying if you where to go to [Steve] Jobs himself he would deny.” Alpha claims that there is a line of code in iOS 4 that does the OTA updates and that some Apple employees themselves are not installing iOS 4 onto their iPhones. Here is how Alpha says it works:
“How it works is every 7 to 14 days We (Apple) and AT&T send a message to your iPhone that gathers some data from your iPhone without you knowing and we see what is running, baseband and firmware. We then send a following message. “There are optional updates for your iPhone, Would you like to install them now?” two options “Yes” or “Later”. Those are what would would call “OPTIONAL UPDATES” Now there are things called “MANDATORY UPDATES”. They tend to work the same way, grab data from the iPhones sends it to AT&T and us then back to your iPhone with the message, “Your iPhone (name of iphone) must be updated to the current AT&T standards to run”, your only option is to “Accept” Now you can try to work your way around it until you get the second mandatory message again “You must plug iPhone into iTunes and update” If you don’t do this you will then receive no Signal from the network anymore and your iPhone will potentially lock up with no signs of use until you update your iPhone via iTunes. You all agreed to this terms and condition when you installed iTunes 9.2 and then again once you updated to iOS4. With that being Said go ahead Try to unlock the iPhone it will only last 14 days max…”
Here is a screenshot from the article of the OTA updates taken from a phone in Canada, where apparently some users are already receiving them:
![photo4266x400 If true, this leaked report may leave Apple & AT&T with a LOT of explaining to do [Updated]](http://cdn.thenextweb.com/files/2010/06/photo4266x400.png "photo4266x400 photo")
Update: More than a few commentators on AddictiveTips have noted the discrepancy between AT&T supposedly sending OTA updates to a jail-broken iPhone that isn’t running on their network any more – say for instance running on T-Mobile, and that that alone means that this story is false. However, that argument alone doesn’t necessarily mean that this leak is false – it is certainly possible to run a jail-broken iPhone on AT&T’s network and – if this leak is accurate – then we’re guessing that AT&T could theoretically detect that the phone is jail-broken, and then blacklist that customer (..and possibly send a lock code? Anyone know?). Again, theoretically.
Update: AddictiveTips says that the iOS 4 software itself will ping Apple/AT&T servers regularly (we are guessing that they mean through any available connection, i.e. WiFi, AT&T, T-Mobile, whatever) and that is how Apple/AT&T knows that an iPhone has been taken off of their network (we’re guessing – though this isn’t clear at all from AddictiveTips or their source – that by “iPhone” here they mean one bought in-contract with AT&T at a discounted price). Software can certainly be set to ping servers, so technically that part of it could be possible, but whether Apple/AT&T could then do anything punitive, as the leak suggests, i.e. bricking the phone or putting it on a blacklist – well, they might be able to associate the phone with a previous AT&T user and then deny them service, but brick a phone on another carrier…Why would they bother going to such extremes (if they could technically do it) for that matter, especially if you’re already out of your contract – does it really matter that much to AT&T that an out-of-contract fully-paid-for AT&T sold iPhone is now on another network?
Regarding Facetime, Alpha says that beyond the fact that the service isn’t encrypted and if someone wanted to, it isn’t hard to snoop in on the WiFi connection:
“Worst yet is once a person connects to another person on FaceTime it for some reason non of us in the office can figure out, sends us APPLE a message and says those two people are connecting via Facetime and gives out their location to us. So for whatever reason we need that information just blows my mind. As a consumer why would you need to let Apple know that you are connecting with a person via FaceTime, its non of Apple’s business.”
Updated: As was correctly pointed out in the comments below (which we agree with), the collection of anonymous usage data isn’t in itself a big deal – many software companies routinely track usage of their products and Apple has multiple ways to track and monitor the usage of iPhone – but we thought we’d relay it as it was positioned as a major part of the AddictiveTips story.
Again, all of this is from one unnamed source, although as you can see, this is very detailed (though not confirmed or tested) info. We have sent an email to Apple PR asking for a comment.
Update: We have also sent an email to AT&T asking for comment. We have not received any response so far from either Apple or AT&T, and we are going to hold off with any other updates until we either hear back from either with an official response and/or AddictiveTips offers any incontrovertible proof (see below)
Update: In comments on their own post, AddictiveTips is sticking to their guns and says “You should wait 24 hours because something interesting will be coming up“. We’ll have to wait and see if this “something” includes incontrovertible proof or not.
Update on 6/25/10
AddictiveTips has posted a follow up piece regarding FaceTime with a screenshot that they claim was taken by Alpha of an email sent to him in his “role” at Apple. Again, whether this person is an actual Apple employee is still very much in doubt: AddictiveTips is certainly sticking with to their source/story, however, saying this in their latest post:
“For those who think this guy is “fake” and is probably fooling around should know that I know his full name, he works at Apple iPhone department, I have seen his photo, and know his location.”
The screenshot of the email – which could frankly easily have been faked (and shows Microsoft Outlook’s Web mail as the email client – go to their post and take a look yourself if you want – anyone know if Apple uses Outlook? Seems somewhat unlikely…) – basically only says that in order to activate FaceTime the phone sends an SMS to Apple.
Regardless of why Apple deemed this necessary, according to this discussion thread on Apple.com, FaceTime does seem to need SMS functionality to activate. So even if the email in AddictiveTips is real, this doesn’t seem to be any kind of an issue, privacy or otherwise – it’s just an activation issue. As we’ve said before, the FaceTime part of this “leak” just doesn’t seem to be that big of a deal whatsoever.
Regarding the OTA issue, AddictiveTips had this to say in their latest post:
“The force OTA update will be discussed in later article, after I have gathered more proof and verified that it is indeed carrier update (because it could be forced apple firmware update too). This OTA leak should not be considered final and should be added under the category “Rumor” until further proof is confirmed.”
So there you have it – they are calling this themselves a “rumor” – so at this point we still have not seen any incontrovertible and/or corroborating proof of either the identity of this person or what he is saying is in any way the truth other than the assurances of AddictiveTips – who themselves are calling their own story a rumor.
We’ll continue to watch their site for any additional posts and keep you updated.
i’ve started to see these carrier updates…and they weren’t there in ios3
Carrier updates have been a part of the iPhone since, at least, version 2.0. But they’ve never been dispatched over-the-air.
They have, too. I got carrier updates several times. Don’t be paranoid about that.
they were in OS3, and have been since OS1.
didn’t ANYONE notice that the screen shot is a Rogers Wireless (Canadian carrier?)
We’ve had to deal with these carrier updates at the very least since Bell, Virgin and Telus launched the phones last year. They ship out of box without any of the APN settings installed, and you have to update carrier settings using itunes (or manually if you don’t value your time) before your data plan works.
It’s not a conspiracy, it has to do with unlocked and debranded phones. Get used to it.
Hmmm… Doesn’t ‘feel’ true to me, but I could well be wrong.
As I said, if false, it’s detailed false info. AddictedTips says “Alpha” is a trusted source who it sounds like they’ve used before. Obviously, we’re certainly not trying to manufacture anything here, and will certainly update with any more info in support of or going against this report.
what’s making you “feel” it’s untrue?
Nothing in particular, as Chad says, it’s very detailed info. I suppose I just instinctivelydon’t trust detailed, sensational but anonymous info. Massive story if true though.
Nothing wrong with your instincts Martin, approached this with extreme caution, but felt that AddictiveTips was confident enough to risk their reputation on their source, so we would pass it to our readers and let them decide (and hopefully help us to prove the truth either way). AddictiveTips says they’ll have some kind new information in 24 hours to support, so I guess we’ll see.
What makes it rather suspicious to me is Alpha’s rather unique writing style. That’s not a comment on his/her English Language skills, as English may not be their first language, but the writing style certainly is distinctive, thus making them vulnerable to discovery. And we all know what happens to Apple leakers.
I have that little BS detector going off in my head as well.
What if, hypothetically, you’re not using AT&T?
i’d assume same across the globe, but who knows.
I don’t doubt that this is happening with Facetime, you’d be surprised what data gets passed from a handset to a manufacturer and Apple aren’t alone, I’ve worked on similar projects. Don’t suppose you’ve read the terms and conditions? It’s probably buried in there somewhere. I very much doubt they are doing it illegally
Didn’t say “illegally” anywhere – and yes, could very well be in the Terms and Conditions – all three times longer than the US Constitution of them
I’ve had carrier updates in the UK before on previous OS updates – and never believed them to be any more than innocuous updates to some data setting or the like for O2.
Without evidence, this sounds more like a very detailed conspiracy theory. Or am I being too generous/naive?
oh you’ve had them before this update? I’m on O2 and have never received them before until now. I can’t quite understand what O2 could possibly be updating so regularly…
Yeh, pretty sure I had one on day 1 with the original iPhone after iTunes registration etc, and never unlocked or jailbroken so if it is fishing for info, it’s doing so in an untargeted way. Maybe I’m just special or they’re just paranoid….!
O2 carrier updates have only occured for me when I got the device officially unlocked by them when on contract.
I’ve had at least one carrier settings update before. I’m in Canada on Rogers, and at the time I think it was when I was upgrading to iPhone OS3. It was over iTunes, though, I haven’t seen a prompt on the actual phone.
I should add that I got it as well when I upgraded my 3G to iOS 4. Once again, in iTunes during the upgrade, not on the phone itself.
I think you’ve said it right – it certainly could be a “very detailed conspiracy theory” – and we are more than willing to publish a response from either Apple and/or AT&T.
I got this message (Rogers in Canada), and I have not updated to iOS4 yet.
I don’t believe any if it (and the misspellings don’t help). These carrier settings OTA updates are nothing new. The first one I received was when AT&T introduced MMS. I think this employee 1) knows far more than a rank-and-file employee would and 2) wants his 15 minutes.
Yes, OTA updates are certainly nothing new. And yes, this could all be someone going for their 15 minutes of fame (which we would unfortunately be helping with). Frankly, it would be better for everyone if it does turn out to be false, here’s hoping.
I had this carrier update message yesterday after upgrading to iOS 4, never had them before and was slightly confused as yo what they were updating. Usually these sort of messages are fir updating APN settings which I assumed was the case yesterday. I am in the UK on o2
I tweeted this too but no one here realizes that Apple tracks everything to improve their products. They know every time you open Calculator and TextEdit. They know how long you have it open and they know when it crashes. They know your location of your Mac to check for time and date updates (which is a feature in snow leopard). They know your iChat AV video call details and even though it’s all anonymous (which I’ll assume this is too), it’s not surprising.
Apple is going to use this data to see when Facetime chats don’t connect (router issues) and when they do connect, how long people use it (to make changes to the experience for later). They have a financial interest and developer obligation to keep people from jailbreaking iPhones because it cuts into App Store sales and increases piracy of apps which hurts developers.
Unlocking phones hurts Apple’s relationship with carriers so they are of course interested in keeping people from doing that as well. Apple has been doing this for years. It’s part of what makes their products so damn good is because they are aware of everything you do and how you use their products.
google does it too. It’s all anonymous so we have nothing to worry about. Frankly, I don’t care. But install Little Snitch on your Mac and have it ask you for every outgoing connection and you’ll be blown away at how often x.apple.com is connected to while you use your Mac in an hour time frame. I counted 40 outgoing connections to apple.com in an hour of normal use after installing Little Snitch.
Thanks Adam. Yes, Apple certainly has the right to track usage. It’d be interesting to see exactly how much of this is spelled out right in the TOS, but that is part of the problem – all of this stuff is so damn buried that no one knows it’s going on (if, indeed it is).
Thanks Chad. What you guys posted is scary to those of us that haven’t heard of this before but I feel that Google doesn’t get enough pressure for the data they store. Deleting emails in Gmail doesn’t mean they’re gone. Google still uses that to deliver ads to you for years to come. Facebook is using it in certain ways too. Apple is now an advertising company so that certainly makes things more complicated for how consumers view this data they’re tracking.
Yes, privacy and data collection and storage is turning into the story of the year, isn’t it?
Here is my Mac determining my location to set the time. http://grab.by/55Ye. Why wouldn’t apple store that? It helps them determine where to put Apple Stores.
when companies get data, they use it and mostly their defense is that the data is anonymous and we benefit by a better product.
Yes, storing location data is a common practice for many companies. That in itself is not really the larger news – the un-encrypted Facetime is really more interesting to me (if people didn’t already know of that).
It may be ok for Apple to track usage but it should be asked of first. Hiding it in the TOS is plain sneaky. Why not have the option to send anon data to Apple and a opt in or out screen on the MAc and iPhones. That way people know what’s going on.
When Microsoft did this there was a huge uproar but everyone thinks it’s ok for Apple to do this. Please!
I don’t think Apple has the right to track what I have on my computer or phone without my consent period.
“It’s all anonymous so we have nothing to worry about.”
1> Anonymous user statistics are hardly anonymous.
1b.> It’s fairly simple to induce general, and even specific details of each user by looking at the things they do.
1c> With all of the new information on iPhones looking into your Google Map locations [and so on] it’s been reiterated and hard to doubt, that Apple is aware of your physical location during the use of some [if not all] programs, at some [or all] times.
2> Some of us do not care to help Apple “improve their product.”
3> Some of us value our Privacy.
Pass.
I got a carrier update on O2 when I updated to iOS 4.0 GM. I’m sure I used to get similar pre-iPhone.
My O2 version is now 7.1 rather than 7.0.
I find it plausible.
iTunes latest update said that Apple’s privacy policy had materially changed, but didn’t summarize how.
The id and location of facetime calls are probably necessary for ‘lawful intercept’ purposes, i.e. government imposed.
That hardly represents ‘a lot of explaining to do’.
How about “some” explaining?
I smell BS. The ramifications of this woul mean that every carrier in the world deploying iPhone would have to participate is this subversie behavior. Also, what about regions where it is not legal to lock a mobile device to an operator? Also, how would they deal with legally unlocked devices?
The reality us that the App store revenue less that 1% of Apples total revenue stream. This is a significant amount of effort and a major risk to Apples reputation to go after a couple of percentage points on that 1%.
We haven’t even talked about the legal implications of them trying to do something like this. While there is a significant culture of secrecy at Apple and by extension to the operator teams that deploy Apple devices, this ‘source’ makes it seem as if none of the participants in these projects has any moral compass or common sense. These are technically savvy people and yet would have complete understanding of the privacy implications of these alleged actions.
I stick with my first comment.
I call B.S.
Yes, many ramifications if true – as we mention in the updates, AddictiveTips says they will be providing more information within 24 hours, so we’ll see.
Alpha=Google lol
Whether accurate or not, this is incredibly irresponsible journalism. In fact, it isn’t journalism at all. One unidentified source? Geez. I hope it isn’t someone who works for Sprint or Google. Seriously, if you want to drop your pants and report everything that any yahoo puts to an email, no one is going to read this tripe at all any more. Do your job – if it is true, some investigation will corroborate it and then you can report it. If not, get ready to be sued.
Why do people like you not have the balls to show you actually are when you say stuff like this? Pathetic…really.
The title of the posts starts with “If true…”. Seems to be clear enough to me: it is a rumor, uncorroborated or confirmed. I will enjoy it as such.
First of all, as we’ve made clear, we are not reporting this as fact – it is a post on another website that is reporting on an uncorroborated story from one source – however, they insist that they trust this source and that the source is an Apple employee, and as we have said, we felt there were enough details to warrant passing the story onto our readers and let them make their own judgments, which you obviously have.
As always, thanks to everyone for reading and commenting.
It’s a good thing AT&T has an unlimited data plan or these mandatory updates might get extra annoying… /sarcasm
Much of this will be immediately verifiable as soon as someone gets an iPhone 4. Just run a network snooper while you’re running FaceTime and see where the packets are going.
yeah, I really do kind of doubt that Apple is collecting anything more than location and use data, not the actual video. That said, they should have encrypted FaceTime.
Did you say some Canadians got their iPhones early? That would have to be some kind of trick, since even pre-orders haven’t started in Canada. Pricing hasn’t been announced and, as has been widely noted, the Apple Canada iPhone web pages removed “coming in July” and replaced it with “coming soon”, implying that August is more likely. This story is a fraud, folks.
No, I didn’t say that at all – AddictiveTips says that the user that they got the screenshot from was getting the OTA update already – presumably on iOS 4 which is available in Canada (see link below). The leaked story (if true) is about iOS 4 which runs on other Apple devices other than the iPhone 4 – though I can completely understand your confusion, this is a confusing story (true or not) and we had iPhone 4 in the title earlier, so maybe that didn’t help. Thanks for reading!
http://www.ecanadanow.com/canada/2010/06/22/apple-canada-releases-ios4-for-free-download/comment-page-1/
I call BS on this entire story. This is just someone trying to get attention while everyone (including myself) clicks a link on Twitter that has anything to do with iPhone.
This is link bait at it’s best.
Certainly might be the case, we clicked on it too. As we’ve said above, just relaying the info to you our readers to make your own judgments. Thanks for reading.
This may be a tough one for Apple to fix. Its not like this is some sort of glitch or software issue, its hardware. I mean we all know that Apple has great costumer service but just how far does that extend.
If you want to understand the full extent of the hard ware damage check out the article athttp://getyourgadgetsgoing.com/
Whilst the story may or may not be true the claims of the source getting “fame” and attention” at this point seem ludicrous. The source has not identified themselves so I fail to see how that could be…
Sure, it could potentially be a massive troll or whatever – who knows.
Personally my feeling is that it could be true – no one has presented any reasons that seem to definitively prove otherwise.
Apple are well known for their secrecy and what some may underhanded dealings with customers and organisations.
Disclaimer: I own no Apple products and personally I really don’t wish to despite them being, in some case, very nice pieces of kit. But I try to remain balanced in my opinions. People who have shelled out money are naturally invested in what opinion they give as they don’t want to appear duped or fools for purchasing Apple products. Just a thought.
Collecting statistical usage data isn’t a big deal. Collecting data about person A connecting to person B and transmitting it to Apple is a big deal; if they do that, they may be committing a crime.
What if, say, you jailbroke an old 2g (1st gen iPhone)… no iOS4 available to it and it’s not on ANY network anymore. Would they still be able to brick it if this article were true? If so, that would be a shame since those who still have their 1st gen iPhones are now completely paid for. I hope the EFF wins their argument for putting “Jailbreaking” exempt from DMCA copyright laws.
I fail to see what my profession should have to do with the level of care I get from Apple. Why should only those who work with costumes get excellent service?
*angry*
i think the facetime thing is wrong but the jailbrake thing is correct because the ill legal jailbroken phones should b stopped and its good steps are taken towards it
Except for the minor detail that there is nothing illegal about jailbreaking your phone. I have no contract with either Apple or AT&T. If they want to lean on a click-through EULA and brick my phone when I’m not even an AT&T customer, I will gladly go to small claims court and get my money an damages back from them. They quite simply have no right.
Technically, you are incorrect. It is potentially a violation of the DMCA. However, it is likely that an exemption will be granted this year, having been applied for by EFF. Also, it is certainly my take that you might win under a fair use defense if it came to a suit.
The whole thing sounds like BS to me anyway. Its the sort of thing someone puts into the media when they want to short sell Apple.
Funny that one possibility was never raised… what if Apple itself launched it in the background to scare jailbreakers???
I haven’t had even one carrier update from AT&T on my bone stock iOS4 3GS. Granted, it’s been 3 days max since the release…
Listen, the only reason i give this “article” any credence at all is Apple’s secretive nature and my inherent disdain for AT&T. Apple is getting quite pompous with their new found success and AT&T clearly despises their customers… (it’s okay though, we fucking despise you AT&T)..
People should watch carefully any posts by the hardcore crackers/unlockers/jailbreakers (namely the DevTeam and that self important asshat George Hotz – ok, he has some real talent.. and ego).
I digress, but they will know before anyone else (save the trusted coders inside Apple’s inner sanctum) if shady business is going on.
I’d love some proof to attach to this shameless sensationalism!
Well, if the story is true we will certainly find out soon enough when all of those Iphone users who jailbreak it report back that their phones were bricked.
All in all, it does not sound like a plan that was meant to remain a secret to begin with because they will be forcing anyone who jailbreaks their Iphone to re install it back to the iOS4s original state, I doubt they would do that and expect it to go un-noticed! Especially when the process should be easy to test and document.
Why are you trying to make something that is standard practice with all mobile carriers news?! This is an old story and really not very interesting except for those paranoid conspiracy theorists.
i’m a panoid conspiricy theorist! and guess what, a lot of these larger companies DO have alterior motives aside from just making you happy, i’m sure that if u peek inside apple headquartes you’ll find its packed full of chocolate rivers and marshmallow clouds, apple and AT&T up to no god (was that a subliminal mispeling?) now ur just being silly.
damn i shoulda put a fake name apple’s prolly gonna brick my laptop any second now : (
Well, unless things have changed substantially since I was at Apple, they ain’t using Exchange for their internal email as depicted here.
I call shenanigans.
someone with a lot of time and money should sue, and then we will get to the bottom of this. it would be interesting to see how this ends. personally i believe this is happening, why would it not? they are in the market to make money. the only way they make money is knowing how to improve their products, and then sucker us in to buying it. how do they get all their information on how to improve, and see what people are spending their time on? they see what we are doing on our phones and computers, and use this info for their advantage. some of it may be goverment mandated for security perposes, but a lot of it is for personal gain and profit.