This part only applies to the data file being backed up to a computer.

Anyone who works deeply with OS X and iOS as far as how the filesystem is laid out, and how Time Machine/iOS backups work would likely come to the same conclusion as my speculation about it being a bug. Some engineer decided to save a preferences file in a cache folder and removed that folder from the backup exclude list. Or, the other possibility I see is that the caches folder was never properly added to the backup exclude list like it should have been.

One mistake I did make in my checks was the location of the data in the past. iOS prior to 3.2 stored the older h-cell.plist cache under /root/Library/Caches, the cache folder for the root user on the phone. 3.2 moved it to the user partition under ~/Library/Caches. I had incorrectly assumed the location was still the same. Knowing the change happened reinforces my belief this is a bug, as the previous plist wasn't part of the backups. Why make a change now, when they previously saw no need to back up caches in the past? From information released at WWDC (that I can't re quote here, I think 2010 sessions are still under NDA), and from a previous link to Alex Levinston's analysis, the changes had to do with supporting the multitasking features of iOS 4. Combine the analysis of file location, changes needed for iOS 4, and Apple's paranoia about location and analytics*, and it seems more like a bug/oversight vs a feature intentionally added.

I get that not everyone is trustworthy all the time, including Jobs. After looking into the issue myself by using my phone to test it directly, along with my experience in the software field as a build engineer, it all comes across to me as a bug or an oversight. I'm sure many developers here have been through those last minute crunches, and something falls through the cracks. In this case looking at Apple's tight release schedules for iOS over the years, it seems to me there were plenty of corners cut to get things out the door. I don't see this as intentional malice, just crunch time carelessness. It does point to a need for stronger code and implementation reviews at Apple, especially when a users privacy is concerned.

The only way this would be a verifiable fact is if the engineer who either implemented this "feature", or didn't implement the changes for iOS 4 properly were to come forward. That is highly unlikely to happen due to his NDA work agreements and such, so I'm not sure how to really convince you beyond what has been said and linked here. Some of my earlier links contain discussions other people are having that have been researching this, and most lean towards a mistake and not malice.

* I spent about 15 minutes trying to find good links to the previous issues Apple discussed last year, but Google is mostly returning results on the current 2011 story. Basically the changes made in iOS 4 to show what apps last gathered any location data came out of Apple discovering 3rd party apps were silently reporting more info then they thought. Some app revealed early details of the iPad when in development. This lead to some analytics lockdowns, and an awareness about apps gathering location details when they shouldn't. Jobs revealed more info on their beliefs regarding location last year at the D8 conference.


From having worked closely with some of the community folks in the games industry, it seemed to be a balancing act. In general, people are going to be posting random crazy things all the time. Some times, those posts blow up into a bigger rumor. A company can't sit there and deny every single rumor thrown at them. Even a simple statement of "we are looking into this rumor" can cause more problems.

To draw a parallel here (and don't get stuck in the details, this is just a general comparison to another recent event), should Obama have responded every time his location of birth was brought up? After all, it is a pretty major thing concerning his eligibility as President. Initially he ignored the situation since he passed all the checks required to be on the ballot in all 50 states. Then later he bowed to pressure and released his short form certificate. Time goes on, the rumors continue to churn and bubble, and eventually blow up again when Trump starts talking about it. Nothing changed, except the hype. And Obama once again bowed to the pressure and released the long form certificate today. Will the release end the issue? Nope, based on all the birther comments still showing up around the web.

Yes, this particular situation is a little different since it involves potential privacy concerns, but this overall issue of location tracking came up last year as a big deal. Apple may have felt that they already addressed these concerns with their EULA, the congressional response, WWDC coverage, and the systems they put into place last year (short form release). More then just a few experts knew about it, but it wasn't a big deal. Nothing really changed between then and now, but for some reason the O'Reilly report (Trump) stirred it up again. Apple's latest response and action is similar to the long form certificate release. Bugs were identified (ignoring the backup, they did confirm the bug where cached data was still being collected with Location Services toggled off), oversights were identified (the 2MB cap on the file was too big), and corrective actions are being taken. Will this quell the general location tracking fears? Probably not.