(1) Any app at any time including IOS updates has that information at its disposal, so iFarmville now knows where you spend most of your time and when you are not home. So maybe does any active advertisement ware and those free-but-buy-stuff games your kid is playing.

WRONG. Apps on the phone can NOT get the information in consolidated.db. They can access the location services API, which uses consolidated to assist GPS, but only if you approved them. And there is a off switch for that.

(2) Your phone is PRE-tapped as far as law enforcement is concerned. If I put a GPS anklet on you now "just in case do do something later" would you be fine with that? If I say it also "does iTunes" does it make it retroactively okay?

WRONG. LE needs a warrant for anything on your phone. And if LE wants the locations of the cell towers you've used, along with direct triangulation of your position, they can serve a warrant to your provider.

(3) I can "give you" an app and that app can now tell me how much time you spend shopping and where you shop down to the department of the store (couple meters).

Nifty. If you allowed the app to use Location Services.

(4) God save you if you get divorced or become subject to any legal fishing exiditions.

Your first example shows you have no idea how dirty politics or the legal system works. Every accusation has some basis in fact, because all politicians are kinda dirty. No one is going to try the creeper angle on evidence that flimsy. And if you tried to take that crap into a courtroom, the judge would probably throw his gavel straight at your head. Assuming that steaming pile of 'evidence' was allowed, who do you think the jury will believe as soon as your lawyer points out the Starbucks you frequent is in the same radius, and your receipts prove you were there, not to mention the WiFi hotspot at said Starbucks is the 'proof' in the location log...

As for insurance companies... they are already offering potential policy discounts for 'safe driving'. The catch? a dongle that goes on your car's OBD-II port, recording your speed, acceleration, braking, and how much you drive. You upload the data to your PC, then send it to the insurance company... now that's really being Big Brother, and you still have to opt-in.

"Android.. Android... as opposed to iPhones.. iFrogs" You're already in your parents' basement, right? Time to go to bed, little fanboy, you're getting cranky and paranoid.

What I find sad is how the ACLU is focusing on Michigan, when just about every PD with a computer forensics lab has one of these devices or similar.

Michigan police aren't downloading smartphone contents during routine traffic stops. They aren't even doing it for routine arrests. Only when a search warrant is served that includes the phone.

If you have a passcode on your iPhone, they need to seize the computer you sync it with to enable the UFED to image the phone. They're not going to get that unless they serve a warrant, and if they have that, they have your backups anyway.

Another good reason to have a passcode: Just to be safe, if you get pulled over for any reason, turn your iPhone off. Don't try to wipe it or do anything shady, just turn it off "so it won't interrupt you while you're speaking with the officer." If by some chance your vehicle is searched and the officer turns it on, it will be locked. If the phone is passcode locked, the contents of the phone are not 'in plain sight' even if the phone is.

Your phone records the location data. Apple never sees the data. Therefore, Apple (as an entity) does not track you.

OTOH, Google does get location data w/ UDIDs from Android phones on a regular basis.

Only 45 MPH? I'd be afraid to take that out on the highway.

Take any image, resize it to 25x25, and I can tell you without a doubt if the people in it are having sex.

If you have service from any major ISP, they already have your CC number and probably your SSN. They know what cable MACs are on your account, and they know what IP has been leased to it (I don't know about you, but my DHCP assigned IP hasn't changed in over a year!)

Really, why would they need anything else? If this really were a surveillance state, ISPs could already feed a constant stream of flows and maybe even content to whoever wanted it. In fact, there are CALEA-type provisions in place to do just that if a warrant is served. .. so why are you all ranting like a bunch of crackheads about something that really does seem to have good intentions? Oh, right, because THE MAN is promoting it. I swear, it gets old really quick when [insert race or ethnic group] blames THE MAN for everything, and it's getting old when geeks do it.

Isn't it the private sector that's developing this, with some input and acceptance from the government (as in, you can use whatever they come up with as legal ID, etc...)

I don't know if I trust business any more than government. Government doesn't have a profit motive, and government doesn't care about raking in ad revenue...

It doesn't actually say anything about a unique identifier in the except you quoted.

But wouldn't it be nice to have something like a universally-recognized SSL client certificate, linked to a smart card that only you possess and know the PIN to unlock.

Let's face it, if the government wants to track you, they can already track you by your charge card transactions, or they can ask your ISP to hand over what they have. If this is private-sector led, it's a finance/credit industry thing, and they all share more data on you than the government could ever want to have. So my data is already out there... whatever.. give me an ID no one else can use, and I'll be happy.

Good fucking riddance then. If you're the kind of idiot who jumps to those kind of conclusions, you're just as bad as the right-wingers who jumped to conclusions and got us in a pointless war/occupation/quagmire.

Well, if they're doing it right, the key material is split between the drive and the host. The host and the drive have to perform a key exchange to end up with a shared secret, which is used by the drive to encrypt data. If plugged into an unknown host, or if the drive is programmed to generate a key in RAM at power-on and never save it anywhere, there's no key to recover.

Rampant speculation and paranoia is just insulting. The low capacity is probably because this is a drive designed to have extremely high reliability, so it uses proven head and platter technology.

Yep, and that's how I found iPhones that are returned as defective to the Apple Store make it back to the public.

I exchanged a 3GS that was spontaneously rebooting and syncing slowly or not at all, even after a DFU Restore (which is why I honestly believe jailbreaking can damage your flash, especially after I had it happen to TWO jailbroken 3GS's... but that's another story.)

Anyway, I had Pandora on it. I didn't reinstall Pandora right away on my replacement phone, but when I finally did (months later) and logged into my Pandora account, my stations had been replaced with a bunch of stuff I would never listen to. So explain to me how that happened, other than someone using the phone that was supposedly returned to Apple?

NoScript will protect you from this and all 3rd-party script injection, even when set very permissive (allow all scripts from the base domain)

Groklaw is implying there's a burden on the in-state companies. The law doesn't seem to imply that:

From the ST story:

"Microsoft is pushing Washington legislators to pass a law making it illegal for manufacturers that use pirated software to sell goods in the state [...] The proposed legislation would create a legal cause of action by making manufacturing companies liable for damages, and it would give the state attorney general and companies the right to pursue injunctions in civil court to stop the manufacturers' goods from being sold.

For example, if a large Washington store sold T-shirts made from a company in China and the Chinese company uses pirated copies of Excel at an office in Shenzhen, Microsoft could seek an injunction to prevent the manufacturer from supplying T-shirts to be sold in Washington state"

So... this law means the state AG could seek an injunction against goods from being shipped to your company in their state. You won't be able to get your foam peanut from that company in China, but you're not being told to not sell existing stock of your merchandise.

However, If this was a part needed to manufacture something here, you might have a production stoppage. This is potentially bad news for Dell, HP, Apple because their products are entirely manufactured by companies possibly using pirated software.

Not only that, but you can limit who can see those tags, even when you are tagged in their friends' photos.

That is almost certainly intentional. Their other choices are to use an IANA range, which we would no doubt ridicule just as much, or a real IP address, which would promptly get DDoSed by every 12yo skript kiddie who saw the movie.