First discovered by security specialists, they said that the unencrypted file can be retrieved both from your iPhone, or from your computer, if you sync with iTunes.
Of course, security companies often cry wolf over many vulnerabilities, because that's the nature of their work, but the troubling thing here is this feature is turned on by default, and you can't opt out like when you choose whether to give permission to Google to track your location data in Android phones.
Map of an iPhone user's locations since last June, retrieved from the phone's logfile
Reached for comment, Microsoft also confirmed that they don't have anything stored on Windows Phone 7 devices, but the last phone location, so as it can be used by the Find My Phone service, and that's that. RIM hasn't advised yet, but knowing how heavy on security its user base is, it would be surprising if it did store a file with everywhere you've been for a year on the phone, or on your computer.
"Apple has made it possible for almost anybody – a jealous spouse, a private detective – with access to your phone or computer to get detailed information about where you've been," one of the security researchers has said, since the logfile content can be easily read with a simple program.
Cupertino has been probed for comment, but there is no official statement on the matter at present. Not that cell phone providers don't track your every move, and this information can then be turned over to the authorities (or dictators) on request, but why make things easy for anyone.
It might have something to do with the big push into cloud services Apple is supposedly prepping with iOS 5, but Congress members have sent letters to Steve Jobs, and the FCC have expressed their wish to investigate into the matter further. They might want Uncle Sam to be the only one knowing where you are at any given point in time. For now, just choose to encrypt your sync backups with iTunes, and keep your iPhone at bay.
source: Gizmodo, WMPowerUser, TheGuardian & iPhoneTracker