iPhone sends call logs to Apple servers

iphone-sends-call-logs-to-apple-servers

Apple didn’t comment on the specific claims made but tells us:

We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices. Apple is deeply committed to safeguarding our customers’ data. That’s why we give our customers the ability to keep their data private. Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.

The Russian company which sells iPhone cracking tools to governments and corporations is Elcomsoft. It says that iPhones send real-time call logs to Apple servers even when the iCloud backup is switched off. These logs are stored for up to four months.

Elcomsoft CEO Vladimir Katalov told Forbes that it also isn’t just traditional phone calls that are logged, and that iOS 10 has expanded the scope of the logging.

All FaceTime calls are logged in the iCloud too, whilst as of iOS 10 incoming missed calls from apps like WhatsApp and Skype are uploaded, said Elcomsoft, which provides phone forensics tools to police.

This is similar to the result of iOS 10’s CallKit support.

Katalov said that the logs are uploaded from any iPhone which has iCloud Drive enabled.

“Syncing call logs happens almost in real time, though sometimes only in a few hours,” he added. “But all you need to have is just iCloud Drive enabled, and there is no way to turn that syncing off, apart from just disabling iCloud Drive completely. In that case many applications will stop working or lose iCloud-related features completely.”

While Apple is open about allowing law enforcement access to iCloud backup data on receipt of a court order is said by the company. The company doesn’t disclose that it holds call logs even when backups are not enabled. Katalov also challenged the statement on Apple’s website. The website only stores FaceTime call logs for 30 days.
Synced data contains full information including call duration and both parties. We were able to extract information going back more than four months.
He believed this was an oversight by Apple rather than any deliberate attempt to obfuscate the information it holds, iOS forensics expert Jonathan Zdziarski told Forbes.

I suspect that this is probably more of an engineering issue around making handoff work when you are answering calls between your phone and your desktop or if you’re using FaceTime on your desktop. They need to be able to sync a lot of that call data. I suspect whatever software engineer wrote that part of it probably decided to just go and stick that data in your iCloud Drive because that’s kind of what its purpose is. I’m convinced it wasn’t very well thought out if that’s the case.

Apple has already indicated an intention to use full end-to-end encryption for iCloud backups at some point in the future. Backups are encrypted but Apple holds the key by switching to end-to-end encryption at present.  Apple would have no access to the data.

Apple was intercepting all iMessage contacts. Though in that case, it was due to a misunderstanding of how Apple’s systems work is claimed in the previous report.


You May Also Like All the Cool iPhone Secret Codes You Should Know