Slashdot Mirror
iPhones Secretly Send Call History To Apple, Security Firm Says (theintercept.com)
Russian digital forensics Elcomsoft says iPhones send near real-time logs to Apple servers even when iCloud backup is switched off. The firm adds that these logs are stored for up to four months. From a report on the Intercept:"You only need to have iCloud itself enabled" for the data to be sent, said Vladimir Katalov, CEO of Elcomsoft. The logs surreptitiously uploaded to Apple contain a list of all calls made and received on an iOS device, complete with phone numbers, dates and times, and duration. They also include missed and bypassed calls. Elcomsoft said Apple retains the data in a user's iCloud account for up to four months, providing a boon to law enforcement who may not be able to obtain the data either from the user's carrier, who may retain the data for only a short period, or from the user's device, if it's encrypted with an unbreakable passcode. "Absolutely this is an advantage [for law enforcement]," Robert Osgood, a former FBI supervisory agent who now directs a graduate program in computer forensics at George Mason University, said of Apple's call-history uploads. "Four months is a long time [to retain call logs]. It's generally 30 or 60 days for telecom providers, because they don't want to keep more [records] than they absolutely have to. So if Apple is holding data for four months, that could be a very interesting data repository and they may have data that the telecom provider might not."
Well, that's one way to ensure that your off-shore revenue doesn't get touched by the US govt -- provide users' call data to the US govt in exchange for the favor.
and wants to see more of you. Do not disappoint Him, your Lord and Saviour!
All data needs to be sent to Apple, unencrypted, so law enforcement officers can do their job!
Same goes for you google.
Sorry, wireless companies keep records a hell of a lot longer than that. Just log into your wireless account and look at your bill history. That info is not secure if they issue a warrant to the company for your phone records.
But sorry, please start the Apple hate machine....
So if Apple is holding data for four months, that could be a very interesting data repository and they may have data that the telecom provider might not.
Cook: "In my point of view, [privacy] is a civil liberty that our Founding Fathers thought of a long time ago and concluded it was an essential part of what it was to be an American. Sort of on the level, if you will, with freedom of speech, freedom of the press."
So, Timmy, is privacy worth being protected or not? How is this 'protecting privacy'? Just because you can obtain these logs, why are you doing it?
You can't handle the truth.
Yeah that's how it happens. I setup my iPhone and secretly is syncs my call history to my phone. Wow! Where did that come from I wonder?
Same goes for you google.
But we didn't see a russian security firm level the same accusation at Google.
for some reason, reading the article and thinking of all the data being scraped from ignorant apple users, i could clearly hear Bill Hicks growling something about ".. sucking Satan's COCK."
I'm struggling to be outraged. iCloud stores a lot of stuff that's more personal than your call history, and for all Apple's faults, they've proven to be fairly strong on the privacy front.
(Also I'm still a little pissed that my BLU smartphone has been sending my SMS messages to China until today for reasons that nobody is willing to give an even vaguely plausible answer to.)
I'm not pro-Apple (see previous comments) but this isn't unexpected, secret, behavior. When you link your iDevice to something supposedly intended to keep it sync'd and backed up, this is exactly what you'd expect it to do. This isn't even a bug.
You are not alone. This is not normal. None of this is normal.
So can the FBI force apple to turn that over next time?
> And what could be more convenient than not having to bother with the information that it's being done?
Oh my god! You mean when Apple said they'd store all the data on my phone remotely for me, the madmen actually went and did it?
I'm suing.
"“We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices,” an Apple spokesperson said in an email.”Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.”
Not defending Apple here and I only have an iPhone (no other part of the Apple ecosystem) so I can't speak to the need (or usefulness) of being able to return a call from my iPad or Mac if I miss a call from my iPhone. This just smacks of more Siri/cloud/Cortana data collection garbage to me.
Heck, I'd have the iCloud completely turned off still if it weren't for their "new" feature where they stopped syncing with Outlook notes and I had to have someway of backing up/sync'ing note items with the rest of my PCs. (I backup my iPhone to an abacus at home...)
Remember when the FBI was laying heavily on Apple to crack open the iPhone of that Terrorist dude that shot up the work-party in California? Apple refused, and this was a story for weeks in the news. John McAfee claimed his guys could crack it in 14 hours or something?
Anyway, if Apple retains all this data, why was cracking the iPhone such a big deal? Is half the news (or maybe more) all made-up bullshit just to entertain me?
Maybe Trump isn't really president and the news is just telling me that to keep me watching. I can't trust anything anymore. Never mind being in the Matrix, it's freaking reality that doesn't seem real.
If telephones are outlawed, then only outlaws will have telephones.
Once again, a proprietary software company is caught red-handed violating users' privacy. Sigh.
Why are we still trusting those companies who engage in software abuse, mistreating our digital lives? What will it take before mass resignation of such companies' employees because they're fed up from being part of immoral spying schemes?
Oh, and don't give me that food on the table bogus argument; Red Hat makes hundreds of millions profit a year with free software, and most web developers who mix and match free software make more than a decent pay. There's ways to make a living in computing without sacrificing human dignity.
but turn off i-Magellanic-Cloud first.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
They don't have to 'force' them. All this 'resistance' Apple puts up is pure show. It's as fake as the 'news' you get on facebook. NSA, FBI, CIA, DEA... everything you say is being recorded and shared. Don't kid yourselves. It doesn't matter if it can't be used in court. They can still fuck you out of lots of time and money. All they have to do is to put you on ice for a while, and there's nothing you can do about it, especially now that more people all over the world are voting for right wing fascism (is there another kind?). The beacon of liberty has been extinguished.
I recently discovered, that my VoIP-provider had the history of my calls from ever since I opened the account 7 years ago. It is conveniently searchable and downloadable in several spreadsheet-formats.
I suppose, when I get to writing down my memoirs, it will come very handy, but it is a little irksome in the mean time. I doubt, I can turn it off or somehow request the records to be removed — I would be the first to object to any legislation forcing people to forget anything.
In Soviet Washington the swamp drains you.
*crickets*
I have an IPhone 4S using wifi and a Consumer Cellular account. Last summer in France I encountered an Apple software problem that locked my phone. The Apple store in Paris fixed it but I turned off automatic updates to stop the problem from repeating while I'm in the lovely French countryside. Apple ignore my "Don't update" instructions; they downloaded the update anyway and installed nagware that "reminds me" every evening that updates are off and I should install the new OS update..
The end result is that Apple Inc. via the nagware blocks me from making a 911 calls for critical seconds in an emergency. Let's say I'm in bed and hear the burglar in the living room. There is an "emergency" icon on the main screen but I'm used to entering my four-digit pass code so I groggily punch it in and go to the "phone" icon to make a 911 call.
But the Apple nagware is linked to the phone button. Suddenly nagware fills my full screen and offers to install the new operating system I've explicitly rejected. It gives me three choices in 3/8" tall letters- "Install now"; "Install later"; "Details" (which is an add). I'm blocked by Apple Inc. from using the phone until I lie and click on "install later". As soon as I click on it a SECOND Apple nag-add pops up and asked if I'm really, really, really sure I don't want them to install the software later tonight. I'm still locked out of making the 911 call until I click the "leave me alone you bastards" icon. FINALLY I can call 911- after fumbling with my phone for 10-15 precious seconds and having to read the fine print in the dark (I'm 72- Where in hell are my glasses?)..
Now am I missing something; I thought blocking 911 calls was a crime? How do I fix this and delete the nagware and the copy of the update? And of course I will NEVER update the OS to fix the nagware problem unless the update is something I can have looked at (uncompiled code) to make sure it does one thing only- delete the nagware.
Security contractors have warned that Apple smartphones ship with preinstalled software that has a backdoor that sends all your call history to US in real time. The Intercept reported that "the authorities say it is not clear whether this represents secretive data mining for advertising purposes or a US government effort to collect intelligence."
Cough, cough. It'd be interesting to compare comments made here as opposed to Secret Backdoor in Some US Phones Sent Data To China.
For example, I'm going to just assert without proof that this is a deliberate malware on the Apple phone and that the US government must be involved. Furthermore, this isn't just one company's spyware - it's US spyware that casts a shady shadow over the entire US technology industry -- guilt by association... I should also add something about the inherent character/culture of the entire US populous (as opposed to a select few arseholes in all countries) that encourages such moral bankruptcy. I also look forward to people here declaring that they'll boycott all phones which invades their privacy (along with others complaining that everything is made in the US these days and that you cannot get a smartphone without any US software/firmware on it).
The "updates" to an iPhone 4S are designed to slow the phone down to "encourage" you to buy a new iPhone. There is no reason to install them unless you want to cripple your phone. It's a thing Apple does shortly after they release new phones to "encourage" new iPhone sales.
I've said this is my last apple phone after my contract ends and apple is trying their hardest to make me keep my word.
You are right, it is illegal for them to do so. Try reaching to a consumer rights organization.
<PRODUCT> Secretly Sends <SOMETHING> To <ORGANIZATION>, Security Firm Says.
This isn't really news anymore and I doubt that it surprises anyone, so why is this news again?
Carriers will typically keep all billing related information for at least 2 years, including full call logs.
Apple iSurveillance(tm)- "It Just Works!"
Just cruising through this digital world at 33 1/3 rpm...
there is much more information collected on their phones, desktops, and laptops, which is regularly compressed, encrypted, and sent back. Given the amount of times Apple delays fixing severe security holes [because the gov. orders them to hold], did you really believe Apple did not vaccum your device for information on you? Time to wake up.
Same goes for you google.
But we didn't see a russian security firm level the same accusation at Google.
Reading comprehension fail. I said that Google needs to do it, I was not accusing Google of currently doing it.
So can the FBI force apple to turn that over next time?
Yes, and the "forcing" would be just like "forcing" a horny 16-year old to have sex with a hot chick who has her legs spread and is whispering, "C'mon, baby, bang me!"
Just cruising through this digital world at 33 1/3 rpm...
Russian digital forensics Elcomsoft says iPhones send near real-time logs to Apple servers even when iCloud backup is switched off. The firm adds that these logs are stored for up to four months. From a report on the Intercept:
"You only need to have iCloud itself enabled" for the data to be sent, said Vladimir Katalov, CEO of Elcomsoft.
So which is it? Will it only happen when iCloud is enabled? Or does it always do it when when disabled?
or like do it or tim cook will bunking with big bubba in a FPMIA.
The title of this is so incredibly misleading compared to what the article actually says. While technically true that Apple controls your iCloud account and thus the data is "sent to Apple", it isn't being sent directly to Apple for data mining, etc. purposes as the article's title is obviously implying.
From the article Apple isn’t the only company syncing call logs to the cloud. Android phones do it as well, and Windows 10 mobile devices also sync call logs by default with other Windows 10 devices that use the same Microsoft account. Katalov said there are too many Android smartphone versions to test, but his company’s research indicates that call log syncing occurs only with Android 6.x and newer versions.
1. A security company discovered that breathlessly spreading inaccurate information will get them customers.
2. Leak fake news because it worked in the presidential race
3. Profit!!!
It...it's because Steve misses us all. Right?
I'm sorry but the people selling you phone service keeping logs of your phone calls is one thing, the people that just made the phone have no business at all logging that data for any reason. But I guess it's ok though because apple did it and apple can do no wrong.
With iCloud enabled calls to your iPhone are also routed to iPads or Macs so you can answer via FaceTime. Apple is "integrating" with your phone service provider.
So, you're fully aware that there's an 'emergency call' option which bypasses everything, but you choose not to use it.
Instead, you choose to continue to use a phone that you *know* has a nag screen, that you *know* you can bypass, and that you *choose not to.*
And this is somebody else's fault.
Vintage computer games and RPG books available. Email me if you're interested.
The idea that Apple is doing something unique here is ridiculous. My call history arrives in the mail to me each month. That record is probably kept indefinitely and is easily available by subpoena.
This is why I don't use the cloud for anything! I have my own email, web, and sftp server. I set up my own personal private cloud via ownCloud and all this gets hosted on a small, low-power server in my house. My information is relatively secure and I don't have to worry about anyone else monetizing it or providing it to a government authority.
Looks at the iOS 10 supported device list... Nope, no iPhone 4S here! AC is, once again, a liar...
Browsing at +1 - no ACs, I ignore their posts. So refreshing!
I've always been OK with iPhone its way more stable than any Android I have owned. But I don't care to use any of Apple's services or applications.
NSA Can Access More Phone Data Than Ever (Oct 20, 2016)
http://abcnews.go.com/US/nsa-p...
"... the percentage of available records has shot up from 30 percent to virtually 100. Rather than one internal, incomplete database, the NSA can now query any of several complete ones."
The US gov is getting it all. They just hope the wider public does not notice and keeps on trusting their fav US brands.
Domestic spying is now "Benign Information Gathering"
I wrote the original "Apple blocks 911" post. The French problem led me to refuse further updates because anywhere else in France the problem would have been unfixable and I was traveling in the countryside.
I'm back in the U.S. since September and the nagware/911 issue is in the U.S., not France. Sorry if I confused you on that.
I'm the original poster. Now this comment makes some sense of what Apple is doing. Any details on what the update to 9.4++ really does would be helpful.
I'm the original poster. The update they are trying to force on me is not 10; it is, if I remember correctly a 9.4+++. Sorry if I left the impression that they were trying to force 10. I went back and looked at my original post. There was no mention of what Apple is trying to force on me.
All I can say is I'll try to avoid Apple products in the future.
The original poster back again. Lynnwood Rooster usually has really good comments on technical issues. This time I think he jumped to a conclusion (that the update was to 10) and responded to that. The update was to a variety of 9.4.
LR's comments are usually so on the mark that a few months ago I even tried to figure out who he was to no avail- Lynnwood, WA and a list of former likely employers was as far as I got.
Same goes for you google.
But we didn't see a russian security firm level the same accusation at Google.
Reading comprehension fail. I said that Google needs to do it, I was not accusing Google of currently doing it.
If they don't, why do they say so in their Privacy Policy
When you use our services or view content provided by Google, we automatically collect and store certain information in server logs. This includes:
- telephony log information like your phone number, calling-party number, forwarding numbers, time and date of calls, duration of calls, SMS routing information and types of calls.
Reason why Russian security firms can't see that (*) is because it isn't stored accessible by you on your own Google account.
(*) Or can't tell you they can, because that would require hacking Google's server.
Of course news about a fake are Fake News.