iPhones Secretly Send Call History To Apple, Security Firm Says

Russian digital forensics Elcomsoft says iPhones send near real-time logs to Apple servers even when iCloud backup is switched off. The firm adds that these logs are stored for up to four months. From a report on the Intercept:"You only need to have iCloud itself enabled" for the data to be sent, said Vladimir Katalov, CEO of Elcomsoft. The logs surreptitiously uploaded to Apple contain a list of all calls made and received on an iOS device, complete with phone numbers, dates and times, and duration. They also include missed and bypassed calls. Elcomsoft said Apple retains the data in a user's iCloud account for up to four months, providing a boon to law enforcement who may not be able to obtain the data either from the user's carrier, who may retain the data for only a short period, or from the user's device, if it's encrypted with an unbreakable passcode. "Absolutely this is an advantage [for law enforcement]," Robert Osgood, a former FBI supervisory agent who now directs a graduate program in computer forensics at George Mason University, said of Apple's call-history uploads. "Four months is a long time [to retain call logs]. It's generally 30 or 60 days for telecom providers, because they don't want to keep more [records] than they absolutely have to. So if Apple is holding data for four months, that could be a very interesting data repository and they may have data that the telecom provider might not."

off-shore revenue

[gti_guy]

Well, that's one way to ensure that your off-shore revenue doesn't get touched by the US govt -- provide users' call data to the US govt in exchange for the favor.

Re:off-shore revenue

[Coisiche]

Isn't the iPhone a US politician's usual choice? Maybe it's more along the lines of Apple saying "If our tax liability were to suddenly increase then your call history becomes public".

very interesting indeed

[roman_mir]

So if Apple is holding data for four months, that could be a very interesting data repository and they may have data that the telecom provider might not.

Cook: "In my point of view, [privacy] is a civil liberty that our Founding Fathers thought of a long time ago and concluded it was an essential part of what it was to be an American. Sort of on the level, if you will, with freedom of speech, freedom of the press."

So, Timmy, is privacy worth being protected or not? How is this 'protecting privacy'? Just because you can obtain these logs, why are you doing it?

Re:very interesting indeed

[Anubis+IV]

Just because you can obtain these logs, why are you doing it?

Apple already answered that question. From the article (yes, I'm guilty of reading it in this instance):

Apple acknowledged that the call logs are being synced and said it’s intentional.

“We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices,” an Apple spokesperson said in an email.”Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.”

Moreover, the article contradicts the headline's assertion that this was a "secret" collection of data, since Apple has apparently been up-front about the collection ever since it was added, having disclosed it in their security white papers over the last few years. Plus, users are apparently in control of the data still. Deleting the log on your phone syncs the deletion through to iCloud as well, allowing the user to delete the log at any time.

Of course, it would be better if Apple didn't have access to the data in the first place, and while Apple has announced their intent to encrypt things in such a way that they wouldn't be able to access them, the article rightly calls them out for having yet to actually do so in the 9 months since they announced those plans.

The article goes on to mention that this same call log syncing feature was added to newer versions of Android and Windows Phone as well, with the exact same caveats about it being impossible to turn off without turning off all syncing services. Neither Google or Microsoft were mentioned as having announced plans to encrypt the data to keep it out of their own hands, though I'd hope (but not expect that) they'd all jump on that bandwagon.

Re:very interesting indeed

[TheFakeTimCook]

Deleting the log on your phone syncs the deletion through to iCloud as well, allowing the user to delete the log at any time.

And that's the difference that makes ALL the difference.

I agree that it would be much better if this was an "Opt-Out/In" Setting, and if it were encrypted from Apple's view, too.

But unless you are under an active investigation, keeping your call-log "pruned" is a good first step.

Re:very interesting indeed

[Anubis+IV]

And that's a fair point. Apple already does quite a bit to try and educate their users about the security and privacy of their devices, but the industry as a whole needs to be doing an even better job, as I'm sure you'd agree.

Even so, the details were readily available to anyone who was interested in them, and Apple's white papers are fairly easy reading as far as technical breakdowns go, so the headline's claim that Apple was secretly collecting the data is clearly false, which is highlighted by the fact that the article itself refutes the headline.

Yeah, and?

[squiggleslash]

I'm struggling to be outraged. iCloud stores a lot of stuff that's more personal than your call history, and for all Apple's faults, they've proven to be fairly strong on the privacy front.

(Also I'm still a little pissed that my BLU smartphone has been sending my SMS messages to China until today for reasons that nobody is willing to give an even vaguely plausible answer to.)

I'm not pro-Apple (see previous comments) but this isn't unexpected, secret, behavior. When you link your iDevice to something supposedly intended to keep it sync'd and backed up, this is exactly what you'd expect it to do. This isn't even a bug.

Re:Yeah, and?

[110010001000]

"Also I'm still a little pissed that my BLU smartphone has been sending my SMS messages to China"

Only a LITTLE pissed? Interesting.

Re:Yeah, and?

[squiggleslash]

Apple is storing the call data without the user's knowledge or ability to control it.

I disagree on all points.

The user can control it, they can choose whether to link their device to iCloud or not. And saying it's "without the user's knowledge" is rather like saying "It stores the user's phonebook without their knowledge" or "It stores the user's photos without their knowledge". Sure, it may or may not explicitly state that, but it's implied by the very act of syncing.

This is, at best, a user pig-ignorance thing: by pig ignorance, I mean not merely that the user is ignorant, which is OK, it happens, not everyone's a tech expert, but one where a user hasn't even bothered to think about what enabling a particular feature on their phone means.

Re:Yeah, and?

[JoeyRox]

What if the user wants their photos backed up to iCloud but not their call logs?

Re:Yeah, and?

[MachineShedFred]

Without the user's knowledge?

So when they get a new device and the call history magically shows up after putting in the iCloud account and password, it's divining that through psychic feed or something?

No ability to control it?

Turn off iCloud. It no longer stores this information. Sounds like a fairly easy and basic control to me. Would it be better if there was an individual switch for this function? Probably, but at some point you end up with an overwhelming page of little switches for every single little thing, and it's a usability nightmare that most people wouldn't bother with anyway.

Re:Yeah, and?

[JoeyRox]

What if it's their first iPhone, so they won't see their previous call sync to know it's happening? And what if they're not tech savvy to even know what iCloud is? Are non-techies undeserving of privacy protection?

Re:Yeah, and?

[squiggleslash]

It's a figure of speech (I used to be British, we don't really do the yelling and screaming thing about things that we're angry about, we just tut tut.)

Re:Secretly

[aaarrrgggh]

Yeah... call history is synced between devices... in near real-time... and it goes back about four months! It is one thing if there is a user-centered purpose for it...

Litigation time!

Oh my god! You mean when Apple said they'd store all the data on my phone remotely for me, the madmen actually went and did it?

I'm suing.

FTA - Nefarious or just stupidity.

[the_skywise]

"“We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices,” an Apple spokesperson said in an email.”Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.”

Not defending Apple here and I only have an iPhone (no other part of the Apple ecosystem) so I can't speak to the need (or usefulness) of being able to return a call from my iPad or Mac if I miss a call from my iPhone. This just smacks of more Siri/cloud/Cortana data collection garbage to me.

Heck, I'd have the iCloud completely turned off still if it weren't for their "new" feature where they stopped syncing with Outlook notes and I had to have someway of backing up/sync'ing note items with the rest of my PCs. (I backup my iPhone to an abacus at home...)

Re:FTA - Nefarious or just stupidity.

[MachineShedFred]

I used this just today actually - I left my phone in my bedroom on it's charger, and I missed a call. I was able to click a 'redial' button on my MacBook Pro and return the call.

It was rather convenient, actually.

Re:FTA - Nefarious or just stupidity.

[guruevi]

It also allows you to pick up your phone from your computer or other devices. It's immensely useful if you sit at a desk and need to take a call, you can just use a headset. It's kind of 'expected' that such notification data runs throughout the ecosystem. Don't like it, turn off iCloud, then it doesn't happen unlike Android devices where it always happens regardless of your settings.

Re:FTA - Nefarious or just stupidity.

[anegg]

This is the inevitable consequence to people wanting to use services that have an "ecosystem" that is maintained in the cloud instead of within their own local set of devices. It is not impossible to imagine having the same capabilities enabled through an ecosystem that maintained the data all on devices local to the user. However, unless people demand such an ecosystem (and are willing to pay for it), the friendly people who have built out all of their "cloud" infrastructure capabilities will be happy to provide it at a lower perceived cost.

At some point, the true cost of having ones life in the cloud may become apparent, at least to some individuals, much like the true cost of living with security risks only becomes apparent to the people who suffer a devastating loss. So the question is, is the cost of the "insurance" (reduction of risk) provided by consciously avoiding the use of cloud services (and not getting all the cool gee-whiz benefits of those services) worth the mitigation of the risk of an eventual unknown impact of unknown magnitude (from the exposure of your data in the cloud)?

Re:30 or 60 days

[stealth_finger]

I'm sorry but the people selling you phone service keeping logs of your phone calls is one thing, the people that just made the phone have no business at all logging that data for any reason. But I guess it's ok though because apple did it and apple can do no wrong.

Re:Tim Cook is in your bedroom

[cayenne8]

So, I guess the answer to this is....DO NOT enable iCloud.

I don't use it....I never thought it was a good idea to have any of my phone info on Apple servers.

I back my phone up when I physically connect it to my home computer.

Android too

[trevc]

From the article Apple isn’t the only company syncing call logs to the cloud. Android phones do it as well, and Windows 10 mobile devices also sync call logs by default with other Windows 10 devices that use the same Microsoft account. Katalov said there are too many Android smartphone versions to test, but his company’s research indicates that call log syncing occurs only with Android 6.x and newer versions.

Apple working with phone service provider

[drnb]

I'm sorry but the people selling you phone service keeping logs of your phone calls is one thing, the people that just made the phone have no business at all logging that data for any reason. But I guess it's ok though because apple did it and apple can do no wrong.

With iCloud enabled calls to your iPhone are also routed to iPads or Macs so you can answer via FaceTime. Apple is "integrating" with your phone service provider.

Re:nobody Approves!

[Plumpaquatsch]

Same goes for you google.

But we didn't see a russian security firm level the same accusation at Google.

Reading comprehension fail. I said that Google needs to do it, I was not accusing Google of currently doing it.

If they don't, why do they say so in their Privacy Policy

When you use our services or view content provided by Google, we automatically collect and store certain information in server logs. This includes:
- telephony log information like your phone number, calling-party number, forwarding numbers, time and date of calls, duration of calls, SMS routing information and types of calls.

Reason why Russian security firms can't see that (*) is because it isn't stored accessible by you on your own Google account.
(*) Or can't tell you they can, because that would require hacking Google's server.