iPhones Secretly Send Call History To Apple, Security Firm Says

Russian digital forensics Elcomsoft says iPhones send near real-time logs to Apple servers even when iCloud backup is switched off. The firm adds that these logs are stored for up to four months. From a report on the Intercept:"You only need to have iCloud itself enabled" for the data to be sent, said Vladimir Katalov, CEO of Elcomsoft. The logs surreptitiously uploaded to Apple contain a list of all calls made and received on an iOS device, complete with phone numbers, dates and times, and duration. They also include missed and bypassed calls. Elcomsoft said Apple retains the data in a user's iCloud account for up to four months, providing a boon to law enforcement who may not be able to obtain the data either from the user's carrier, who may retain the data for only a short period, or from the user's device, if it's encrypted with an unbreakable passcode. "Absolutely this is an advantage [for law enforcement]," Robert Osgood, a former FBI supervisory agent who now directs a graduate program in computer forensics at George Mason University, said of Apple's call-history uploads. "Four months is a long time [to retain call logs]. It's generally 30 or 60 days for telecom providers, because they don't want to keep more [records] than they absolutely have to. So if Apple is holding data for four months, that could be a very interesting data repository and they may have data that the telecom provider might not."

off-shore revenue

[gti_guy]

Well, that's one way to ensure that your off-shore revenue doesn't get touched by the US govt -- provide users' call data to the US govt in exchange for the favor.

very interesting indeed

[roman_mir]

So if Apple is holding data for four months, that could be a very interesting data repository and they may have data that the telecom provider might not.

Cook: "In my point of view, [privacy] is a civil liberty that our Founding Fathers thought of a long time ago and concluded it was an essential part of what it was to be an American. Sort of on the level, if you will, with freedom of speech, freedom of the press."

So, Timmy, is privacy worth being protected or not? How is this 'protecting privacy'? Just because you can obtain these logs, why are you doing it?

Re:very interesting indeed

[Anubis+IV]

Just because you can obtain these logs, why are you doing it?

Apple already answered that question. From the article (yes, I'm guilty of reading it in this instance):

Apple acknowledged that the call logs are being synced and said it’s intentional.

“We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices,” an Apple spokesperson said in an email.”Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.”

Moreover, the article contradicts the headline's assertion that this was a "secret" collection of data, since Apple has apparently been up-front about the collection ever since it was added, having disclosed it in their security white papers over the last few years. Plus, users are apparently in control of the data still. Deleting the log on your phone syncs the deletion through to iCloud as well, allowing the user to delete the log at any time.

Of course, it would be better if Apple didn't have access to the data in the first place, and while Apple has announced their intent to encrypt things in such a way that they wouldn't be able to access them, the article rightly calls them out for having yet to actually do so in the 9 months since they announced those plans.

The article goes on to mention that this same call log syncing feature was added to newer versions of Android and Windows Phone as well, with the exact same caveats about it being impossible to turn off without turning off all syncing services. Neither Google or Microsoft were mentioned as having announced plans to encrypt the data to keep it out of their own hands, though I'd hope (but not expect that) they'd all jump on that bandwagon.

Yeah, and?

[squiggleslash]

I'm struggling to be outraged. iCloud stores a lot of stuff that's more personal than your call history, and for all Apple's faults, they've proven to be fairly strong on the privacy front.

(Also I'm still a little pissed that my BLU smartphone has been sending my SMS messages to China until today for reasons that nobody is willing to give an even vaguely plausible answer to.)

I'm not pro-Apple (see previous comments) but this isn't unexpected, secret, behavior. When you link your iDevice to something supposedly intended to keep it sync'd and backed up, this is exactly what you'd expect it to do. This isn't even a bug.

Re:Yeah, and?

[110010001000]

"Also I'm still a little pissed that my BLU smartphone has been sending my SMS messages to China"

Only a LITTLE pissed? Interesting.

Re:Yeah, and?

[MachineShedFred]

Without the user's knowledge?

So when they get a new device and the call history magically shows up after putting in the iCloud account and password, it's divining that through psychic feed or something?

No ability to control it?

Turn off iCloud. It no longer stores this information. Sounds like a fairly easy and basic control to me. Would it be better if there was an individual switch for this function? Probably, but at some point you end up with an overwhelming page of little switches for every single little thing, and it's a usability nightmare that most people wouldn't bother with anyway.

Litigation time!

Oh my god! You mean when Apple said they'd store all the data on my phone remotely for me, the madmen actually went and did it?

I'm suing.

FTA - Nefarious or just stupidity.

[the_skywise]

"“We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices,” an Apple spokesperson said in an email.”Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.”

Not defending Apple here and I only have an iPhone (no other part of the Apple ecosystem) so I can't speak to the need (or usefulness) of being able to return a call from my iPad or Mac if I miss a call from my iPhone. This just smacks of more Siri/cloud/Cortana data collection garbage to me.

Heck, I'd have the iCloud completely turned off still if it weren't for their "new" feature where they stopped syncing with Outlook notes and I had to have someway of backing up/sync'ing note items with the rest of my PCs. (I backup my iPhone to an abacus at home...)

Re:FTA - Nefarious or just stupidity.

[MachineShedFred]

I used this just today actually - I left my phone in my bedroom on it's charger, and I missed a call. I was able to click a 'redial' button on my MacBook Pro and return the call.

It was rather convenient, actually.

Re:30 or 60 days

[stealth_finger]

I'm sorry but the people selling you phone service keeping logs of your phone calls is one thing, the people that just made the phone have no business at all logging that data for any reason. But I guess it's ok though because apple did it and apple can do no wrong.