Iphones secretly send your call history to Apple's cloud, even after you tell them not to


#1

Originally published at: http://boingboing.net/2016/11/17/iphones-secretly-send-your-cal.html


#2

No, they do that for iphone users, not all people generally. Otherwise, iphones have no access to ones call history. But - that should be obvious…


#3

Hmm, I had assumed that it did that after my call history was restored onto my phone after wiping it.


#4

Ok, I’ll bite. What setting is this that Apple is supposedly not respecting because looking at my iPhone I can’t find it…

… and for many this would be considered a feature.


#5

Relax! What’s the worst that could happen?


#6

I just saw this KB article from Apple that states that among the things that are inclucded in iCloud backups are call history and text messages.

I guess this makes me a security researcher too?

ETA: Interestingly the link when viewed from my phone shows a modification date of 11/17 and includes “call history” as one of the bullet points, while the link when viewed from my computer has a modification date of 10/31 and doesn’t include call history. I wonder if they just quietly changed their KB as a result of this story.


#7

After RTFA I can safely say that as usual this is a bunch of FUD from Cory.

iCloud backs up all of your device data including call history, Skype call history, and so on because that’s what it’s supposed to do. If you’ve ever restored a backup from iCloud onto an iDevice you’ll see that it perfectly preserves just about all your data. It’s not an “undocumented, secret synchronization”, it’s something you have to explicitly enable. It’s something most customers actually want.

If you don’t like it, then don’t back up to iCloud and use encrypted local backups. You’ll still be able to restore all of your data but the trade off is you have to have your device connected to iTunes rather than being able to do it over the Internet.

As with most things security and cloud related, by using cloud services you’re making a trade off of security for convenience.

ETA:

I remember reading earlier this year that Apple was working on a solution for this problem but AFAIK it hasn’t yet been implemented (or if it has, it’s been done quietly).


#8

From the linked article it sounds as though the call logs are synced separately from backups: “Even if users disable the backups, their call logs will still get synced to Apple’s servers.”.

As I read the article, you can’t prevent the log being sent, though they would be deleted if you remove them from the local device.


#9

Right. Though I grant that some people might like more granular control or even just more obvious notification that it’s happening.


#10

Reading the article it sounds like if you have iCloud enabled, your call logs are sucked in with the other data – but there’s no switch to turn this on/off. There’s actually a lot of things you don’t have granular control over. Apple pretty plainly discloses what is backed up when you have iCloud enabled.

Also just to be clear because it is a little confusing, enabling iCloud sync a bucket of data – which is different than “iCloud Backup”. iCloud Backup is a device-specific backup which is different than iCloud synchronization.

For whatever reason, Apple puts messages and calls as “synchronizable” data versus “back up” data. That makes sense to me; if I have multiple iDevices, I don’t want to necessarily restore an iPhone backup to an iPad, but I sure as hell want my messages and call logs to be in sync.

As @JonBristow mentioned, it would be great if there were more knobs to twiddle this for the security/privacy conscious but I would argue the truly security/privacy conscious would opt out of iCloud completely and instead use encrypted local backups.

To be clear I’m not defending any of these design decisions or distinctions (backup vs sync and so on). I don’t think there’s anything malicious or secret going on here. This just strikes me as yet another article where Cory is presenting a bunch of FUD and half-baked facts to push his own personal agenda.


#11

Apple could easily encrypt icloud backups. But then if you forget your password, you lose your data. You can either have unencrypted backups, which make it easy to recover your precious data when someone forgets their password and has to replace their phone; Or you can encrypt the backups and then if you don’t recall your password you are screwed when you lose or break your phone.

Since most people care a lot more about preserving their family photos than about the hypothetical risk some NSA spook is going to be looking at their emails, Apple has wisely chosen to err on the side of preserving access to data. For people who are likely to be targeted by the authorities, there’s always wired backups to a PC.


#12

Exactly this. It’s a trade off of security vs convenience.

That said, if Apple provided an option of “encrypt your data on our servers with your own private key option” with a big disclosure of “if you lose your private key, you’re fucked and your data is forfeit” I’m sure folks would opt into this as it could provide a good compromise of security and convenience along with a CYA for Apple.


#13

I’m in agreement really, think we just crossed wires in terminology. There’s certainly no feature or setting that Apple is ignoring, as claimed by Cory in the headline.


#14

This behaviour is not undocumented - it’s in Apple’s iOS Security whitepaper, along with their Legal Process guidelines, and has been for quite some time. See the links here: http://www.macrumors.com/2016/11/17/apple-says-icloud-call-syncing-intentional/

It’s also documented on Apple’s “What iCloud Backs Up” page (although I can see why you might think that turning off iCloud backups would disable the feature, if you were only aware of this page).

A tad bit sensationalized, Cory.


#15

Well, you just described Cory when it comes to Apple.

Such a rebel.


#16

Key phrase here: “I was just kidding.”


#17

only one android point though


#18

Sure but that’s par for the course


#19

This topic was automatically closed after 5 days. New replies are no longer allowed.