iPhone Quietly Stores All Call Logs to iCloud

iPhone Quietly Stores All Call Logs to iCloud - Elcomsoft company specialist and a regular contributor to "Hacker" Oleg Afonin drew public attention to the problem, which are familiar, some iPhone users. The fact is that sync with iCloud can be a double-edged sword, and many users do not even know it. All data about the user's calls are automatically synchronized with iCloud, among other things, to remove them from possible upon request of law enforcement. In theory, access to them can also be obtained by third parties.

iPhone Quietly Stores All Call Logs to iCloud

"On devices with iOS 8 and above your personal data is protected by your password. Apple can not retrieve the data at the request of law enforcement agencies on all iOS devices 8 and above, since all the files on them are protected by an encryption key, which is tied to the user's password, and Apple does not have them", explains Afonin.

However, the same can not be said about the iCloud, the same levels of protection do not apply to the cloud. According to the expert, cloud synchronization - a real gift for forensic and law enforcement agencies, because thanks to iCloud, they can get to the information that would be without clouds for them is simply unattainable.

Google Lifted The Veil of Secrecy Over It's Infrastructure

"The ability to remove the call logs from the cloud, rather than having to deal with complicated hardware protection of today's iPhone, it is a real boon for forensic" says the researcher.

For users, in turn, it can turn into a nightmare. The problem is not only that access to the data in the cloud to get much easier, but also in the fact that all synchronized data (including call logs and call the FaceTime, and data VoIP-applications such as WhatsApp, Skype, Viber or Facebook Messenger), visible for all devices with the same Apple ID, which is especially important for family members. On Apple's servers in the end turn out to be quite valuable meta data: phone number, date of calls, the data on their duration, information about missed calls, and so on.

Elcomsoft Phone Viewer

The researcher says that the data is synchronized, without the user's knowledge, virtually in real time, as soon as the device can communicate with the iCloud. Moreover, this feature can not be disabled, you can not selectively refuse to synchronize the call logs, continuing to use iCloud. The only way - to turn off iCloud at all (family, users can also use different accounts).

This Afonin wrote that, despite Apple's defense, using Elcomsoft Phone Breaker tool to extract data from the cloud, it is sufficient to know your Apple ID and iCloud-user password. Also suitable authentication token from the computer of the victim or suspect, that will be enough for both law enforcement and hackers. Elcomsoft Edition of Forbes representatives told that they were able to extract information from the cloud, more than four months ago.

In Apple's warnings to the researchers reacted calmly and said that nothing to worry about. According to representatives of Apple's, the data in the cloud are protected not worse, than on the device, for access to them will still require Apple ID and password. The company advised users to create strong passwords and to use two-factor authentication.