Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

iPhone Call Logs Quietly Synced to iCloud, Forensics Firm Warns

A log of all phone calls made from iPhone devices running iOS 8 or newer may be automatically synchronized to iCloud and susceptible to third-party access, digital forensics and IT security solutions provider Elcomsoft has warned.

A log of all phone calls made from iPhone devices running iOS 8 or newer may be automatically synchronized to iCloud and susceptible to third-party access, digital forensics and IT security solutions provider Elcomsoft has warned.

The issue, Elcomsoft’s Oleg Afonin explains, is not only that call records are synced to iCloud (when iCloud is enabled) regardless of whether the user wants that to happen or not, but also that iCloud data is loosely protected. Thus, if user’s calls are synced to the cloud, Apple themselves and third-parties with access to the proper credentials could extract them.

What’s more, all of the information stored in iCloud is available for law enforcement upon request, unlike data stored exclusively on the device, which Apple has said numerous times it cannot access.

In fact, Apple entered a spat with the FBI earlier this year when it refused to help decrypt the iPhone of San Bernardino shooter Syed Rizwan Farook, claiming that the Bureau was actually requesting a backdoor to be included in all iPhone devices. Eventually, the FBI received help from a third-party firm, but the quarrel went viral as large tech companies expressed their support for Apple. Some even announced plans to improve their encryption to provide users with increased privacy.

“On devices running iOS 8 and later versions, your personal data is placed under the protection of your passcode. For all devices running iOS 8 and later versions, Apple will not perform iOS data extractions in response to government search warrants because the files to be extracted are protected by an encryption key that is tied to the user’s passcode, which Apple does not possess,” Apple says.

However, the same is not true about data saved on iCloud, because the same encryption level no longer applies to it. In Afonin’s opinion, the cloud syncing functionality is actually a blessing for forensic researchers and law enforcement agencies, as they can access user information that would otherwise be out of reach, because of the privacy features in iOS.  

“The ability to extract call logs from the cloud instead of having to deal with the tough hardware protection of todays’ iPhones can be a blessing for forensic examiners,” Afonin says.

iPhone Call Log

For users, however, this is a privacy nightmare. Not only is access to their data much easier, for Apple and for anyone with the right credentials, but the synced data – in this instance, call logs – is visible on all devices on which the same Apple ID is used.

Advertisement. Scroll to continue reading.

If a user has two iPhones but a single Apple ID, the calls will appear on both devices. If two people share the same Apple ID, they will have visibility into each other’s calls. What’s more, if one of them clears the calls list on their device, the other user/device will be impacted as well.

The only way to avoid that, Elcomsoft says, is to disable iCloud Drive functionality on the iPhone. The move will not affect features such as iCloud Photo Library or iCloud backups, but will affect the syncing of data for third-party apps that rely on iCloud Drive for that. Increased privacy, it seems, comes at a cost.

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Cybercrime

Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of...

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...