In an exclusive interview with Forbes, Elecomsoft CEO Vladimir Katalov explained how Apple’s iPhone is sending periodic, up-to-the-moment call logs directly to the company’s servers — even when iCloud’s Backup feature is disabled on their device. Furthermore, according to Katalov, these call logs are stored by Apple for up to four months.
Elecomsoft — the infamous, Russian-based iOS hacking firm that Katalov heads — is known best for selling iPhone/iOS cracking tools to governments and private corporations. Katalov explained to Forbes how it isn’t just traditional, user-to-user phone calls that Apple is logging, either; and that, according to his findings, iOS 10 has only expanded the scope of this call logging. “All FaceTime calls are logged in the iCloud too, whilst as of iOS 10 incoming missed calls from apps like WhatsApp and Skype are uploaded,” Katalov explained. However, Katalov cautioned, it appears that the expanded assortment of call logs are uploaded to Apple’s servers only when the user’s iPhone has iCloud Drive enabled.
“Syncing call logs happens almost in real time, though sometimes only in a few hours,” Katalov noted. “But all you need to have is just iCloud Drive enabled, and there is no way to turn that syncing off, apart from just disabling iCloud Drive completely. In that case many applications will stop working or lose iCloud-related features completely.”
Elecomsoft executives further noted that while Apple claims on its website how “FaceTime call logs are only stored for 30 days,” the Cupertino-company fails to disclose that it actually holds onto those, and other, call logs even longer — in some cases, for months; and that these call logs, be default, will be sent straight to Apple’s servers even when iCloud’s Backup feature is disabled.
“Synced data contains full information including call duration and both parties. We were able to extract information going back more than four months,” Katalov quipped.
While some might be quick to think what all this means is that Apple is inadvertently “spying” on them, seasoned iOS forensics expert, Johnathan Zdziarski, was quick to point out that this apparent call logging may be more of an oversight on Apple’s end — rather than a blatant attempt to store and exploit the information it’s so deeply trusted with keeping private.
“I suspect that this is probably more of an engineering issue around making handoff work when you are answering calls between your phone and your desktop, or if you’re using FaceTime on your desktop,” Zdziarski pointed out. “They need to be able to sync a lot of that call data. I suspect whatever software engineer wrote that part of it probably decided to just go and stick that data in your iCloud Drive because that’s kind of what its purpose is. I’m convinced it wasn’t very well thought out if that’s the case.”
Apple, for it’s part, has not yet addressed any of these claims. Instead, the company provided only the following statement:
“We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices. Apple is deeply committed to safeguarding our customers’ data. That’s why we give our customers the ability to keep their data private. Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.”
What do you think about Apple’s call logging initiative? Let us know in the comments!