Apple seems to be an advocate of their users’ privacy, on the outside at least.
You may remember the conflict between Apple and FBI over the San Bernardino shooter Syed Rizwan Farook’s iPhone. Apparently FBI demanded access to the shooter’s phone while Apple denied it and said they are not going to help them crack into the shooter’s phone which will lead to FBI having the tools to crack other iPhones as well.
As it turns out, Apple is no better than Google and Facebook and it also gathers private data from users’s phones. They do it via iCloud.
Elcomsoft, the iCloud data extractor
Russian digital forensics company, Elcomsoft, claims that Apple’s phones automatically send data to the company’s servers if the user has iCloud enabled. Whats more, the data is uploaded without user’s consent and without a notification of any sort.
The call logs uploaded to Apple’s servers contain a list of all calls made from the phone, with the phone numbers, dates, times and the duration of the calls. Missed and bypassed calls are also included in these logs. Elcomsoft says that Apple keeps the call log data for up to 4 months on the iCloud servers.
Anyone Can Gain Access to It With a Court Order
Any law enforcement agency can obtain this data through a court order from the iCloud if they cannot access it directly from the phone. Under the order Apple will be bound to hand over the call logs to law enforcement departments like FBI or intelligence agencies like the CIA.
Big carriers in the U.S can retain call logs for up to a year as well. Facetime calls (audio and video calls on iPhone) are also logged and the data is sent to iCloud the same way as regular call data. The iCloud syncing of these logs go back to iOS 8.2, which was released in March 2015.
As for devices with iOS 10, any third party apps which also have the audio/video call facility like Skype, WhatsApp, Viber etc also get their call logs sent to iCloud.
FBI uses Elcomsoft’s code to break into phones
Elcomsoft is releasing an update to their Phone Breaker software tool which can extract the call logs from iCloud through an account owner’s credentials. Elcomsoft’s tools are used by law enforcement agencies, corporate security departments and even individual customers. The company leases its code to Cellebrite, an Israeli firm that the FBI uses on a regular basis to hack into phones and iCloud data.
There is also a way to gain access to someone’s iCloud data log without their credentials. If you can get an authentication token from the user’s computer you can get into their iCloud data directly. You can even get past the two-factor authentication.
Note that once you have access to someone’s iCloud account you gain access to all their data saved on iCloud. This includes photos and videos as well.
Celebrity photo leak caused by Elcomsoft’s tools
The private images of celebrities which were leaked online were also due to the hacker gaining access to their iCloud data. The hacker reportedly used Elcomsoft’s tool to extract the data from their iCloud accounts.
Earlier we reported on Android phones having a backdoor which allows Shanghai AdUps Technology to log data from over 700 million Android phones. This shows that iPhones aren’t far behind and are equally liable to have their data breached and leaked.
Via The Intercept