iPhones send call history to Apple, security firm says(theintercept.com) |
iPhones send call history to Apple, security firm says(theintercept.com) |
I agree it's undesirable that call history is sent to Apple - but it's pretty easy to notice if you use facetime across devices that the call history is synced.
Namely, Apple chose to provide this information to government surveillance when they could have (and indeed promised) to design it in a way that allows for the iPhone to be used in sensitive situations and by people who need security from state coercion and violence.
Anyone who cares about state coercion and violence should know phone calls are about the least sensitive way to communicate.
So the probably-good-enough-for-most-folks way to deal with this is to just delete calls from your log that you don't want to get archived in iCloud for 4 months.
The sure way is to disable iCloud entirely, but that reduces convenience in all sorts of ways (syncing iTunes music, for instance).
The ideal would be for Apple to figure out how to provide the services of iCloud in such a manner that they don't have access to user data. Apparently they are working on that but it would obviously be a major change, and risky too.
Most people don't care that Apple has to see their data in order to sync, but boy will they be pissed if Apple makes their data permanently unreadable. Most people want to be able to go into an Apple store and get problems fixed. Imagine being an Apple retail tech and explaining to some 50-something lawyer that because they lost their password there is absolutely nothing you can do. "Sorry man--encryption."
I highly doubt that it is a hard deletion of data. My guess is that it would be a soft delete, so your call log won't show up on your iPhone, but the data will be retained on Apple's servers.
> One way call logs will disappear from the cloud is if a user deletes a particular call record from the log on their device; then it will also get deleted from their iCloud account during the next automatic synchronization.
That means both: 1) Consider your audience, and 2) Do a 'risk analysis' (Meaning figure out where the security issue starts to outweigh the convenience and describe the actual impact of the issue.)
This article (and Forbes') are both severely damaged by a failure to do either. Without stating the contexts where this call logging is a problem, and who it is likely to affect you end up writing alarmist nonsense- especially when the audience is the general public.
>> Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password.
Can't Apple ID password be reset? If so, how can it be a true encryption?
I think it uses the passcode you set on your phone, not the password of your iCloud account.
May be true, but
> access to iCloud data including backups requires the user’s Apple ID and password.
probably doesn't requires the passcode that the user have set, because this data is available across several devices, and the only common thing would be the Apple ID and its password.
Using Apple ID and password is (for the typical user) fairly weak encryption, though. That could be improved by having your devices exchange encryption keys.
Most of this data can be viewed on a macOS if you are signed in with the same iCloud account. It is stored in plist-files in a special folder called "SyncedPreferences".
~/Library/SyncedPreferences ~/Library/Containers/com.apple.corerecents.recentsd/Data/Library/SyncedPreferences
It has bothered me for a long time that there is no way to disable call log, text and email recipients syncing in preferences. While I can see how users might find this feature useful, it should be made more obvious what is actually happening when you sign into iCloud.
And by the way, disabling iCloud Drive does not disable the syncing of "SyncedPreferences".
This is despite Apple's PR statements claiming that the company has designed the phone and its logs to minimize or eliminate the amount of information will be used to feed into law enforcement surveillance requests.
There's total[0] privacy and then there's degrees of privacy and convenience. You can't have total privacy and total convenience. At least not presently.
[0] Total is one of those words like 'always' and 'never' that people should try and avoid. Myself included.
Encrypt the data using a password you enter on both devices and only transfer it encrypted across network?
What real benefits am i missing out on that outweigh the privacy aspects of not using it?
Find my iPhone would seem to be an obvious benefit, but are there any others?
More luddite doesn't always mean more secure.
That said, I don't know what Apple actually does. I know they use HSMs, but most of the info about how that works is about Keychain syncing, which is done a bit differently than other iCloud data syncing.
This is not familiar to me at all. If true, note the remaining points: the manner in which this data was synchronized allowed this material to be provided to law enforcement (Apple had other options) and Apple also included information from third party communication tools used by some people (mistakenly) to avoid being surveilled.
Also, here: http://www.apple.com/in/privacy/government-information-reque...
I do not understand why this is even a discussion, either folks are being disingenuous on purpose, or maybe it is truly a matter of not understanding how it works.
Any data on iCloud which is not encrypted (for example: webmail) or Apple servers (example: Activation information) can definitely be requested by LE. This is a known fact, and as Apple has the data they are required by law to hand it over upon getting a proper subpoena for it. Whether they should be retaining those logs is another matter and can surely be debated.
With regards to iCloud data, the Keychain as well as a great deal of the stored data is now encrypted addditionally by your device passphrase. This is new, and was not the case for the SB iPhone 5c, for what it is worth.
https://tidbits.com/article/14557
It involves hardware security modules, cross-device crypto signing and other fun stuff. Apple cannot access the data they store about you on their servers.
From Apple's documentation:
Apple designed iCloud Keychain and Keychain Recovery so that a user’s passwords are still protected under the following conditions:
- A user’s iCloud account is compromised.
- iCloud is compromised by an external attacker or employee.
- Third-party access to user accounts.
And remember Apple is a positioning iCloud as a cloud for dummies solution so adding choice comes with trade offs.
Have you ever measured the battery life of a battery still in the package? It's amazing, standby time is like years.
Other data in iCloud is generally under less extreme levels of security. This isn't to say that it's insecure, merely that it's not as fanatically protected. Some of it may be accessible by resetting your account password.