APPLE USERS are having their call records stored in the company’s iCloud servers in a way that can be extracted by third parties.
Russian software house ElcomSoft has revealed that it has found a way to extract the data in near real time, for anyone targeting a phone with iOS 9 or above.
The company has released an app called ElcomSoft Phone Breaker 6.20, capable of performing its nefarious mischief even on a locked, PIN-protected phone.
Naturally, this news is more an act of software promotion than anthropology, but we thought it was so blooming important that we'd tell you about it.
"The latest update of ElcomSoft Phone Breaker offers forensic experts the ability to acquire calls from the cloud just minutes after they've been placed or received," explained Vladimir Katalov, ElcomSoft CEO.
"More and more data is saved into the cloud, with little to no control left to the end user. This allowed us to build a great acquisition tool capable of near real-time access to calls being made with iOS devices."
It can also be used by the intelligence services, police and bored nerds.
ElcomSoft pointed out that this is possible because Apple doesn’t offer the option to turn off syncing of call history in the most recent versions of iOS.
The app can also download synced contacts. The latter requires access to the Apple ID, password and an iCloud authentication token from the user’s Mac or PC.
The difficulty of the latter serves only to emphasise the huge security hole represented by the former.
The debate over the use of this tactic by law enforcement, for which the app is primarily designed, has been a hot topic over recent months, not least in the discussions over Apple’s refusal to release the codes of a terrorist’s phone to the FBI.
Of course, as it turns out, it looks like they need not have bothered.
ElcomSoft has produced 'white hacker' products since the nineties, but getting them into the wrong hands can make anything, even well intended, a disaster. µ
And the nostril-facing webcam has been replaced
No port in a publicity storm
It never worked properly, so why fix it
Memo reveals firm's latest plan to pacify angry Mac owners