12 comments

[ 2.7 ms ] story [ 39.5 ms ] thread
> there is no way to turn that syncing off, apart from just disabling iCloud Drive completely

Oh, well, glad that was the first thing I did when I got an iPhone :p

Your smartphone isn't connected to a cloud service?!
How is it that surprising that they don't use iCloud drive on their phone?
I'm wondering if they used an alternative or none at all. My smartphone would be much less useful without a cloud service.
The first thing my phone asked me when I was setting it up was whether I wanted to enable iCloud backups, and I declined to create an account.
So much for Apple being the security-conscious choice
But if Microsoft does this Everyone loses their minds.
How is that shocking news?

I've setup my iPhone 7 from scratch without backup and curiously found my call log after logging into iCloud again. I was surprised but didn't think too much about it (my privacy threshold is perfectly fine with meta data being privately stored 'in the cloud') and it's not exactly hidden.

https://theintercept.com/2016/11/17/iphones-secretly-send-ca...

  It’s not just regular call logs that get sent to Apple’s
  servers. FaceTime, which is used to make audio and video calls
  on iOS devices, also syncs call history to iCloud
  automatically, according to Elcomsoft. The company believes
  syncing of both regular calls and FaceTime call logs goes back
  to at least iOS 8.2, which Apple released in March 2015.

  ...

  Generally, if someone were to attempt to download data in an
  iCloud account, the system would email a notification to the
  account owner. But Katalov said no notification occurs when
  someone downloads synced call logs from iCloud.

  Apple acknowledged that the call logs are being synced and said
  it’s intentional.
Note to media companies (and everyone else) talking about security: You have to put security elements in context to say anything reasonable

That means both: 1) Consider your audience, and 2) Do a 'risk analysis' (Meaning figure out where the security issue starts to outweigh the convenience and describe the actual impact of the issue.)

This article (and the Intercept's) are both severely damaged by a failure to do either. Without stating the contexts where this call logging is a problem, and who it is likely to affect you end up writing alarmist nonsense- especially when the audience is the general public.