Apple Logs Your iMessage Contacts and IP Addresses

Following Allo's failed privacy promises, security experts have discovered that Apple hasn't been providing its promised privacy features with iMessage either. Apple promises that your iMessage conversations are safe and are limited to your ain access. New research discovers that the premier messaging service does leave some breadcrumbs that can exist accessed by law enforcement and others.

The Cupertino tech behemothic won all hearts with its battle with the FBI over user privacy. The San Bernardino case became ane of the almost talked-about cases of the year as the FBI tried to employ it to forcefulness tech companies into handing over data and creating security vulnerabilities in their own products. Apple stayed firm on its position of protecting user privacy over law enforcement's incessant and often ridiculous demands of weakening user security, and came out as a adamant privacy abet.

Apple tree logs your iMessage contacts

The company promises that its iMessage service, like Telegram and WhatsApp, is free from government snooping, as the company doesn't shop anything on its own servers. A latest report past The Intercept reveals that if compelled by a court order, Apple can reveal details nigh a user's iMessage contacts and IP addresses.

It's non surprising that Apple has to shop some metadata in its own servers in order to verify whether the recipient uses iMessage or non. While this data could be used by the country agencies, what is worrying is Apple tree retaining the IP addresses. For a company that has remained outspoken about user privacy, this goes against its own fight over user privacy. Apple has previously claimed that the company doesn't "store data related to customers' location." Nonetheless, this information could very well exist used to rail iMessage users despite them believing that they are using a service that touts end-to-finish encryption as its primary feature.

Conversations which take place over iMessage and FaceTime are protected by end-to-end encryption then no ane but the sender and receiver can meet or read them. Apple tree cannot decrypt that information. Similarly, we do non store information related to customers' location, Map searches or Siri requests in any identifiable class. - Apple in 2022

The visitor doesn't have access to the actual conversations. Only this metadata can exist used by sophisticated threat actors (or government agencies) to piece together information. Apple confirmed to The Intercept that these logs are only stored for 30 days. Withal, as the publication has pointed out, "court orders of this kind tin can typically be extended in an boosted 30-day periods, pregnant a series of monthlong log snapshots from Apple could be strung together by police to create a longer listing of whose numbers someone has been entering."

When law enforcement presents u.s.a. with a valid subpoena or court lodge, nosotros provide the requested data if it is in our possession. Because iMessage is encrypted cease-to-terminate, nosotros do not have access to the contents of those communications. In some cases, nosotros are able to provide data from server logs that are generated from customers accessing certain apps on their devices. We piece of work closely with law enforcement to help them understand what we can provide and make clear these query logs don't contain the contents of conversations or prove that any communication really took identify. - Apple'south response.

It is a routine practice for communication agencies like phone companies to paw over client metadata to law enforcement. Merely iMessage is considered every bit a relatively secure culling to texting. Making it possible for LEAs to track iMessage users goes against the promises that Apple has made to its users. While we do need more than technology companies to start vocally advocating user privacy and security, tech leaders also need to be more than open about the technical details that are kept hidden under the cloaks and may reveal potentially risky information about users.

- These details come from a document "iMessage FAQ for Police force Enforcement," part of a much larger cache originating from a state constabulary agency, "The Florida Department of Constabulary Enforcement's Electronic Surveillance Back up Squad."

Source & Prototype

Source: https://wccftech.com/apple-logs-imessage-contacts-ip-addresses/

Posted by: tayloragpich.blogspot.com

Share this post