I agree it's undesirable that call history is sent to Apple - but it's pretty easy to notice if you use facetime across devices that the call history is synced.
Namely, Apple chose to provide this information to government surveillance when they could have (and indeed promised) to design it in a way that allows for the iPhone to be used in sensitive situations and by people who need security from state coercion and violence.
Anyone who cares about state coercion and violence should know phone calls are about the least sensitive way to communicate.
So the probably-good-enough-for-most-folks way to deal with this is to just delete calls from your log that you don't want to get archived in iCloud for 4 months.
The sure way is to disable iCloud entirely, but that reduces convenience in all sorts of ways (syncing iTunes music, for instance).
The ideal would be for Apple to figure out how to provide the services of iCloud in such a manner that they don't have access to user data. Apparently they are working on that but it would obviously be a major change, and risky too.
Most people don't care that Apple has to see their data in order to sync, but boy will they be pissed if Apple makes their data permanently unreadable. Most people want to be able to go into an Apple store and get problems fixed. Imagine being an Apple retail tech and explaining to some 50-something lawyer that because they lost their password there is absolutely nothing you can do. "Sorry man--encryption."
I highly doubt that it is a hard deletion of data. My guess is that it would be a soft delete, so your call log won't show up on your iPhone, but the data will be retained on Apple's servers.
> One way call logs will disappear from the cloud is if a user deletes a particular call record from the log on their device; then it will also get deleted from their iCloud account during the next automatic synchronization.
That means both: 1) Consider your audience, and 2) Do a 'risk analysis' (Meaning figure out where the security issue starts to outweigh the convenience and describe the actual impact of the issue.)
This article (and Forbes') are both severely damaged by a failure to do either. Without stating the contexts where this call logging is a problem, and who it is likely to affect you end up writing alarmist nonsense- especially when the audience is the general public.
>> Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password.
Can't Apple ID password be reset? If so, how can it be a true encryption?
I think it uses the passcode you set on your phone, not the password of your iCloud account.
May be true, but
> access to iCloud data including backups requires the user’s Apple ID and password.
probably doesn't requires the passcode that the user have set, because this data is available across several devices, and the only common thing would be the Apple ID and its password.
Using Apple ID and password is (for the typical user) fairly weak encryption, though. That could be improved by having your devices exchange encryption keys.
Most of this data can be viewed on a macOS if you are signed in with the same iCloud account. It is stored in plist-files in a special folder called "SyncedPreferences".
~/Library/SyncedPreferences ~/Library/Containers/com.apple.corerecents.recentsd/Data/Library/SyncedPreferences
It has bothered me for a long time that there is no way to disable call log, text and email recipients syncing in preferences. While I can see how users might find this feature useful, it should be made more obvious what is actually happening when you sign into iCloud.
And by the way, disabling iCloud Drive does not disable the syncing of "SyncedPreferences".
This is despite Apple's PR statements claiming that the company has designed the phone and its logs to minimize or eliminate the amount of information will be used to feed into law enforcement surveillance requests.
There's total[0] privacy and then there's degrees of privacy and convenience. You can't have total privacy and total convenience. At least not presently.
[0] Total is one of those words like 'always' and 'never' that people should try and avoid. Myself included.
Encrypt the data using a password you enter on both devices and only transfer it encrypted across network?
What real benefits am i missing out on that outweigh the privacy aspects of not using it?
Find my iPhone would seem to be an obvious benefit, but are there any others?
More luddite doesn't always mean more secure.
