Digital ID

Why Apple logs your iMessage contacts and other metadata?

Every time you type a number to start an iMessage conversation on your iPhone, Apple logs your message contacts and other metadata.

In January 2015, experts claimed that Apple is not able to read messages sent between devices through iMessages, but reported that the company but it is still able to access data in the backups.

Apple has always confirmed that attackers cannot eavesdrop iMessage conversations, but according to a document obtained by The Intercept there is something that user should know.

According to the document, Apple logs contacts’ phone numbers and shares them, alongside with other metadata, with law enforcement.

The Intercept received the document, titled “iMessage FAQ for Law Enforcement,” as part of a cache originating from within the Florida Department of Law Enforcement’s Electronic Surveillance Support Team. The author of the document is not known, such as the final audience, it is designated for “Law Enforcement Sources” and “For Official Use Only.”

When Apple users type a number to start a text conversation, the Messages app contacts the company servers to determine whether to route a given message over the SMS system or over the Apple’s proprietary messaging network.

“Every time you type a number into your iPhone for a text conversation, the Messages app contacts Apple servers to determine whether to route a given message over the ubiquitous SMS system, represented in the app by those déclassé green text bubbles, or over Apple’s proprietary and more secure messaging network, represented by pleasant blue bubbles, according to the document.” states The Intercept website. “Apple records each query in which your phone calls home to see who’s in the iMessage system and who’s not.”

The log includes the date and time of the conversation and the user’s IP address, information that could allow identifying the user’s location. The IT giant is compelled to turn over this data via court orders for systems known as “pen registers” or “trap and trace devices.”

Apple told to The Intercept that it only retains these logs for a period of 30 days, but court orders can extend the period of additional 30-day periods.

 

Below the official statement from Apple:

“When law enforcement presents us with a valid subpoena or court order, we provide the requested information if it is in our possession. Because iMessage is encrypted end-to-end, we do not have access to the contents of those communications. In some cases, we are able to provide data from server logs that are generated from customers accessing certain apps on their devices. We work closely with law enforcement to help them understand what we can provide and make clear these query logs don’t contain the contents of conversations or prove that any communication actually took place.”

As explained in the document, and confirmed by Apple, the company is not able to access the content of the conversation, but why the company retails these logs?

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – iMessage, privacy)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco warns of password-spraying attacks targeting Secure Firewall devices

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services…

1 hour ago

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Hot Topic suffered credential stuffing attacks that exposed customers' personal information and partial payment data.…

5 hours ago

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

19 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

1 day ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

2 days ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

2 days ago

This website uses cookies.