Russian experts found that the deleted user notes “indefinitely” stored in iCloud
Specialists Elcomsoft found that notes users have deleted on the mobile Apple gadgets remain in iCloud indefinitely. As reported in the Russian company, we are talking about devices on iOS 8.1 and later versions.
Why notes are stored in the “cloud”? Primarily for the convenience of the user. To synced notes can be accessed from mobile devices and computer through the website iCloud.com. While the notes are in the cloud Apple, as it turns out, fall back on the “eternal” storage.
“What will happen with the deleted notes after 30 days? In theory, the notes will be permanently deleted from the “cloud”. In practice, notes from the cloud disappear (become unavailable for viewing in the usual ways), but not deleted, and you can download them and view with Elcomsoft Phone Breaker 6.50 and the latest version of Elcomsoft Phone Viewer,” – says Oleg Afonin Elcomsoft from.
The expert explains that notes the user is a godsend for a spy to be a valuable tool in the hands of cybercriminals. And when it comes to Apple devices, iCloud is working for them continuously (if enabled), and the cloud contains a lot of useful information that may help the investigation or prove to be a valuable source of data during surveillance.
The function of “Recently Deleted”, which first appeared in iOS version 8.1, sends deleted notes on temporary storage. Within 30 days, the user can change his decision and return the note, or it will be gone forever. In any case, so says the official documentation of Apple.
In reality, however, the notes continue to be stored in the cloud and for an indefinite time may be available to an unknown number of people.
“It should be noted that access to your notes that have been deleted more than 30 days ago — exclusive Elcomsoft Phone Breaker. Any regular methods or using other third-party tools, such notes extract does not work”, – said the developers.
According to experts, the confidential information of Russian users, contrary to law, still kept on the territory of the United States.
In addition, it is known that on request of the security services, the company can give them photographs, documents, notes, contacts, calendars, browser bookmarks, and backups of iOS devices. Thus, the American law enforcement authorities can have access to information, remote users.
However, Russian experts admit that they discovered a vulnerability in iCloud is just a bug the developers, and not maliciously left a loophole.