Apple confirms iOS backdoors, researcher says explanation is misleading
Posted on 24 July 2014.
In the wake of the discovery of undocumented features in Apple's iOS that can serve as backdoors, the company has modified a knowledge base article to enumerate and explain the three questionable services found by iOS forensics expert Jonathan Zdziarski.


The pcapd utility, it is explained, "supports diagnostic packet capture from an iOS device to a trusted computer," and is used for "troubleshooting and diagnosing issues with apps on the device as well as enterprise VPN connections."

The file_relay service is also used for diagnostics and by Apple engineering to qualify customer configurations. "This service is separate from user-generated backups, does not have access to all data on the device, and respects iOS Data Protection," they claim.

Finally, house_arrest "is used by iTunes to transfer documents to and from an iOS device for apps that support this functionality," as well as during app development to transfer test data.

Zdziarski commented on this by saying that the problem with pcapd is that it can be be activated on any device wirelessly, without the userís knowledge or permission and can, therefore, be used for snooping by third parties in a privileged position.

"Apple is being completely misleading by claiming that file relay is only for copying diagnostic data. If, by diagnostic data, you mean the userís complete photo album, their SMS, Notes, Address Book, GeoLocation data, screenshots of the last thing they were looking at, and a ton of other personal data Ė then sureÖ but this data is far too personal in nature to ever be needed for diagnostics," he added.

He also pointed out that, again, the user is never asked for permission to dump all of this data, or notified in any way. The service can be used wirelessly, and it also doesn't respect the device's backup encryption, he says.

He says that, yes, iTunes and Xcode use the house_arrest service, but it can also be used to access sensitive app information, including private conversations and OAuth tokens. "This is not a back door, rather a privileged access thatís available here that really doesnít need to be there (or at least could be engineered differently)," he pointed out.

He made sure to note that he doesn't claim that these backdoors were put there intentionally at the behest of the NSA or other authorities.

"What does concern me is that Apple appears to be completely misleading about some of these (especially file relay), and not addressing the issues I raised on others," he noted, adding that he hopes that the company will quietly fix many of these in future versions of the mobile OS. "It would be wildly irresponsible for Apple not to address these issues, especially now that the public knows about them," he concluded.









Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Sep 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //