Forensic Expert Questions Covert 'Backdoor' Services Included in iOS by Apple

iOS7-smallAs part of a recent Hackers On Planet Earth (HOPE/X) conference presentation, forensic scientist and iPhone jailbreak expert Jonathan Zdziarski detailed several backdoor security mechanisms that are secretly included in iOS by Apple. These mechanisms make covert data collection easier for Apple and governmental authorities, reports Zdziarski via ZDNet.

Zdziarski confirms that iOS is reasonably secure from attack by a malicious hacker, but notes that the mobile OS includes several forensic services and noticeable design omissions that make the OS vulnerable to snooping by forensic tools.

These services, such as "lockdownd," "pcapd" and "mobile.file_relay," can bypass encrypted backups to obtain data and can be utilized via USB, Wi-Fi and possibly cellular. They also are not documented by Apple and are not developer or carrier tools as they access personal data that would be not used for network testing or app debugging purposes.

While detailing these backdoors, Zdziarski makes it clear he is not a conspiracy theorist, but does want to know why Apple appears to be deliberately compromising the security of the iPhone and opening the door to professional, covert data access.

I am not suggesting some grand conspiracy; there are, however, some services running in iOS that shouldn’t be there, that were intentionally added by Apple as part of the firmware, and that bypass backup encryption while copying more of your personal data than ever should come off the phone for the average consumer. I think at the very least, this warrants an explanation and disclosure to the some 600 million customers out there running iOS devices. At the same time, this is NOT a zero day and NOT some widespread security emergency. My paranoia level is tweaked, but not going crazy. My hope is that Apple will correct the problem. Nothing less, nothing more. I want these services off my phone. They don’t belong there.

Zdziarski also notes that he isn't the only one aware of these backdoors. Several existing forensic software companies, such as Cellebrite and Elcomsoft, are already exploiting them as part of the forensic services they provide to law enforcement.

Consumers who want to limit access to these backdoor services are advised by Zdziarski to enable a complex passcode in iOS and use the enterprise Apple Configurator application to set Mobile Device Management (MDM) restrictions and enable Pair locking which will delete all pairing records. This solution will block third-party forensic software, but won't protect the device contents if it is sent to Apple for analysis.

Update 7:00 PM PT: Apple has released a statement to Tim Bradshaw of the Financial Times, denying Zdziarski's claims.

We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers, and Apple for troubleshooting technical issues. A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent.

As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Popular Stories

apple watch ultra yellow

What's Next for the Apple Watch Ultra 3 and Apple Watch SE 3

Friday April 25, 2025 2:44 pm PDT by
This week marks the 10th anniversary of the Apple Watch, which launched on April 24, 2015. Yesterday, we recapped features rumored for the Apple Watch Series 11, but since 2015, the Apple Watch has also branched out into the Apple Watch Ultra and the Apple Watch SE, so we thought we'd take a look at what's next for those product lines, too. 2025 Apple Watch Ultra 3 Apple didn't update the...
iphone 16 display

iPhone 17's Scratch Resistant Anti-Reflective Display Coating Canceled

Monday April 28, 2025 12:48 pm PDT by
Apple may have canceled the super scratch resistant anti-reflective display coating that it planned to use for the iPhone 17 Pro models, according to a source with reliable information that spoke to MacRumors. Last spring, Weibo leaker Instant Digital suggested Apple was working on a new anti-reflective display layer that was more scratch resistant than the Ceramic Shield. We haven't heard...
iPhone 17 Air Pastel Feature

iPhone 17 Reaches Key Milestone Ahead of Mass Production

Monday April 28, 2025 8:44 am PDT by
Apple has completed Engineering Validation Testing (EVT) for at least one iPhone 17 model, according to a paywalled preview of an upcoming DigiTimes report. iPhone 17 Air mockup based on rumored design The EVT stage involves Apple testing iPhone 17 prototypes to ensure the hardware works as expected. There are still DVT (Design Validation Test) and PVT (Production Validation Test) stages to...
Beyond iPhone 13 Better Blue

20th Anniversary iPhone Likely to Be Made in China Due to 'Extraordinarily Complex' Design

Monday April 28, 2025 4:29 am PDT by
Apple will likely manufacture its 20th anniversary iPhone models in China, despite broader efforts to shift production to India, according to Bloomberg's Mark Gurman. In 2027, Apple is planning a "major shake-up" for the iPhone lineup to mark two decades since the original model launched. Gurman's previous reporting indicates the company will introduce a foldable iPhone alongside a "bold"...
iPhone 17 Air Pastel Feature

iPhone 17 Air Launching Later This Year With These 16 New Features

Thursday April 24, 2025 8:24 am PDT by
While the so-called "iPhone 17 Air" is not expected to launch until September, there are already plenty of rumors about the ultra-thin device. Overall, the iPhone 17 Air sounds like a mixed bag. While the device is expected to have an impressively thin and light design, rumors indicate it will have some compromises compared to iPhone 17 Pro models, including only a single rear camera, a...
iPhone 17 Pro Blue Feature Tighter Crop

iPhone 17 Pro Launching Later This Year With These 13 New Features

Wednesday April 23, 2025 8:31 am PDT by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models as of April 2025: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone ...

Top Rated Comments

Hustler1337 Avatar
141 months ago
There is no reason to believe Apple would ever do anything to deliberately compromise the security of our data. Apple is the one company that strives to do everything to protect us and our privacy from prying eyes.

This article says otherwise.
Score: 79 Votes (Like | Disagree)
ArtOfWarfare Avatar
141 months ago
I don't understand why people get so worked up about this sort of thing.

Those backdoors are there for your protection. They are put there for the exclusive use of the governments who we democratically elected. i.e.: the good guys.

We should all stop being so suspicious, and learn to fully trust the NSA and GCHQ. These guys are serious, trained professionals - not spotty nerds who are out to steal credit card numbers or pictures of your girlfriend!

As long as these backdoors are secure (and surely they are!), then we have nothing to fear.
Yes, and we should all follow the state issued curfews and hand in our sharp kitchen utensils without resistance. It's for our own protection.

----------------------------------------------------------------------------------

I have two things to say:
1 - If there's a backdoor for governments, there's a backdoor. It's not a matter of if but when the bad guys find out how to get in through it.
2 - What makes you think that the US election system produces good guys that care about you? We have two parties in control of the entire system. They decide who you can vote for. They make sure that if their person wins, the policies in the best interest of the party are implemented. The system doesn't produce the results that are best for the typical citizen - it produces the results that are best for the parties, and neither of them give a crap about your or me or any other typical citizen.
Score: 51 Votes (Like | Disagree)
TheHateMachine Avatar
141 months ago
There is no reason to believe Apple would ever do anything to deliberately compromise the security of our data. Apple is the one company that strives to do everything to protect us and our privacy from prying eyes.

Ignorance is bliss!
Score: 46 Votes (Like | Disagree)
elev8d Avatar
141 months ago
Yeah. No thanks. Get this crap off my phone.
Score: 46 Votes (Like | Disagree)
the Helix Avatar
141 months ago
Data mining...

If the information from this article is true, it's actually quite scary.
It's like selling a TV with a built-in, hidden webcam that can peer into your private life without you knowing it.
Score: 40 Votes (Like | Disagree)
TWSS37 Avatar
141 months ago
blah blah blah blah it's Apple so it's harmless

<if article was about Google/Android> thread burns
Score: 36 Votes (Like | Disagree)