Forensic Expert Questions Covert 'Backdoor' Services Included in iOS by Apple

iOS7-smallAs part of a recent Hackers On Planet Earth (HOPE/X) conference presentation, forensic scientist and iPhone jailbreak expert Jonathan Zdziarski detailed several backdoor security mechanisms that are secretly included in iOS by Apple. These mechanisms make covert data collection easier for Apple and governmental authorities, reports Zdziarski via ZDNet.

Zdziarski confirms that iOS is reasonably secure from attack by a malicious hacker, but notes that the mobile OS includes several forensic services and noticeable design omissions that make the OS vulnerable to snooping by forensic tools.

These services, such as "lockdownd," "pcapd" and "mobile.file_relay," can bypass encrypted backups to obtain data and can be utilized via USB, Wi-Fi and possibly cellular. They also are not documented by Apple and are not developer or carrier tools as they access personal data that would be not used for network testing or app debugging purposes.

While detailing these backdoors, Zdziarski makes it clear he is not a conspiracy theorist, but does want to know why Apple appears to be deliberately compromising the security of the iPhone and opening the door to professional, covert data access.

I am not suggesting some grand conspiracy; there are, however, some services running in iOS that shouldn’t be there, that were intentionally added by Apple as part of the firmware, and that bypass backup encryption while copying more of your personal data than ever should come off the phone for the average consumer. I think at the very least, this warrants an explanation and disclosure to the some 600 million customers out there running iOS devices. At the same time, this is NOT a zero day and NOT some widespread security emergency. My paranoia level is tweaked, but not going crazy. My hope is that Apple will correct the problem. Nothing less, nothing more. I want these services off my phone. They don’t belong there.

Zdziarski also notes that he isn't the only one aware of these backdoors. Several existing forensic software companies, such as Cellebrite and Elcomsoft, are already exploiting them as part of the forensic services they provide to law enforcement.

Consumers who want to limit access to these backdoor services are advised by Zdziarski to enable a complex passcode in iOS and use the enterprise Apple Configurator application to set Mobile Device Management (MDM) restrictions and enable Pair locking which will delete all pairing records. This solution will block third-party forensic software, but won't protect the device contents if it is sent to Apple for analysis.

Update 7:00 PM PT: Apple has released a statement to Tim Bradshaw of the Financial Times, denying Zdziarski's claims.

We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers, and Apple for troubleshooting technical issues. A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent.

As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

Hustler1337 Avatar
87 months ago
There is no reason to believe Apple would ever do anything to deliberately compromise the security of our data. Apple is the one company that strives to do everything to protect us and our privacy from prying eyes.

This article says otherwise.
Score: 79 Votes (Like | Disagree)
ArtOfWarfare Avatar
87 months ago
I don't understand why people get so worked up about this sort of thing.

Those backdoors are there for your protection. They are put there for the exclusive use of the governments who we democratically elected. i.e.: the good guys.

We should all stop being so suspicious, and learn to fully trust the NSA and GCHQ. These guys are serious, trained professionals - not spotty nerds who are out to steal credit card numbers or pictures of your girlfriend!

As long as these backdoors are secure (and surely they are!), then we have nothing to fear.
Yes, and we should all follow the state issued curfews and hand in our sharp kitchen utensils without resistance. It's for our own protection.

----------------------------------------------------------------------------------

I have two things to say:
1 - If there's a backdoor for governments, there's a backdoor. It's not a matter of if but when the bad guys find out how to get in through it.
2 - What makes you think that the US election system produces good guys that care about you? We have two parties in control of the entire system. They decide who you can vote for. They make sure that if their person wins, the policies in the best interest of the party are implemented. The system doesn't produce the results that are best for the typical citizen - it produces the results that are best for the parties, and neither of them give a crap about your or me or any other typical citizen.
Score: 51 Votes (Like | Disagree)
TheHateMachine Avatar
87 months ago
There is no reason to believe Apple would ever do anything to deliberately compromise the security of our data. Apple is the one company that strives to do everything to protect us and our privacy from prying eyes.

Ignorance is bliss!
Score: 46 Votes (Like | Disagree)
elev8d Avatar
87 months ago
Yeah. No thanks. Get this crap off my phone.
Score: 46 Votes (Like | Disagree)
the Helix Avatar
87 months ago
Data mining...

If the information from this article is true, it's actually quite scary.
It's like selling a TV with a built-in, hidden webcam that can peer into your private life without you knowing it.
Score: 40 Votes (Like | Disagree)
TWSS37 Avatar
87 months ago
blah blah blah blah it's Apple so it's harmless

<if article was about Google/Android> thread burns
Score: 36 Votes (Like | Disagree)

Top Stories

apple transfer google photos 1

Apple Launches Service for Transferring iCloud Photos and Videos to Google Photos

Wednesday March 3, 2021 12:04 pm PST by
Apple this week introduced a new service that's designed to make it quick and easy for iCloud users to transfer their stored photos and videos to Google Photos. As outlined in an Apple support document, you can go to Apple's privacy website and sign in to see the "Transfer a copy of your data" option. If you select this and go through all the steps, Apple will transfer your iCloud photos and ...
rosetta 2

Rosetta May Be Removed From M1 Macs in Some Regions on macOS 11.3

Tuesday March 2, 2021 5:20 pm PST by
Installing the upcoming macOS 11.3 software update on an M1 Mac may result in Rosetta 2 being removed in one or more regions around the world. In the third beta of macOS 11.3 seeded to developers for testing today, MacRumors contributor Steve Moser uncovered new strings in the beta's code indicating that "Rosetta will be removed upon installing this update." Another new string reads "Rosetta ...
Screen Shot 2021 03 03 at 11

MagSafe Charging Port for iPhone Appears in Apple Patent

Wednesday March 3, 2021 1:30 am PST by
In a newly granted patent, Apple envisions a type of connectivity port using an iteration of its magnetic MagSafe charger to charge an iPhone, potentially paving the way for a future without Lightning. Submitted to the United States Patent and Trademark Office on Tuesday (via Patently Apple), the patent outlines a three-pinned MagSafe charger, similar to the ones found in older MacBook...
Oled iPads and MackBook Pro

OLED 10.9-Inch iPad Rumored for Early 2022, 12.9-Inch iPad Pro and 16-Inch MacBook Pro Could Follow

Thursday March 4, 2021 8:37 pm PST by
Earlier today, DigiTimes shared a preview of an upcoming report claiming that Apple is working on both iPad and Mac notebook models with OLED displays that could launch starting in 2022. The full report from DigiTimes is now available, and it includes several new alleged details about Apple's plans. According to the report, the first of these devices to adopt an OLED display is likely to be...
OLED iPad Pro and MacBook Pro

iPad and MacBook Models With OLED Displays Rumored to Launch in 2022

Thursday March 4, 2021 8:19 am PST by
Apple plans to release new iPad and MacBook models with OLED displays in 2022, according to industry sources cited by Taiwanese supply chain publication DigiTimes. The information was shared in the site's paywalled "Before Going to Press" section, so there are no further details yet, but the full report should be released by tomorrow. Apple has gradually increased its adoption of OLED...
iPad mini pro feature

Sketchy Rumor Claims 'iPad Mini Pro' Launching in Second Half of 2021

Wednesday March 3, 2021 3:04 am PST by
Apple is expected to launch a sixth-generation iPad mini in the first half of 2021, possibly as soon as this March, based on long-standing rumors. However, a new rumor out of Asia that has gained traction in the last 24 hours suggests an "iPad mini Pro" will arrive in the second half of this year. According to a post on Korean blog Naver, whose rumor track record is unknown, the device...
maxresdefault

What's on Your iPhone Home Screen?

Thursday March 4, 2021 10:31 am PST by
Over on our YouTube channel, MacRumors videographer Dan has a new video up where he shares his Home Screen, wallpaper, and all of his current favorite widgets. Subscribe to the MacRumors YouTube channel for more videos. Check out Dan's video to see his setup, and then comment below and show us your own Home Screens. It's always fun to see other peoples' Home Screens, and with widgets and...
apple pencil 3 leak

New Apple Pencil Allegedly Leaks With Glossy Finish and Redesigned Tip

Wednesday March 3, 2021 6:17 am PST by
Images supposedly depicting a third-generation Apple Pencil have been shared on Twitter by the leaker known as "Mr. White." The purported new Apple Pencil appears to share a very similar design to the current, second-generation Apple Pencil, which is shorter than the previous version and charges inductively on the side of an iPad. The updated Apple Pencil appears to have a glossy...
apple watch ecg wrist

Apple Watch ECG Feature Gets Approved in Australia

Wednesday March 3, 2021 2:07 am PST by
The Australian government has approved ECG functionality on the Apple Watch, giving Apple the all-clear to launch the feature for Apple Watch users in the country, according to a regulatory document first spotted by The 8-Bit. Earlier last month, the Apple Watch's irregular heart rhythm notification received approval in Australia, although ECG did not. Irregular heart rhythm is a feature...
PIA23764 RoverNamePlateonMars web

NASA Mars Perseverance Rover Uses Same PowerPC Chipset Found in 1998 G3 iMac

Tuesday March 2, 2021 3:21 am PST by
NASA's Perseverance rover, which recently made history landing on the surface of Mars, is powered by the same processor used in an iMac more than 23 years old. Image Credit: NASA As reported by NewScientist (via Gizmodo), the rover includes the PowerPC 750 processor, the same chip used in the G3 iMac in 1998. The main chipset is the same; however, there are differences between the...