Apple Addresses iOS 'Backdoor' Concerns by Outlining Legitimate Uses for Targeted Services [Updated]

by

apple_security_iconEarlier this week, forensic expert Jonathan Zdziarski attracted attention for his disclosures of what appeared to be "backdoors" in iOS that could allow for covert data collection of users' information from their devices. While Apple issued a statement denying that anything nefarious was involved, the company has now posted a new support document (via Cabel Sasser) offering a limited description of the three services highlighted in Zdziarski's talk.

Each of these diagnostic capabilities requires the user to have unlocked their device and agreed to trust another computer. Any data transmitted between the iOS device and trusted computer is encrypted with keys not shared with Apple. For users who have enabled iTunes Wi-Fi Sync on a trusted computer, these services may also be accessed wirelessly by that computer.

The three processes include:

- com.apple.mobile.pcapd: Diagnostic packet capture to a trusted computer, used for diagnosing app issues and enterprise VPN connection problems.

- com.apple.mobile.file_relay: Used on internal devices and can be accessed (with user permission) by AppleCare for diagnostic purposes on the user's device.

- com.apple.mobile.house_arrest: Used by iTunes for document transfer and by Xcode during app development and testing.

Security experts will undoubtedly have additional questions about just how these services work and whether there are better and more secure ways of accomplishing the tasks they handle. At the very least, however, today's disclosure demonstrates a willingness by Apple to share information about the legitimate need for these services and should help quell unsupported speculation that Apple has worked with security agencies to implement these tools to allow for covert surveillance.

Update July 23, 9:52 AM: Zdziarski has responded [Google cache] to Apple's posting of the support document, acknowledging the disclosures but arguing that Apple is downplaying the power of these services.

I give Apple credit for acknowledging these services, and at least trying to give an answer to people who want to know why these services are there – prior to this, there was no documentation about file relay whatsoever, or its 44 data services to copy off personal data. They appear to be misleading about its capabilities, however, in downplaying them, and this concerns me. I wonder if the higher ups at Apple really are aware of how much non-diagnostic personal information it copies out, wirelessly, bypassing backup encryption. All the while that Apple is downplaying it, I suspect they’ll also quietly fix many of the issues I’ve raised in future versions. At least I hope so. It would be wildly irresponsible for Apple not to address these issues, especially now that the public knows about them.

Zdziarski also emphasizes that he has never suggested Apple is involved in a conspiracy to open up these services for surveillance - only that they could be used by those seeking to access such data.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tag: Jonathan Zdziarski

Popular Stories

Apple Shopping Event 2025

Apple Announces 2025 Black Friday Event, Here's What You Can Get

Thursday November 20, 2025 6:28 am PST by
Apple's annual four-day Black Friday through Cyber Monday shopping event is returning on Friday, November 28 through Monday, December 1 in many countries, including the United States, Canada, Australia, New Zealand, France, Germany, Italy, Spain, the United Kingdom, Belgium, the Netherlands, Sweden, Thailand, and others. During the shopping event, customers can get an Apple gift card with...
Read Full Article41 comments
iOS 26

iOS 26.2 Adds These New Features to Your iPhone

Thursday November 20, 2025 10:50 am PST by
iOS 26.2 is currently in beta testing. The upcoming update includes a handful of new features and changes on the iPhone, including a new Liquid Glass slider for the Lock Screen's clock, offline lyrics for Apple Music, and more. In a recent press release, Apple confirmed that iOS 26.2 will be released to all users in December, but it did not provide a specific release date. Keep reading...
Read Full Article27 comments
hikawa phone grip stand apple%402x

Apple Launches Second Limited-Edition iPhone Accessory in a Month

Friday November 21, 2025 3:53 am PST by
Apple has begun selling the Hikawa Phone Grip and Stand, a new limited-edition iPhone accessory designed with accessibility in mind. Designed by LA-based Bailey Hikawa to celebrate the 40th anniversary of accessibility at Apple, the grip uses magnets to securely snap onto any iPhone with MagSafe. Apple says it can be removed with ease, and doubles as a stand with two different viewing...
Read Full Article129 comments
iPhone 17 Pro Cosmic Orange

10 Reasons to Wait for Next Year's iPhone 18 Pro

Wednesday November 19, 2025 4:00 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth...
Read Full Article105 comments
ipad black friday 2025

The Best Early Black Friday iPad Deals

Thursday November 20, 2025 10:20 am PST by
Black Friday is just over a week away, and iPad deals have finally started to flood in at retailers like Amazon and Best Buy. Below we're tracking discounts on every current generation iPad, including lowest-ever prices on M3 iPad Air and M5 iPad Pro, plus steep markdowns on iPad and iPad mini. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a ...
Read Full Article7 comments
ipad mini 7 feature red and blue

iPad Mini 8: Four Major New Features to Expect

Wednesday November 19, 2025 7:50 am PST by
Apple's eighth-generation iPad mini is highly likely to arrive next year, offering a significant refresh of the device with at least four major new features. OLED Display The next-generation version of the iPad mini could feature an OLED display, as part of Apple's plan to expand the display technology across many more of its devices. Apple's first OLED device was the Apple Watch in 2015, ...
Read Full Article67 comments
watchos 26 workout app

Apple Watch Users Claim Workout App Is Now Worse in Every Way

Thursday November 20, 2025 7:01 am PST by
Apple Watch owners have been voicing their frustration online over changes to the Workout app that Apple introduced in watchOS 26, with many finding the redesigned interface makes starting exercises difficult and exasperating. When Apple launched watchOS 26 in September, the Workout app went from large, easily tapped workout tiles to a scrolling, corner-button interface. Instead of tapping a ...
Read Full Article229 comments
apple wallet drivers license feature iPhone 15 pro

Two More U.S. States Commit to Offering iPhone Driver's Licenses in Apple Wallet App

Thursday November 20, 2025 8:21 am PST by
In select U.S. states, residents can add their driver's license or state ID to the Apple Wallet app on the iPhone and Apple Watch, and then use it to display proof of identity or age at select airports and businesses, and in select apps. Earlier this week, Illinois became the 13th state in the U.S. to offer the feature. Subsequently, we shared a list of additional states that are committed...
Read Full Article38 comments
android iphone airdrop quickshare

iPhone Users Can Now AirDrop Files to Android Devices

Thursday November 20, 2025 9:47 am PST by
Google today announced a new cross-platform feature that allows for file sharing between iPhone and Android users. With AirDrop on the iPhone and QuickShare on Pixel 10 devices, there is a new file transfer function available. The file sharing option works on Apple devices that include iPhone, iPad, and Mac, along with the Pixel 10, Pixel 10 Pro, Pixel 10 Pro XL, and Pixel 10 Fold....
Read Full Article127 comments

Top Rated Comments

cdmoore74 Avatar
cdmoore74
148 months ago
How does this title sound?

Google Addresses Android 'Backdoor' Concerns by Outlining Legitimate Uses for Targeted Services

If you mood changes from positive to negative then you know your a Apple fanboy. ;)
Score: 19 Votes (Like | Disagree)
cdmoore74 Avatar
cdmoore74
148 months ago
Call me an Apple fanboy or whatever, But I 100% trust Apple.

I know Steve Jobs cared 100% about this company. The man stopped working only when it was physically impossible for him to go to work. I heard he even was talking about the iPhone 5 a day before he died to Tim Cook.

I know I know I shouldn't compare Steve to Tim. But I also believe Tim cares just as much as Steve did about Apple. They are honest and truly care about its products.

Im lovin there transparency to prove these Apple bashers wrong!

:apple:

Never trust anything 100%. I don't even trust my wife 100% of the time. Hell, I don't trust myself 100% of the time. :D
Score: 19 Votes (Like | Disagree)
BigBeast Avatar
BigBeast
148 months ago
[...]these are still three security holes[...]
I don't think that means what you think it means.
Score: 15 Votes (Like | Disagree)
lewisd25 Avatar
lewisd25
148 months ago
Any service with the name "house_arrest" raises some red flags.
Score: 13 Votes (Like | Disagree)
MikhailT Avatar
MikhailT
148 months ago
Great first steps, now one more step is to allow the user to opt out on all diagnostic information. One of the problems with _Don't send info to Apple_ is that while it is disabling the sharing of information to Apple, it does not prevent those services from recording the information in the first place. That means your iOS device is still hoarding all sorts of personal information without your knowledge and consent, even though you're not sharing it with Apple. The info can be retrieved illegally and/or with legit forensic tools.

So, Apple needs to step up there and have a simple option to disable all diagnostic information, period. I don't care about legitimate users for these services, they're not required and they're storing information I don't want iOS to store in the first place that's not encrypted with my passcode.
Score: 13 Votes (Like | Disagree)
realeric Avatar
realeric
148 months ago
I believe Apple.
Score: 12 Votes (Like | Disagree)
Read All Comments