Apple Addresses iOS 'Backdoor' Concerns by Outlining Legitimate Uses for Targeted Services [Updated]

apple_security_iconEarlier this week, forensic expert Jonathan Zdziarski attracted attention for his disclosures of what appeared to be "backdoors" in iOS that could allow for covert data collection of users' information from their devices. While Apple issued a statement denying that anything nefarious was involved, the company has now posted a new support document (via Cabel Sasser) offering a limited description of the three services highlighted in Zdziarski's talk.

Each of these diagnostic capabilities requires the user to have unlocked their device and agreed to trust another computer. Any data transmitted between the iOS device and trusted computer is encrypted with keys not shared with Apple. For users who have enabled iTunes Wi-Fi Sync on a trusted computer, these services may also be accessed wirelessly by that computer.

The three processes include:

- com.apple.mobile.pcapd: Diagnostic packet capture to a trusted computer, used for diagnosing app issues and enterprise VPN connection problems.

- com.apple.mobile.file_relay: Used on internal devices and can be accessed (with user permission) by AppleCare for diagnostic purposes on the user's device.

- com.apple.mobile.house_arrest: Used by iTunes for document transfer and by Xcode during app development and testing.

Security experts will undoubtedly have additional questions about just how these services work and whether there are better and more secure ways of accomplishing the tasks they handle. At the very least, however, today's disclosure demonstrates a willingness by Apple to share information about the legitimate need for these services and should help quell unsupported speculation that Apple has worked with security agencies to implement these tools to allow for covert surveillance.

Update July 23, 9:52 AM: Zdziarski has responded [Google cache] to Apple's posting of the support document, acknowledging the disclosures but arguing that Apple is downplaying the power of these services.

I give Apple credit for acknowledging these services, and at least trying to give an answer to people who want to know why these services are there – prior to this, there was no documentation about file relay whatsoever, or its 44 data services to copy off personal data. They appear to be misleading about its capabilities, however, in downplaying them, and this concerns me. I wonder if the higher ups at Apple really are aware of how much non-diagnostic personal information it copies out, wirelessly, bypassing backup encryption. All the while that Apple is downplaying it, I suspect they’ll also quietly fix many of the issues I’ve raised in future versions. At least I hope so. It would be wildly irresponsible for Apple not to address these issues, especially now that the public knows about them.

Zdziarski also emphasizes that he has never suggested Apple is involved in a conspiracy to open up these services for surveillance - only that they could be used by those seeking to access such data.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Popular Stories

Generic iOS 18

iOS 18.3 Coming Soon: Here's What's New

Monday January 13, 2025 5:33 am PST by
iOS 18.3 is currently in beta for developers and public beta testers. So far, the upcoming iPhone software update is very minor in scope. Below, we outline what is new in iOS 18.3 so far. The only potential new feature coming to iPhones with iOS 18.3 so far is robot vacuum support in the Home app, but this functionality is not yet live. Apple is laying the groundwork for the feature,...
iPhone 17 Slim Feature Single Camera 1 Redux

'iPhone 17 Air' Launching Later This Year With These 10 New Features

Wednesday January 15, 2025 7:16 am PST by
While the so-called "iPhone 17 Air" is not expected to launch until September, there are already plenty of rumors about the "ultra-thin" device. Overall, the "iPhone 17 Air" is shaping up to be a mixed bag. Due to its thinness, the device is expected to have some limited specifications compared to the iPhone 17 Pro models, including only a single rear camera, only a single speaker, no SIM...
new magsafe charger

Apple Releases Updated MagSafe Charger Firmware

Tuesday January 14, 2025 11:30 am PST by
Apple today released new firmware designed for the 25W MagSafe Charger that is compatible with the iPhone 12 and later and the latest AirPods and Apple Watch models. The updated firmware is version 2A143, up from the 2A138 firmware that the accessory shipped with. In the Settings app, you'll see a different version number than the internal firmware number. The 2024 MagSafe charger was...
iPhone 17 Pro Dual Tone Feature 1

iPhone 17 Pro Launching Later This Year With These 8 New Features

Thursday January 9, 2025 5:45 am PST by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. iPhone 17 Pro concept based on rumors Below, we recap key changes rumored for the iPhone 17 Pro models as of January 2025: More aluminum: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models ...
HomePod mini and Apple TV

HomePod Mini 2 and New Apple TV Launch Timeframe Narrowed Down

Sunday January 12, 2025 4:11 pm PST by
Bloomberg's Mark Gurman recently reported that Apple plans to release new HomePod mini and Apple TV models this year, and now he has provided a more precise timeframe. In his Power On newsletter today, Gurman said Apple is currently aiming to launch the new HomePod mini and Apple TV models "toward the end of the year." That timeframe suggests the devices will be released at some point...
severance new york promo 1

Apple Promotes Severance Season 2 Premiere With Lumon Industries Pop-Up and Visits From Actors

Tuesday January 14, 2025 3:47 pm PST by
Ahead of the season two premiere of hit TV show Severance, Apple is marketing the show with a fun Severance pop-up at the Grand Central Terminal in New York City. Apple has assembled a glass cube with workstations that are identical to the setups that Lumon employees use on the show, complete with employees "working," doing yoga, playing catch, throwing paper airplanes, sipping coffee, and...
airpods pro 2 gradient

AirPods Pro 3 Expected This Year: Here's What We Know

Wednesday January 8, 2025 7:05 am PST by
Despite being released over two years ago, Apple's AirPods Pro 2 continue to dominate the wireless earbud market. However, with the AirPods Pro 3 expected to launch sometime in 2025, anyone thinking of buying Apple's premium earbuds may be wondering if the next generation is worth holding out for. Apart from their audio and noise-canceling performance, which are generally regarded as...
General Apps Messages Redux

Phishing Attacks Use This Simple Trick to Defeat iPhone Message Security

Monday January 13, 2025 6:11 am PST by
A new social engineering tactic is being used by cybercriminals to trick iPhone users into disabling iMessage's built-in phishing protection, in a bid to expose them to malicious links and scams, according to BleepingComputer. The scam exploits a security feature in iMessage that automatically disables links from unknown senders. Apple told the outlet that when users reply to these messages...

Top Rated Comments

cdmoore74 Avatar
137 months ago
How does this title sound?

Google Addresses Android 'Backdoor' Concerns by Outlining Legitimate Uses for Targeted Services

If you mood changes from positive to negative then you know your a Apple fanboy. ;)
Score: 19 Votes (Like | Disagree)
cdmoore74 Avatar
137 months ago
Call me an Apple fanboy or whatever, But I 100% trust Apple.

I know Steve Jobs cared 100% about this company. The man stopped working only when it was physically impossible for him to go to work. I heard he even was talking about the iPhone 5 a day before he died to Tim Cook.

I know I know I shouldn't compare Steve to Tim. But I also believe Tim cares just as much as Steve did about Apple. They are honest and truly care about its products.

Im lovin there transparency to prove these Apple bashers wrong!

:apple:

Never trust anything 100%. I don't even trust my wife 100% of the time. Hell, I don't trust myself 100% of the time. :D
Score: 19 Votes (Like | Disagree)
BigBeast Avatar
137 months ago
[...]these are still three security holes[...]
I don't think that means what you think it means.
Score: 15 Votes (Like | Disagree)
lewisd25 Avatar
137 months ago
Any service with the name "house_arrest" raises some red flags.
Score: 13 Votes (Like | Disagree)
MikhailT Avatar
137 months ago
Great first steps, now one more step is to allow the user to opt out on all diagnostic information. One of the problems with _Don't send info to Apple_ is that while it is disabling the sharing of information to Apple, it does not prevent those services from recording the information in the first place. That means your iOS device is still hoarding all sorts of personal information without your knowledge and consent, even though you're not sharing it with Apple. The info can be retrieved illegally and/or with legit forensic tools.

So, Apple needs to step up there and have a simple option to disable all diagnostic information, period. I don't care about legitimate users for these services, they're not required and they're storing information I don't want iOS to store in the first place that's not encrypted with my passcode.
Score: 13 Votes (Like | Disagree)
realeric Avatar
137 months ago
I believe Apple.
Score: 12 Votes (Like | Disagree)