Apple Addresses iOS 'Backdoor' Concerns by Outlining Legitimate Uses for Targeted Services [Updated]

apple_security_iconEarlier this week, forensic expert Jonathan Zdziarski attracted attention for his disclosures of what appeared to be "backdoors" in iOS that could allow for covert data collection of users' information from their devices. While Apple issued a statement denying that anything nefarious was involved, the company has now posted a new support document (via Cabel Sasser) offering a limited description of the three services highlighted in Zdziarski's talk.

Each of these diagnostic capabilities requires the user to have unlocked their device and agreed to trust another computer. Any data transmitted between the iOS device and trusted computer is encrypted with keys not shared with Apple. For users who have enabled iTunes Wi-Fi Sync on a trusted computer, these services may also be accessed wirelessly by that computer.

The three processes include:

- com.apple.mobile.pcapd: Diagnostic packet capture to a trusted computer, used for diagnosing app issues and enterprise VPN connection problems.

- com.apple.mobile.file_relay: Used on internal devices and can be accessed (with user permission) by AppleCare for diagnostic purposes on the user's device.

- com.apple.mobile.house_arrest: Used by iTunes for document transfer and by Xcode during app development and testing.

Security experts will undoubtedly have additional questions about just how these services work and whether there are better and more secure ways of accomplishing the tasks they handle. At the very least, however, today's disclosure demonstrates a willingness by Apple to share information about the legitimate need for these services and should help quell unsupported speculation that Apple has worked with security agencies to implement these tools to allow for covert surveillance.

Update July 23, 9:52 AM: Zdziarski has responded [Google cache] to Apple's posting of the support document, acknowledging the disclosures but arguing that Apple is downplaying the power of these services.

I give Apple credit for acknowledging these services, and at least trying to give an answer to people who want to know why these services are there – prior to this, there was no documentation about file relay whatsoever, or its 44 data services to copy off personal data. They appear to be misleading about its capabilities, however, in downplaying them, and this concerns me. I wonder if the higher ups at Apple really are aware of how much non-diagnostic personal information it copies out, wirelessly, bypassing backup encryption. All the while that Apple is downplaying it, I suspect they’ll also quietly fix many of the issues I’ve raised in future versions. At least I hope so. It would be wildly irresponsible for Apple not to address these issues, especially now that the public knows about them.

Zdziarski also emphasizes that he has never suggested Apple is involved in a conspiracy to open up these services for surveillance - only that they could be used by those seeking to access such data.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

cdmoore74 Avatar
98 months ago
How does this title sound?

Google Addresses Android 'Backdoor' Concerns by Outlining Legitimate Uses for Targeted Services

If you mood changes from positive to negative then you know your a Apple fanboy. ;)
Score: 19 Votes (Like | Disagree)
cdmoore74 Avatar
98 months ago
Call me an Apple fanboy or whatever, But I 100% trust Apple.

I know Steve Jobs cared 100% about this company. The man stopped working only when it was physically impossible for him to go to work. I heard he even was talking about the iPhone 5 a day before he died to Tim Cook.

I know I know I shouldn't compare Steve to Tim. But I also believe Tim cares just as much as Steve did about Apple. They are honest and truly care about its products.

Im lovin there transparency to prove these Apple bashers wrong!

:apple:

Never trust anything 100%. I don't even trust my wife 100% of the time. Hell, I don't trust myself 100% of the time. :D
Score: 19 Votes (Like | Disagree)
BigBeast Avatar
98 months ago
[...]these are still three security holes[...]
I don't think that means what you think it means.
Score: 15 Votes (Like | Disagree)
lewisd25 Avatar
98 months ago
Any service with the name "house_arrest" raises some red flags.
Score: 13 Votes (Like | Disagree)
MikhailT Avatar
98 months ago
Great first steps, now one more step is to allow the user to opt out on all diagnostic information. One of the problems with _Don't send info to Apple_ is that while it is disabling the sharing of information to Apple, it does not prevent those services from recording the information in the first place. That means your iOS device is still hoarding all sorts of personal information without your knowledge and consent, even though you're not sharing it with Apple. The info can be retrieved illegally and/or with legit forensic tools.

So, Apple needs to step up there and have a simple option to disable all diagnostic information, period. I don't care about legitimate users for these services, they're not required and they're storing information I don't want iOS to store in the first place that's not encrypted with my passcode.
Score: 13 Votes (Like | Disagree)
realeric Avatar
98 months ago
I believe Apple.
Score: 12 Votes (Like | Disagree)

Popular Stories

Upcoming Products 2022 Feature

Gurman: Apple Preparing 'Widest Array of New Hardware Products in Its History' for Fall

Sunday January 23, 2022 10:32 am PST by
Apple is working on a number of new products that are set to launch this fall, and Bloomberg's Mark Gurman says that it will be "the widest array" of new devices that Apple has introduced in its history. In his latest "Power On" newsletter, Gurman explains that Apple is working on four new flagship iPhones (iPhone 14, iPhone 14 Max, iPhone 14 Pro, and iPhone 14 Pro Max), an updated low-end Ma...
Questionable Design Decisions

Apple's Most Questionable Design Decisions in Recent Memory

Sunday January 23, 2022 2:59 am PST by
Apple has always emphasized the depth of thought that goes into the design of its products. In the foreword to Designed by Apple in California, a photo book released by the company in 2016, Jony Ive explains how Apple strives "to define objects that appear effortless" and "so simple, coherent and inevitable that there could be no rational alternative." But every once in a while even Apple...
macbook pro 14 16 2021

Three Months After Launch, Apple Still Struggling to Meet Demand for Redesigned 14-Inch and 16-Inch MacBook Pro

Monday January 24, 2022 7:12 am PST by
Three months after their launch, the 14-inch and 16-inch MacBook Pros continue to experience high demand and seemingly short supply, with shipping dates for both models stretching into multiple weeks in several of Apple's key markets. In the United States, the baseline 14-inch MacBook Pro with the M1 Pro chip is estimated to ship in three to four weeks, promising an arrival by at least...
att gigabit internet

AT&T Bringing $180/Month 5-Gigabit Internet to 70 Cities

Monday January 24, 2022 9:20 am PST by
AT&T today announced the launch of upgraded AT&T Fiber plans, which support speeds of up to 5 Gigabits for some customers. There are two separate plans, one "2 GIG" plan and one "5 GIG" plan, available to new and existing AT&T Fiber subscribers. According to AT&T, the new plans are available to nearly 5.2 million customers across 70 metro areas including Los Angeles, Atlanta, Chicago, San...
airpodsinear 1

AirPods Save Woman's Life With Feature Everyone Should Know

Friday January 21, 2022 2:13 am PST by
Apple's AirPods have been credited with saving a woman's life after a potentially fatal fall, People reports. When a 60-year-old florist in New Jersey tripped and hit her head in her studio, she lost consciousness and awoke heavily bleeding. With nobody around to call for help, she realized she had her AirPods in, and used a "Hey Siri" command to call 911. An operator was able to stay on the ...
AirPods Pro Gen 3 Mock Feature ugly yellow

AirPods Pro 2 Could Beat AirPods Max Sound Quality

Monday January 24, 2022 2:15 am PST by
Apple's second-generation AirPods Pro could deliver higher fidelity audio than the AirPods Max over-ear headphones, despite being comparatively small in-ear buds, recent reports have suggested. In a recent note to investors, seen by MacRumors, TF International Securities analyst Ming-Chi Kuo claimed that the second-generation AirPods Pro will offer improved audio quality thanks to support...
iCloud Bug Feature Green

Developers Unhappy With Bug Causing iCloud Unreliability

Monday January 24, 2022 10:15 am PST by
A number of developers are upset with an increasingly problematic iCloud server issue that is causing some apps that have implemented iCloud support to fail to sync properly. As outlined on the Developer Forums and on Twitter, there are CloudKit connectivity issues that have been occurring since November. Some users of apps that have iCloud support built in are seeing the following message:...
top stories 2022jan22

Top Stories: Spring Apple Event Rumors, Apple Opposes Sideloading, and More

Saturday January 22, 2022 6:00 am PST by
As we roll into the latter half of January, we're starting to hear more about a potential spring Apple event, which is likely to take place in March or April. There are a number of potential announcements on deck, so an event would be a good opportunity for Apple to get them all out there. We've also been going back and forth on some iPhone 14 rumors, and we've taken a look at a number of...