IOS, Apple discovered the existence of backdoor for monitoring user, released function description page to deny backdoor


ByRyan Tir

Jonathan Zdziarski, who acts as a scientific investigator and a hacker,Discovered that Apple's iOS had secret backdoor for user monitoringHowever, Apple officially denied the existence of a backdoor, the function that points out that Mr. Zdziarski is a backdoor is to be the "diagnostic function" of iOS and to explain this diagnostic function Official page of the company was posted on its website.

IOS: About diagnostic capabilities
https://support.apple.com/kb/HT6331


Apple commented that "Diagnostic function" is installed in iOS to support troubleshooting of enterprise IT department, developer, AppleCare, etc. "The diagnosis function is" com.apple .mobile.pcapd "," com.apple.mobile.file_relay "and" com.apple.mobile.house_arrest ".

◆ pcapd
"Pcapd" is a function to support when collecting diagnostic packets from an iOS terminal using a trusted computer. This feature is especially useful for troubleshooting and problem analysis in companies related to VPN.

◆ file_relay
"File_relay" is a function that supports the limited copy of diagnostic data from iOS terminals. It is said that this function respects data protection that it is completely separated from the backup created by the user and that it can not access all the data in the terminal. Apple engineers seem to be using the "file_relay" function limited to specific customers, and they are using it for users who agree to data collection by joining AppleCare.

◆ house_arrest
The "house_arrest" function is used to exchange documents of applications supporting this with iTunes, and it is used to transfer data during application development.

Apple comments that these features can gather information that can be useful for corporate IT departments and developers, AppleCare troubleshooting, etc. without compromising the user's privacy and security. Also, in order to access the data collected by the diagnostic function on the computer, it is necessary for the user to unlock the terminal and agree to the notification "Do you trust this computer?" Apple asserts that diagnostic data will not be freely transferred outside the terminal without it.

In addition, Zdziarski who first discovered iOS backdoor received an email from Apple that denies the existence of backdoor directly.


Zdziarski is posting a new article on his blog on February 23 while appreciating that Apple immediately disclosed information on diagnostic functions.

Apple Confirms "Back Doors"; Downplays Their Severity | Jonathan Zdziarski's Domain
http://www.zdziarski.com/blog/?p=3466


In this article, Zdziarski said, "We do not criticize the existence of hidden access methods, Apple's cooperation with NSA, etc.", "While referring to the diagnostic function published by Apple Information is easy to misunderstand and there is no explanation about the points I pointed out. "

In addition, "making pcapd function dangerous is that it can be used wirelessly and can be used without user's permission, that is, it can easily be used for monitoring purposes by an authorized third party "It points out the danger of pcapd that Apple does not mention even on the official page. About file relay, "The explanation of Apple that only diagnostic data is copied is misleading," and it is diagnosed, such as user's album and SMS, contact information, position information, last shot screenshot etc. It will be provided to personal data that seems unnecessary to us. And in house arrest, it is said that target data is not limited to "documents", it is possible to access libraries, caches, setting information, etc. which contain a lot of personal information.

Mr. Zdziarski thanked Apple who acknowledged the existence of the back door pointed out by himself, but pointed out the risk of these functions being exploited and stated that these functions should be further restricted.

Related Posts:

in Mobile,   Software, Posted by logu_ii