SHARE

Renown forensic expert Jonathan Zdziarski (a.k.a. NerveGas) says that iOS comes with its own “back door” tools that “shouldn’t be there.”

It’s been said that Android users have Google to fear when it comes to their personal information, but iOS users shouldn’t wear any confidence about their operating system, either.

According to a new report by forensics expert and iOS hacker Jonathan Zdziarski, also known as “NerveGas,” iOS has a number of “back doors” in iOS that allow governmental access – even while Apple claims that it’s committed to protecting its users’ privacy.

NerveGas has worked on iOS jailbreaks up through iOS 4, has designed the iOS forensics techniques that law enforcement uses today and has himself written five books on iOS hacking and security. In his slides from his presentation at the recent New York Hackers on Planet Earth, or HOPE Conference, Zdziarski notes that there’re a number of “undocumented forensic services” on every iOS device, leading many to wonder why these services are “undocumented” and what the purpose is for implementing such services on iOS devices.

Zdziarski asks some questions at the HOPE Conference that are excellent ones for iPhone and iPad users to consider:

  • Why is there a packet sniffer running on 600 million personal iOS devices instead of moved to the developer mount?
  • Why are there undocumented services that bypass user backup encryption that dump mass amounts of personal data from the phone?
  • Why is most of my user data still not encrypted with the PIN or passphrase, enabling the invasion of my personal privacy by YOU?

Packet sniffers are used by iOS developers to see what kinds of user traffic utilize their apps, but why are packet sniffers placed on all iOS devices? Also, there’re a number of other tools in iOS on iDevices that Apple’s been advancing over the years, a troubling sign for a company that’s intent on maintaining user privacy. As Zdziarski wrote on his blog (to explain the purpose of his claims),

“I have NOT accused Apple of working with the NSA, however I suspect (based on released documents) that some of these services MAY have been used by NSA to collect data on certain potential targets. I am not suggesting some grand conspiracy; there are, however, some services running in iOS that shouldn’t be there, that were intentionally added by Apple as part of the firmware…at the very least, this warrants an explanation and disclosure to some 600 million customers out there running iOS devices.”

Keep in mind that Zdziarski has done lots of work in iOS security and knows his way around the iOS configurations. He’s got much experience in iOS and isn’t talking about what others have said; instead, he’s giving details of his own research in iOS.

See Also: Apple releases iOS 7.1.2 and OS X 10.9.4 Mavericks

Apple responded to Zdziarski’s presentation and comments by saying that it’s never teamed up with the NSA, nor is it compromising user data.

See Also: Apple iPhone 6 coming with Barometer and Altimeter, compliments of iOS 8

At the same time, however, Zdziarski notes in his presentation slides that he’s received emails from Tim Cook about Apple’s warranty policies (a response to his own emails), but never received anything back about the “back doors” in iOS. Tim Cook’s silence on the subject of iOS back doors is an interesting move indeed for a CEO whose company’s looking to sell 70-80 million iPhone 6 models come September.

See Also: European Commission lauds Google and rebukes Apple over in-app purchases

Here’s more discussion on 38 iOS vulnerabilities and how the US Government has exploited operating systems for its own benefit.

2 COMMENTS

  1. Anyone that still thinks they are private on the internet and that the Government which designed the protocols that run the internet (TCP/IP) don’t have access to every internet connected device is a fool and a moron!

    • Exactly. By now, NSA has a pretty clear profile on everyone that uses the internet. Yes, they know what you do, what you read, your opinions on just about everything, etc.
      They also track your movement – there is very little places to hide if you have a cell phone. They know location, they can activate the cameras and see you, hear you, etc.
      Big Brother is here! It’s a reality.
      The benefits are on control of crime and terrorism. The counters are the lack of privacy.
      The other day I saw a news report on the capture of the son of a major drug lord in Mexico as he attempted to cross the border. Among the items shown was an iPhone. They so had him well monitored! – That’s the good of this tech.
      Imagine someone is involved in a hit and run. Even if there were no witnesses, if the perpetrator had a phone, he is easy to track. See what signals pinged at the location at the time of the hit and run, narrow your search – bingo!
      The good citizens of the world need not worry too much about this. It’s the ones doing evil that are so screwed. Still, privacy advocates will complaint, as they should. I just figure I’d rather live in a more secure world at the expense of letting NSA know who I really am.

LEAVE A REPLY

Please enter your comment!
Please enter your name here