Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Addresses iOS 'Backdoor' Concerns by Outlining Legitimate Uses for Targeted Services [Updated]
- Thread starter MacRumors
- Start date
- Sort by reaction score
LULz. The concerns highlighted are far from the biggest ones. There are much simpler ways to gain access to the iPhone to pull data and have been since it's initial release.
Why don't we begin with you
----------
Does that mean you trust the Gov because you pay taxes?
----------
Why would the gov want to build its own iOS system if iOS was secure enough?
----------
you sound like someone who doesn't care about your rights: ignorance is bliss for you.
----------
He read! He just didn't blindly accept it.
----------
So true!
----------
Not buying the transparency bit... Apple farts, fans take a deep breath and smack their lips.
What, exactly, does a story on iOS security and the data Apple mines from you have to do with Politics, Religion, Social Issues... then Mac Rumors? Or did you want to control who could post on this topic?
Call me an Apple fanboy or whatever, But I 100% (more realistically around 92.8%) trust Apple.
I know Steve Jobs cared 100% about this company. The man stopped working only when it was physically impossible for him to go to work. I heard he even was talking about the iPhone 5 a day before he died to Tim Cook.
I know I know I shouldn't compare Steve to Tim. But I also believe Tim cares just as much as Steve did about Apple. They are honest and truly care about its products.
Im lovin their transparency now!
Here's the thing. If you don't trust Apple about what these services are for, you might as well not trust them with anything, since you are carrying around a phone with a camera, microphone, GPS, near mandatory network and cloud services that you type personal things in all of the time. So if you think Apple is outright lying about 1 thing, you might as well not use any of their devices at all.
If you make that above post, then you know you're a Google fanboy.
Now can we please stop making these types of posts? This is probably the new "Safari is snappier" type of posts. Take any front page post vilifying Apple, change the headline to Google and then mention how Apple fanboys will be pissed, will take a negative tone and then will promptly **** their pants.
Seems like more and more people feel good about themselves only after calling someone a name...brought to you by our politicians as of late.
Maybe this is Macrumors' house arrest forum?
Only the dedicated loonies can post here.
That makes no sense. Very few things in life are all or nothing. How silly does it sound to say you trust Apple 100% or you don't trust them at all. The explanation from Apple simply explained what they do with the diagnostics, not what can be done with the diagnostics.
Rule 1 to grammar checking others, make sure your insult is perfect.
BTW you're also asking a question, not making a statement - use a question mark.
Other than that though, this is a top notch post.
----------
Posted something similar before reading this
but this, exactly.I think you're right here.
I also think it would be very helpful for Apple to make this a turn off option in Settings for these services, so you can turn them off by default and turn them on when you might want.
It was also pointed out that Tim Bradshaw of the Financial Times received a reply from Apple on this issue and stated the following:
"We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues. A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent.
As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products of services."
As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products of services."
If Apple isn't being straight up here with their customers here, it'd get out & there'd be huge blowback and damage to the brand...I don't think Tim and Co. would risk that.
Call me an Apple fanboy or whatever, But I 100% (more realistically around 92.8%) trust Apple.
I know Steve Jobs cared 100% about this company. The man stopped working only when it was physically impossible for him to go to work. I heard he even was talking about the iPhone 5 a day before he died to Tim Cook.
I know I know I shouldn't compare Steve to Tim. But I also believe Tim cares just as much as Steve did about Apple. They are honest and truly care about its products.
Im lovin their transparency now!
Yeah you would care just as much if you were making 300 million in stock options.
This might be true for you, but for most users a phone has more information on it (that the NSA would like to record and store...for future needs of course) than their PC.
Most folks smartphones have who they talk to (& when), who they text to (& what and when), where they've been, their contact list with associated information and of course web sites that they go to with logins, and of course pictures (which we've learned the NSA is scraping) etc..
With regards to the govt recording things (which we've found out they're doing), a smartphone is a jackpot. According to what we've found out in the documents (which were several years old at the time), iOS and Android were easy access devices:
http://www.iclarified.com/37195/the...or-nearly-complete-access-to-the-apple-iphone
Agreed, and with reading the bold part of this statement :
Indicates that there is no real back door, it would require the user to trust another piece of hardware to create keys with it. That would be a user problem, don't just go around trusting every computer nearby.
Assuming Apple told the truth in the above statement, I see no issues here at all. These services HAVE to be running (in general) if you want to be able to sync content from your computer.
It sounds like you work for a company that specializes in software providing access to iPhone data.
If you don't mind me asking - what kinds of stuff could you get from an iPhone with a wifi or cellular(?) connection and no user approval (& iOS 7)? Or the backup data on the Mac?
Last edited:
It's probably a word play on "jailbreak" or something.
There's a system call in UNIX, which iOS and OS X is based on, called "kill". It doesn't mean that Apple wants you dead.
Reply from the Researcher - good points
Here's the reply to what Apple said from the researcher who pointed these issues out and he makes extremely good points:
http://arstechnica.com/security/201...ndocumented-services-that-can-leak-user-data/
Basically many of these things while they can be used for the stated purpose can also be turned on wirelessly, without the users permission or knowledge and used to access users personal data....if nothing else this stuff needs to be locked down, as of right now, its doesn't look like it is. The researcher also tried to reach out to Apple privately about these issues before, but was ignored.
The researcher said he'd like the following from Apple, which seems like commonsense suggestions:
1. pcap not work over wifi
2. file relay respect backup encryption or not exist
3. house arrest limited to Documents
Here's the reply to what Apple said from the researcher who pointed these issues out and he makes extremely good points:
http://arstechnica.com/security/201...ndocumented-services-that-can-leak-user-data/
Basically many of these things while they can be used for the stated purpose can also be turned on wirelessly, without the users permission or knowledge and used to access users personal data....if nothing else this stuff needs to be locked down, as of right now, its doesn't look like it is. The researcher also tried to reach out to Apple privately about these issues before, but was ignored.
The researcher said he'd like the following from Apple, which seems like commonsense suggestions:
1. pcap not work over wifi
2. file relay respect backup encryption or not exist
3. house arrest limited to Documents
You sound like this hacker dude. Making accusations with no proof. He claims X but doesn't back it up with any actual analysis and folks eat it up, getting ad impressions and giving him press.
Exactly what personal information is iOS hoarding without your knowledge or permission. You say it is so prove it.
1. Go to the Genius Bar and yes that information is needed.
2. What information on your phone is not encrypted with your passcode. Excluding perhaps a jailbroken phone or a previously synced computer you can't backup/sync or even restore a passcoded phone. So it seems difficult to find any info, encrypted or not. Yes he says Apple can do it (and by Aople I mean the bigwig engineers not the pimples at the stores). But has he proven any of his claims.
----------
They aren't holes until someone can prove Apple is lying that there is no other use or access means.
----------
Proof? Like this hacker etc you say these things and haven't proven what information, lack of protection etc
Last edited:
Never trust anything 100%. I don't even trust my wife 100% of the time. Hell, I don't trust myself 100% of the time.
lol... apparently neither does the 16 people who voted you..
Me too.
If you can't trust Apple, who can you trust... Maybe we shouldn't be trusting our ISP either...
True, this probably shouldn't be in our phones, but as Apple points out, its for legit reasons..... its just people always get the wrong impression of it, which makes it sound more evil than it actually is helping.
There has been no proof from this forensic person what exact stuff this picked up on.... he just says "Documents" and other data. ok, but what in particular ?
He can go into detail about he found a problem, yet he can't point out what he found?
I'm be cautious of this, not Apple. Besides, isn't it interesting that we have been using iOS all this time, and no-one, up till recently, has found this..
Last edited:
Again you say it, but haven't proven it. Show, or even just find, proof that someone can violate a non jailbroken phone using any of these.
The researcher actually did a presentation on what he found with details. His response to Apple's reply is over here with a good amount of what he didn't like about the 3 services Apple responded on:
http://arstechnica.com/security/201...ndocumented-services-that-can-leak-user-data/
Frankly this stuff might just be leftover in the current security state because Apple just didn't have to worry about things like that when it was written years ago, but things are different now - and if there are a few simple things Apple could do to lock down our jackpot's of information from casual government (or other's) eyes, I think most customers would like that.
I think another user mentioned that there are at least 4 commercial products for pulling all your data off your phone without your permission (sold to law enforcement and govts) - so there's obviously some back doors open that Apple could close (whether these are the main vectors are another question).