Apple Addresses iOS 'Backdoor' Concerns by Outlining Legitimate Uses for Targeted Services [Updated]

[elev8d]

My first guess when I read about these "backdoors" was that there probably was a legitimate use for all of them and they were there for uses where the full device encryption introduced in iOS4 would become an issue. The obvious clue was that it required a paired machine the user of the iPhone had to confirm before the encryption related keys would be shared. For a data thief or spy this would mean that they would have to trick the target first into pairing their phone with one of their devices before being able to even decrypt any of the data.

However I doubt this will do anything to deter the anti-Apple diehards who will keep on using this as evidence of ether NSA backdoors or Apple's shoddy security.

Complaining about this is like complaining that a door is a security risk because you can leave it unlocked if you want to...

You didn't read the report. This backdoor allows someone to bypass your passcode and encryption to access personal information on your phone. It doesn't matter if your phone is locked. For the record, I like Apple's products and ecosystem quite a bit. This code however can be used for the wrong purposes and is a security risk.

----------

What, exactly, does a story on iOS security and the data Apple mines from you have to do with Politics, Religion, Social Issues... then Mac Rumors? Or did you want to control who could post on this topic?

I think so, really don't need the thread getting flamed because it's controversial. I appreciate that they are keeping the thread to people that are more seriously interested in Apple.

----------

Again you say it, but haven't proven it. Show, or even just find, proof that someone can violate a non jailbroken phone using any of these.

So I guess what we need are a host of independent researchers to verify that these flaws exist. Any takers?

 

[Tech198]

The guy IS a forensic expert after all.

However, I do agree with this statement :- "This seems far more like a useful tool than a nefarious one to me."

If your a expert in anything of course you can find "leakages all over" that probably haven't been picked up. That's what they do.

I would have actually preferred this from non-forensic person, then i would believe this.

I would still say "Why did this take so long to bring to light ?" If its such a problem, then it would have been found quickly, like Location services.

 

[PocketSand11]

Again you say it, but haven't proven it. Show, or even just find, proof that someone can violate a non jailbroken phone using any of these.

That's what the hacker Zdziarski already found. Maybe we'll see a demo soon.

----------

What, exactly, does a story on iOS security and the data Apple mines from you have to do with Politics, Religion, Social Issues... then Mac Rumors? Or did you want to control who could post on this topic?

The NSA is a hot topic these days.

 

[snowmoon]

I guess we shouldn't mention that ever Mac ships with a packet inspection tool as well ( tcpdump ).... it could be used by a hacker, alert the media!

 

[iHEARTcartoons]

Apple isn't the problem. What if a hacker uses one of those backdoors to take my bank account info or some passwords?

I would be way more worried about "iPhone 5 w/ iOS 7 (jailbroken)". I understand the appeal and many moons ago I did the same on my first iPhone, but that's way more scary than anything Apple may have built in. Not that Apple is impervious to hacking, but history has shown it's not very likely to happen.

 

[PocketSand11]

I would be way more worried about "iPhone 5 w/ iOS 7 (jailbroken)". I understand the appeal and many moons ago I did the same on my first iPhone, but that's way more scary than anything Apple may have built in. Not that Apple is impervious to hacking, but history has shown it's not very likely to happen.

History has also shown that jailbroken phones aren't less secure than normal ones, but I understand what you mean. I don't know what they're putting on my phone. The one assurance of safety I have is that the people in charge of these jailbreaks seem dedicated to security.

 

[iHEARTcartoons]

History has also shown that jailbroken phones aren't less secure than normal ones, but I understand what you mean. I don't know what they're putting on my phone. The one assurance of safety I have is that the people in charge of these jailbreaks seem dedicated to security.

Agreed At the end of the day Apple has had a great track record and one of the main selling points is we don't have to deal with hacking like on the PC side of the world.

 

[JAT]

You didn't read the report. This backdoor allows someone to bypass your passcode and encryption to access personal information on your phone. It doesn't matter if your phone is locked. For the record, I like Apple's products and ecosystem quite a bit. This code however can be used for the wrong purposes and is a security risk.

Yeah. If they already have access to your computer, or you've logged into public wifi. So, they've already hacked through a password or your silliness.

I mean, you guys don't use public wifi, right? It would be funny if you did.

 

[2984839]

Yeah. If they already have access to your computer, or you've logged into public wifi. So, they've already hacked through a password or your silliness.

I mean, you guys don't use public wifi, right? It would be funny if you did.

Not necessarily. He mentions juice jacking in the slides as a possible method of establishing pairing with the device. Law enforcement has tools to do this as do others.

http://www.zdziarski.com/blog/?p=2307#more-2307

edit: And frankly, it's not too much to ask for a device to be secure on public wifi.

 

[snowmoon]

Not necessarily. He mentions juice jacking in the slides as a possible method of establishing pairing with the device. Law enforcement has tools to do this as do others.

http://www.zdziarski.com/blog/?p=2307#more-2307

edit: And frankly, it's not too much to ask for a device to be secure on public wifi.

iOS 7 and up created "trusted pairing" explicitly to prevent juice jacking.

 

[Mums]

This doesn't sound legit. Even if these genuinely are not meant to be backdoors, these are still three security holes that they show no sign of fixing.

Correct logic.

 

[JAT]

Not necessarily. He mentions juice jacking in the slides as a possible method of establishing pairing with the device. Law enforcement has tools to do this as do others.

http://www.zdziarski.com/blog/?p=2307#more-2307

edit: And frankly, it's not too much to ask for a device to be secure on public wifi.

Is it also too much to ask to walk through the wrong ghetto if you are the wrong color? Live in the real world, don't make it up in your head. Don't be stupid. Public wifi has whatever rules that location makes up. Did you read that EULA? Just don't.

Personally, I never charge in such places. But I do own a USB dongle that should prevent jacking. Maybe I'll use it one day.

Incidentally, I love how this topic is shown in the show Person of Interest.

 

[OldSchoolMacGuy]

It sounds like you work for a company that specializes in software providing access to iPhone data.

If you don't mind me asking - what kinds of stuff could you get from an iPhone with a wifi or cellular(?) connection and no user approval (& iOS 7)? Or the backup data on the Mac?

Over wifi or cellular, you can grab most of what isn't encrypted. There are some tools that allow you to grab cellular but only the largest of government agencies have access to them and have the legal authority to use them. Even with very large cases I've worked with those agencies those things are almost never deployed. Generally we aren't grabbing over the airwaves.

From the iTunes desktop backup file, you can grab everything. All the data from your phone is stored there for the most part. Pictures, email, texts, contacts, browsing history, and everything else.

 

[Swift]

How does this title sound?

Google Addresses Android 'Backdoor' Concerns by Outlining Legitimate Uses for Targeted Services

If you mood changes from positive to negative then you know your a Apple fanboy.

No, because Google doesn't really care as much about your security. They sell the lack of security as "openness." Their business model depends on you sharing with them. Apple wants your Apple ID. If they keep it safe, they might have a really secure way of buying things. Use your thumbprint, done.

 

[2984839]

Is it also too much to ask to walk through the wrong ghetto if you are the wrong color? Live in the real world, don't make it up in your head. Don't be stupid. Public wifi has whatever rules that location makes up. Did you read that EULA? Just don't.

Personally, I never charge in such places. But I do own a USB dongle that should prevent jacking. Maybe I'll use it one day.

Incidentally, I love how this topic is shown in the show Person of Interest.

I have never seen public wifi rules that permit them to access data off of your device, which is what this report addresses. I'm not talking about data transit security through a public wifi router--that always will be a problem and is out of Apple's hands.

However, services running or installed on a device that expose unencrypted personal info and can be accessed over wifi are a problem and are well within Apple's ability to fix, as is the juice jacking issue. Fixing those holes should be a no brainer. I'm glad they at least tried to address juice jacking, but it still is not a perfect solution by any means.

 

[newagemac]

Why would Android's security questions matter to a person using an iOS device?

What if Android did address their security questions? Would that somehow change the issue for Apple?

You're doing what my kids try to do; blame shifting. One gets in trouble and decides to tell on the other thinking what they did will be magically forgotten.

It doesn't work for my kids and it's not working here.

No. Actually the reason I am asking is because I use both platforms. I have to because I'm a developer. But it bothers me that I have stuff linked to my Android devices that is apparently compromised according to security researchers that Google apparently does not care to address.

 

[gnasher729]

Really happy with how transparent apple is seeming to be. Hopefully they fully explain the situation and if something is going on they will admit it and fix it. This is the first step in the right direction.

What you say does absolutely make no sense. Either Apple is transparent or they are not. You should be happy if they are transparent. You should be unhappy if Apple only seems to be transparent, but isn't (in other words: If their statements are lies). So what are you saying? Do you suspect Apple is lying? If that's what you think then say so. If Apple is saying the truth, and there is no reason not to believe this, then this isn't "a first step in the right direction", it's the right step and the last thing you hear of it from Apple.

 

[69Mustang]

No. Actually the reason I am asking is because I use both platforms. I have to because I'm a developer. But it bothers me that I have stuff linked to my Android devices that is apparently compromised according to security researchers that Google apparently does not care to address.

Then apologies to you sir. Your comment looked similar to the deflective comments we see on MR when Apple sees any criticism. Instead of addressing the issue with a cogent argument we get, 'well Samsung..., but Microsoft..., Google did..., and the like. In error, I lumped your comment in that category. Again, apologies.

 

[gnasher729]

This doesn't sound legit. Even if these genuinely are not meant to be backdoors, these are still three security holes that they show no sign of fixing.

What evidence do you have that there are security holes? You heard it from a "security expert"? Ask yourself what makes him a "security expert" other than the fact that he calls himself a "security expert".

Any service with the name "house_arrest" raises some red flags.

Absolutely. Apple needs to rename it to "trust_me_I_know_exactly_what_I_am_doing" or "nothing_to_see_here".

I always love how everyone always freaks out about these kind of things... OMG Apple may be back-dooring my phone and they may know that I spend way too much time playing Monopoly slots, sent a few texts, made a few phone calls, allegedly may have looked at some pron, and that I read a lot of MacRumors!!!

Does anyone rely believe that Apple would build in a back-door _that some random hacker could find_? Not that Apple has any reason to have any back door, and it would be a rather idiotic idea for Apple to add one, but if they did, surely it would be invisible until it is actually used.

 

[gnasher729]

The second one sounds like it could be a potential issue, "with user permission", what does that mean? If they just say "hey can I check out your data" or throught passcodes? If it's the first one, then It is a legit problem.

Everyone with a Mac knows exactly how this works. When you plug an iOS device into a Mac with a USB cable, iOS will ask you whether you trust this computer. You click yes or no. If you click yes, then the Mac can for example do backups, and other things (you said you trust this computer, right? ). If you click no, then the Mac cannot access _anything_ on the iOS device.

Now if your iOS device has problems, you take it to a store, and the genius at the store wants to access diagnostic information to fix the problem, the phone needs to be unlocked which only you can do, and you should know that once you hand over an unlocked phone, lots of things are not safe. If you don't trust that genius, then don't hand over your unlocked phone. It may be that the phone can't be repaired.

Yea, I just wasn't sure if it worked even if the phone wasn't unlocked.

You have to click a button on the phone, and to be able to do that, you first have to unlock your phone. (If you have no passcode, then obviously anyone can unlock your phone, and nothing on your phone is safe. No backdoor needed. ).

 

[goobot]

Everyone with a Mac knows exactly how this works. When you plug an iOS device into a Mac with a USB cable, iOS will ask you whether you trust this computer. You click yes or no. If you click yes, then the Mac can for example do backups, and other things (you said you trust this computer, right? ). If you click no, then the Mac cannot access _anything_ on the iOS device.

Now if your iOS device has problems, you take it to a store, and the genius at the store wants to access diagnostic information to fix the problem, the phone needs to be unlocked which only you can do, and you should know that once you hand over an unlocked phone, lots of things are not safe. If you don't trust that genius, then don't hand over your unlocked phone. It may be that the phone can't be repaired.

Yea, I just wasn't sure if it worked even if the phone wasn't unlocked.

 

[gnasher729]

I don't (trust Apple).

In that case, you should find a phone manufacturer who you trust. If you find one, get rid of your iPhone and buy their phone. Feel free to post here what makes you trust them. If you find nobody who you trust enough, either get rid of your phone, or make sure there is nothing on your phone that you don't mind being found out. Again, if you find someone you trust _more_ than Apple (but not completely), you should get rid of your iPhone and possibly buy their phone, and tell us what makes you trust them more than Apple.

 

[PocketSand11]

What evidence do you have that there are security holes? You heard it from a "security expert"? Ask yourself what makes him a "security expert" other than the fact that he calls himself a "security expert".

He's a jailbreaking and forensics expert, according to the MacRumors article. He has credibility; just Google his name. Here's an article about one of his methods: https://viaforensics.com/resources/white-papers/iphone-forensics/zdziarski/

 

[ricosuave]

Your sentence is missing a question mark. You spelled Android incorrectly. What does that say about you?

It's not a question.

 

[SarcasticJoe]

You didn't read the report. This backdoor allows someone to bypass your passcode and encryption to access personal information on your phone. It doesn't matter if your phone is locked. For the record, I like Apple's products and ecosystem quite a bit. This code however can be used for the wrong purposes and is a security risk.

The device needs to be unlocked and the user needs to confirm the attacking device being put on the list of trusted devices before any of this will work. Sure, the user doesn't need to do all this every time someone using this wants to pull their data off the device, but the user still has to do it at some point BEFORE it'll work.

The metaphor about leaving a door unlocked maybe wasn't 100% accurate, but a more accurate one would be leaving a door unlocked, but possibly giving the keys to someone you shouldn't.

The only real threat here is if someone is does a man-in-the-middle attack at the same time and is able to catch the otherwise encrypted data as it passes from one device to the other. All they need to do to fix that is force encryption even with these services as the both devices share the encryption keys.