Do 600 million iOS devices have backdoors built into them by Apple, allowing easy data collection? Yes, says forensic scientist Jonathan Zdziarski.
Zdziarski, who wrote “Hacking and Securing iOS Applications,” spoke at the Hackers on Planet Earth Conference in New York.
Urgent: Do You Approve Or Disapprove of President Obama's Job Performance? Vote Now in Urgent Poll
In his speech, titled "Identifying Backdoors, Attack Points and Surveillance Mechanisms in iOS Devices," Zdziarski discussed "a number of undocumented high-value forensic services running on every iOS device" and
"suspicious design omissions in iOS that make collection easier," ZDNet reported. He also gave examples of information pulled from the device that shouldn’t be available without user consent.
The iPhone is "reasonably secure" from being accessed by most attackers, Zdziarski said, but noted Apple’s guidelines that say the company makes sure to “ensure that it can access data on end-user devices on behalf of law enforcement.”
Zdziarski detailed numerous ways data can be accessed, as well as explained how law enforcement can access data.
In his summary slide to the talk, Zdziarski expressed several concerns, including, “Apple is dishing out a lot of data behind our backs,” and, “There is no valid excuse to leak personal data or allow packet sniffing without the user’s knowledge and permission.”
In addition, he said that much of the data should never come off the phone, even during a backup situation.
And, “Overall, the otherwise great security of iOS has been compromised ... by Apple ... by design,” Zdziarski told conference attendees.
The news that Apple might have intentional backdoors bothered some people online.
Urgent: Assess Your Heart Attack Risk in Minutes. Click Here.
Related Stories: