Is Apple Leaving an iOS ‘Backdoor’ Open For Government?
Is somebody watching me? The question that has been brought to you by George Orwell and Rockwell. Thanks to Edward Snowden, we now realize the fears of the past were in fact true. There is someone watching you. After the Edward Snowden documents leaked the US government’s massive spying operation, we have been getting steady drips of information as to who, what, where, and why. In August, Google users had to worry about the FBI snooping. Last September, Spiegal reported the U.S. National Security Agency had slides listing Steve Jobs as “Big Brother” and outlining a cooperation between Apple and the NSA. Following that report, The Daily Dot reported that a program called “DROPOUTJEEP,” a program that was meant to provide a “backdoor” into Apple’s iOS, existed exclusively for the agencies spying activities. Essentially, a backdoor is a hidden remote access from an outside source to the accessed device that allows the outside source to have near full access to the device with little detection. Apple denied the allegations.
Forensic Scientist and Apple iPhone jailbreak expert Jonathan Zdziarski recently attended Hackers On the Planet Earth, or Hope/X, and performed a presentation of how Apple intentionally installed several backdoor security mechanisms. These backdoors allow Apple, and government agencies, to have covert data collection access, ZDnet reports. Though Mr. Zdziarski confirmed that iOS is still “reasonably secure” from outside sources, it contains multiple “design omissions” and “forensic services” that allow forensic tools to access iOS’s encrypted user backup data. The service’s files that allow the covert access are “lockdownd,” “pcapd,” and “mobile.file_relay.” Mr. Zdziarski stated these services can be accessed via Wi-Fi and USB. According to MacRumors, Jonathan Zdziarski stated he is not a “conspiracy theorists,” but says:
“I am not suggesting some grand conspiracy; there are, however, some services running in iOS that shouldn’t be there, that were intentionally added by Apple as part of the firmware, and that bypass backup encryption while copying more of your personal data than ever should come off the phone for the average consumer. I think at the very least, this warrants an explanation and disclosure to the some 600 million customers out there running iOS devices. At the same time, this is NOT a zero day and NOT some widespread security emergency. My paranoia level is tweaked, but not going crazy. My hope is that Apple will correct the problem. Nothing less, nothing more. I want these services off my phone. They don’t belong there.”
MacRumors stated Apple released a statement to the Financial Times, in regards to the iOS backdoor issue detailed by Jonathan Zdziarski, and the statement read:
“We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers, and Apple for troubleshooting technical issues. A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent.
As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services.”
Unfortunately, it is hard to know what to make of it all. It seems hard to believe so many would lie about it. It has officially come from three different sources alleging similar accusations. Two of them, providing visual proof. So, is Apple merely utilizing these programs for “diagnostic data” and those who have reported these issue simply hate Apple iOS, or is this a disturbing trend that Apple better own up to if they want to keep their customers? Pick your poison.
