If you don't trust Apple, then don't lend them the freaking phone. That's not like they can remotely access my phone.
So, Apple needs to step up there and have a simple option to disable all diagnostic information, period.
With all these security flaws, no wonder the President doesn't use an iPhone.
With all these security flaws, no wonder the President doesn't use an iPhone.
You must be kidding. Apple would never want to admit it, until it's shown and proven dot by dot. Only then...you will hear something close to admitting, maybe.
Dude, what part of "Settings" are you missing? It's there. Already.
No step up required. Except maybe yours.
Dude, there is no setting to disable diagnostics completely. The setting you're referring to, it is for disabling the sending of diagnostic info to Apple. That does not prevent the info from being created and stored on the device without encryption, those services are running all the time by default on everyone's iOS device even if they have the option disabled.
There's also no way to turn on your car without the OBDII diags running. Should you not drive your car?
Security issues[edit]
Researchers at the University of Washington and University of California examined the security around OBD, and found that they were able to gain control over many vehicle components via the interface. Furthermore, they were able to upload new firmware into the engine control units. Their conclusion is that vehicle embedded systems are not designed with security in mind.[26][27][28]
There have been reports of thieves using specialist OBD reprogramming devices to enable them to steal cars without the use of a key.[29] The primary causes of this vulnerability lie in the tendency for vehicle manufacturers to extend the bus for purposes other than those for which it was designed, and the lack of authentication and authorization in the OBD specifications, which instead rely largely on security through obscurity.[30]
Dude, there is no setting to disable diagnostics completely. The setting you're referring to, it is for disabling the sending of diagnostic info to Apple. That does not prevent the info from being created and stored on the device without encryption, those services are running all the time by default on everyone's iOS device even if they have the option disabled.
WTF? OBDII isn't storing all the gps locations, storing all of my email account info, wireless keys, twitter account information, photos, and deleted files that's recoverable.
Realistically just how much info can be house on an iPhone? The things don't have much storage to begin with. You reveal far more personal information every time you go online and buy Something.Great first steps, now one more step is to allow the user to opt out on all diagnostic information. One of the problems with _Don't send info to Apple_ is that while it is disabling the sharing of information to Apple, it does not prevent those services from recording the information in the first place. That means your iOS device is still hoarding all sorts of personal information without your knowledge and consent, even though you're not sharing it with Apple. The info can be retrieved illegally and/or with legit forensic tools.
So, Apple needs to step up there and have a simple option to disable all diagnostic information, period. I don't care about legitimate users for these services, they're not required and they're storing information I don't want iOS to store in the first place that's not encrypted with my passcode.
And neither are these services. See how that works?
So how are devleoper suppose to better their apps and as far as that go how is apple suppose to better their systems? Some of us really want to see iOS get even better which is why we run beats and submit big reports to Apple.
Realistically just how much info can be house on an iPhone? The things don't have much storage to begin with. You reveal far more personal information every time you go online and buy Something.
You have a mighty load of self importance here don't you. There is nothing a rational person would put on an iPhone that isn't already sitting on hundreds of computers at various business that people deal with.
There is nothing a rational person would put on an iPhone that isn't already sitting on hundreds of computers at various business that people deal with.
Says who? This is exactly what the security researcher is pointing out in his research, these services are storing these information. He was able to extract these information from his device.
Remember, Apple did in the past leaked private information on iOS devices via GPS locations and they fixed it later on by encrypting the database. That's what researcher is asking for, to encrypt these data being generated by the services and/or disable the services from running.
Apple has not denied these services are not storing these info, they're focusing on saying the information does not leave the device but Apple never said the information is not being stored.
What?I don't think that means what you think it means.
These services, such as "lockdownd," "pcapd" and "mobile.file_relay," can bypass encrypted backups to obtain data and can be utilized via USB, Wi-Fi and possibly cellular.
I always love how everyone always freaks out about these kind of things... OMG Apple may be back-dooring my phone and they may know that I spend way too much time playing Monopoly slots, sent a few texts, made a few phone calls, allegedly may have looked at some pron, and that I read a lot of MacRumors!!!
Apple isn't the problem. What if a hacker uses one of those backdoors to take my bank account info or some passwords?
LOL didn't read.
1. com.apple.mobile.pcapd
pcapd supports diagnostic packet capture from an iOS device to a trusted computer
2. com.apple.mobile.file_relay
file_relay supports limited copying of diagnostic data from a device.
3. com.apple.mobile.house_arrest
house_arrest is used by iTunes to transfer documents to and from an iOS device
Zdziarski says what I'd say about this. It doesn't matter what Apple plans to do with these. They shouldn't be on my phone regardless.These services, such as "lockdownd," "pcapd" and "mobile.file_relay," can bypass encrypted backups to obtain data and can be utilized via USB, Wi-Fi and possibly cellular.
Great first steps, now one more step is to allow the user to opt out on all diagnostic information. One of the problems with _Don't send info to Apple_ is that while it is disabling the sharing of information to Apple, it does not prevent those services from recording the information in the first place. That means your iOS device is still hoarding all sorts of personal information without your knowledge and consent, even though you're not sharing it with Apple. The info can be retrieved illegally and/or with legit forensic tools.
So, Apple needs to step up there and have a simple option to disable all diagnostic information, period. I don't care about legitimate users for these services, they're not required and they're storing information I don't want iOS to store in the first place that's not encrypted with my passcode.
With all these security flaws, no wonder the President doesn't use an iPhone.
Call me an Apple fanboy or whatever, But I 100% trust Apple.
I know Steve Jobs cared 100% about this company. The man stopped working only when it was physically impossible for him to go to work. I heard he even was talking about the iPhone 5 a day before he died to Tim Cook.
I know I know I shouldn't compare Steve to Tim. But I also believe Tim cares just as much as Steve did about Apple. They are honest and truly care about its products.
Im lovin there transparency to prove these Apple bashers wrong!
So, we are now to the point where discussions of iOS processes are PRSI??
Somebody may be taking things a little too seriously.
Call me an Apple fanboy or whatever, But I 100% trust Apple.