Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
65,982
34,783



iPhone forensics expert, security researcher, and former jailbreak community developer Jonathan Zdziarski today announced he has accepted a position with Apple's Security Engineering and Architecture team. He did not reveal his official starting date or responsibilities at the company.

touchid.jpg
I'm pleased to announce that I've accepted a position with Apple's Security Engineering and Architecture team, and am very excited to be working with a group of like minded individuals so passionate about protecting the security and privacy of others.

This decision marks the conclusion of what I feel has been a matter of conscience for me over time. Privacy is sacred; our digital lives can reveal so much about us - our interests, our deepest thoughts, and even who we love. I am thrilled to be working with such an exceptional group of people who share a passion to protect that.
Zdziarski has provided input on a number of important iOS-related security matters over the years, ranging from Apple's high-profile battle with the FBI over unlocking an iPhone used by a shooter in the 2015 San Bernardino attack to smaller incidents such as a potential WhatsApp flaw uncovered last year.

Zdziarski was known as "NerveGas" within the jailbreaking community. He was formerly part of both the iPhone Dev Team and Chronic Dev Team.

Zdziarski used to be an active Twitter user, but it appears he has disabled his account recently, possibly due to his employment at Apple.

Article Link: Apple Hires iPhone Security Expert Jonathan Zdziarski
 
  • Like
Reactions: keysofanxiety
Expert? Dude is a laughing stock in the forensics industry.

He probably knows more than either you or I regarding the intricacies of iOS security. Also, he’s not necesarilly taking on executive level or even senior engineer level responsibilities. He could be a paid intern for all we know, based on this article.

Regardless, Apple should continue to hire people in the security field. It can only be good for consumers in the fight against black hats, whether individual, or state-sponsored.
 
  • Like
Reactions: macTW
He probably knows more than either you or I regarding the intricacies of iOS security. Also, he’s not necesarilly taking on executive level or even senior engineer level responsibilities. He could be a paid intern for all we know, based on this article.

Regardless, Apple should continue to hire people in the security field. It can only be good for consumers in the fight against black hats, whether individual, or state-sponsored.

Let me introduce you to OldSchoolMacGuy, he's been writing forensic analysis software since (probably) before I was born. Johnathon may know more about iOS security than *you* or *I* but I'd wager OldSchoolMacGuy has a very in depth knowledge of the subject matter.
 
Let me introduce you to OldSchoolMacGuy, he's been writing forensic analysis software since (probably) before I was born. Johnathon may know more about iOS security than *you* or *I* but I'd wager OldSchoolMacGuy has a very in depth knowledge of the subject matter.
If he knew more than Johnathan, Apple would have hired him.
 
Let me introduce you to OldSchoolMacGuy, he's been writing forensic analysis software since (probably) before I was born. Johnathon may know more about iOS security than *you* or *I* but I'd wager OldSchoolMacGuy has a very in depth knowledge of the subject matter.

Thanks for the kind words.

My point was simply that it's funny that the media (MacRumors specifically) often refers to him as an expert when his level of expertise is only slightly above that of the average user. He's the guy quick to go to the media and fluff up accomplishments but not really doing any real work.
[doublepost=1489515225][/doublepost]
If he knew more than Johnathan, Apple would have hired him.

Back in 2008 I met with Apple's iOS security team. We showed them a tool we'd developed that pulls out passwords, email history, text messages, location data, network information, browsing history and more from the iPhone. They still claimed it was secure, what we were doing was impossible (despite seeing it right before they own eyes) and refused to work with us. So we worked with Apple's government sales guys and sold the hell out of this product to law enforcement. They've only made minor changes since then which have required very minor work to keep this method of exploiting macOS and iOS security working.

Myself and my boss have spoken about computer forensics (Mac/iOS most often) at multiple MacWorlds, the DoD Cyber Crime Summit multiple years, numerous HTCIA events including their national event each year, and countless others across the world. I've trained law enforcement around the world in Mac/iOS examination. I created the concept and first software which have now become standard features in all major industry forensic tools. I may have some expertise on the topic.

You're assuming this is some big position they've offered him. MacRumors has frequently talked him up quite a bit. The reality is, he's a nobody within the world of computer forensics. Throw his name out at a conference and they'll have no idea who he is. Say someone else's name, like Andy Rosen, and they'll be able to tell you instantly about their contributions to computer security and forensics.
 
Let me introduce you to OldSchoolMacGuy, he's been writing forensic analysis software since (probably) before I was born. Johnathon may know more about iOS security than *you* or *I* but I'd wager OldSchoolMacGuy has a very in depth knowledge of the subject matter.

haha. Thank you for the warranted correction!

Thanks for the kind words.
My point was simply that it's funny that the media (MacRumors specifically) often refers to him as an expert when his level of expertise is only slightly above that of the average user. He's the guy quick to go to the media and fluff up accomplishments but not really doing any real work.
[doublepost=1489515225][/doublepost]

You're assuming this is some big position they've offered him. MacRumors has frequently talked him up quite a bit. The reality is, he's a nobody within the world of computer forensics. Throw his name out at a conference and they'll have no idea who he is. Say someone else's name, like Andy Rosen, and they'll be able to tell you instantly about their contributions to computer security and forensics.

I don’t know the validity of his “accomplishments” or “level of expertise,” however, I would agree that he’s likely not accepted a high-level position. If he had, I’m sure that would have been part of the announcement.

Maybe this is akin to “Apple hires renounded janatorial expert, Frank Johnson as part of its new Apple Park Sanitation Team."
 
Thanks for the kind words.

My point was simply that it's funny that the media (MacRumors specifically) often refers to him as an expert when his level of expertise is only slightly above that of the average user. He's the guy quick to go to the media and fluff up accomplishments but not really doing any real work.
[doublepost=1489515225][/doublepost]

Back in 2008 I met with Apple's iOS security team. We showed them a tool we'd developed that pulls out passwords, email history, text messages, location data, network information, browsing history and more from the iPhone. They still claimed it was secure, what we were doing was impossible (despite seeing it right before they own eyes) and refused to work with us. So we worked with Apple's government sales guys and sold the hell out of this product to law enforcement. They've only made minor changes since then which have required very minor work to keep this method of exploiting macOS and iOS security working.

Myself and my boss have spoken about computer forensics (Mac/iOS most often) at multiple MacWorlds, the DoD Cyber Crime Summit multiple years, numerous HTCIA events including their national event each year, and countless others across the world. I've trained law enforcement around the world in Mac/iOS examination. I created the concept and first software which have now become standard features in all major industry forensic tools. I may have some expertise on the topic.

You're assuming this is some big position they've offered him. MacRumors has frequently talked him up quite a bit. The reality is, he's a nobody within the world of computer forensics. Throw his name out at a conference and they'll have no idea who he is. Say someone else's name, like Andy Rosen, and they'll be able to tell you instantly about their contributions to computer security and forensics.
Unless you're the biggest bu**shi**er, faker with the gift of the gab, I respect a guy who can back up a statement with facts. Kudos.

Re: "Thanks for the kind words"..... lol
 
  • Like
Reactions: OldSchoolMacGuy
Back in 2008 I met with Apple's iOS security team. We showed them a tool we'd developed that pulls out passwords, email history, text messages, location data, network information, browsing history and more from the iPhone. They still claimed it was secure, what we were doing was impossible (despite seeing it right before they own eyes) and refused to work with us. So we worked with Apple's government sales guys and sold the hell out of this product to law enforcement. They've only made minor changes since then which have required very minor work to keep this method of exploiting macOS and iOS security working.

For a 4S + iPhone this is only possible if the passcode/PINis known though? Most of the forensic tools just emulate an iTunes backup using the Apple services framework with a few extra tricks for older versions of iOS that allowed them to go traversing parts of the filesystem. That's correct isn't it?

I know Cellebrite have their CAIS service which operates differently and allows access to newer devices and iOS versions but otherwise I don't think I'm missing anything?

I'm assuming that these are stock iOS devices and they're not running an easily bypassaple version, e.g iOS 7, that we're talking about?

Rattling off a few mainstream forensic companies such as XRY, Cellebrite, BlackBag, Oxygen, and even AccessData and EnCase is your tool within one of these? I think I would make an educated guess based on what you've said but I'm curious to know if there's another tool that's escaped my attention?
 
Back in 2008 I met with Apple's iOS security team. We showed them a tool we'd developed that pulls out passwords, email history, text messages, location data, network information, browsing history and more from the iPhone... They've only made minor changes since then which have required very minor work to keep this method of exploiting macOS and iOS security working.
2008 was the year of the iPhone 3G... has the security in the hardware really not advanced a lot since then? Wasn't iOS 8 like a humongous security update? Or was that all just marketing? Genuinely curious.
 
2008 was the year of the iPhone 3G... has the security in the hardware really not advanced a lot since then? Wasn't iOS 8 like a humongous security update? Or was that all just marketing? Genuinely curious.

Much of the security has gotten vastly better. Sadly, the way it's implemented and stored is still the same and that make it very easy to exploit.
 
Much of the security has gotten vastly better. Sadly, the way it's implemented and stored is still the same and that make it very easy to exploit.

You just dropped a massive info bomb on us :)

I'm guessing your Mac/iPhone are patched against those tools :)
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.