Zdziarski confirms that iOS is reasonably secure from attack by a malicious hacker, but notes that the mobile OS includes several forensic services and noticeable design omissions that make the OS vulnerable to snooping by forensic tools.
These services, such as "lockdownd," "pcapd" and "mobile.file_relay," can bypass encrypted backups to obtain data and can be utilized via USB, Wi-Fi and possibly cellular. They also are not documented by Apple and are not developer or carrier tools as they access personal data that would be not used for network testing or app debugging purposes.
While detailing these backdoors, Zdziarski makes it clear he is not a conspiracy theorist, but does want to know why Apple appears to be deliberately compromising the security of the iPhone and opening the door to professional, covert data access.
Zdziarski also notes that he isn't the only one aware of these backdoors. Several existing forensic software companies, such as Cellebrite and Elcomsoft, are already exploiting them as part of the forensic services they provide to law enforcement.
Consumers who want to limit access to these backdoor services are advised by Zdziarski to enable a complex passcode in iOS and use the enterprise Apple Configurator application to set Mobile Device Management (MDM) restrictions and enable Pair locking which will delete all pairing records. This solution will block third-party forensic software, but won't protect the device contents if it is sent to Apple for analysis.
Update 7:00 PM PT: Apple has released a statement to Tim Bradshaw of the Financial Times, denying Zdziarski's claims.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Article Link: Forensic Expert Questions Covert 'Backdoor' Services Included in iOS by Apple
