Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Forensic Expert Questions Covert 'Backdoor' Services Included in iOS by Apple

kingtj said:
it strikes me as VERY odd that we don't seem to have a *single* security/encryption product we can use for a home computer today that isn't subject to question/doubt about its effectiveness.

I mean, TrueCrypt appeared to be about the closest thing to it, and then we found out the developer(s) mysteriously dropped all official support for updating it -- and the latest revisions are all suspect as to who updated them and what security compromises might be in them.

Practically all of the other encryption/security products are believed to be back-doored by our government, if not other entities.

I have to think that reality is, if you build a truly secure solution, you'll receive a visit, eventually, from people in "high places" who will make it very clear that you best add a back door for them, or else.....
Click to expand...

Truecrypt had a number of question marks though. Nobody could ever generate a binary that matched the binaries on Truecrypt's site, the Windows version wrote random data to the last 65024 bytes of the header whereas the Linux version wrote zeroes (nobody knows what that random data was for), the devs were anonymous, it was never truly open source, and the Truecrypt Foundation was listed as being located in Antarctica for a while.

By themselves, none of these things are a huge deal and could have reasonable explanations. The problem comes when they are all combined. It raised some eyebrows in the security community.
 
braddick said:
Statistically, very few of us live such colorful/interesting lives whereas monitoring of it would be beneficial to an outside source. Yet, with that stated, sure- this information provided in this blog is disturbing.
Click to expand...

You'd be surprised. It's not necessarily the case that you would be targeted because the government thinks you're a spy or terrorist. Location services have already been used in other countries to note individuals that show up at certain political demonstrations.

That may not seem likely to happen here in this day and age, but one never knows what type of government we'll have in the future. If we wait until some type of repressive regime comes into power to protect our privacy it will already be too late.
 
dumastudetto said:
There is no reason to believe Apple would ever do anything to deliberately compromise the security of our data. Apple is the one company that strives to do everything to protect us and our privacy from prying eyes.
Click to expand...
Really? Do you honestly believe this - :rolleyes:

I would not be surprised if there was a hushed super injunction/court order demanding this information!
TheHateMachine said:
Ignorance is bliss!
Click to expand...
Quite,

cmichaelb said:
Steve Jobs did- he wouldn't allow anyone to have any backdoor into Apple software.

6 months after he died, Apple joined the PRISM program. The new Apple is not like the old Apple.
Click to expand...
Good ol' days of Job's apple are long over - :(
 
kingtj said:
I have to think that reality is, if you build a truly secure solution, you'll receive a visit, eventually, from people in "high places" who will make it very clear that you best add a back door for them, or else.....
Click to expand...

I've heard similar things about people who make breakthroughs in efficient engines which allow them to run at over 100mpg, or utilize other alternative energy sources. Some big oil clown shows up, and either threatens them or buys them out. Might just be a conspiracy theory, but who knows for sure. I just know that I'm always hearing about these breakthroughs and then poof, never heard of again.

Perhaps the best thing to do when building a truly secure system is to not use it publicly until you're sure that it's truly secure. Then once you do, tell the world. If it works, nobody should ever show up because you're untraceable. If it doesn't, then you're still flagged and good luck making something better while they're watching you.
 
Not that I don't believe there are security holes in iOS, but I'll read any article from a previously unknown "security researcher" with a big grain of salt. There's an ulterior motive here, and that is to generate free PR.

For instance, one of the "holes" he talks about is a process that can siphon data from your phone, unencrypted, over USB or WiFi?

And gee, what happens when you run a backup of your phone in iTunes? Notice the little checkbox that says "encrypt backups" with a button to set a different password? Well, how else is that going to happen if the phone doesn't hand the data to iTunes unencrypted?

I want to see a reasonable demonstration of the data being compromised by a third party before I'll believe a security researcher. Again, I don't believe there are no holes in iOS, just that I want to see specific evidence when someone makes specific claims.

Update: LOL, I stumbled across upon this old post. Funny how I thought he was "previously unknown" researcher at the time. I've also learned of ways to send encrypted data to be re-encrypted safely. Oh well, I've learned a lot since then.
 
Last edited:
  • Like
Reactions: powers74
simonmet said:
This story just cost you an iPhone 6 sale Apple.

I've had a gut full.

Now is anyone else making a truly secure handset that's fully encrypted with no backdoors? How about an OS too?
Click to expand...

BlackBerry with BES service (~$15 a Month per phone over your wireless service) will get you encrypted e-mail, messaging etc. to other people using a Blackberry with BES (not sure if this works going to other BES servers/services or not). At Snowden document time, BlackBerry's still required effort from the NSA to access (unlike iOS and Android), hopefully that's still the case. I'm seriously considering this (for intra-family communications) just to give the govt the finger...this stuff from Apple, if it pans out, may push me over the edge.

For an OS, you're looking at Linux of some sort, depending on how far down you want to pull that tinfoil hat (which I wear nowadays), it can be "easy" to use or hard (Tails). Seems like all U.S. commercial OS vendors should be considered totally compromised (based on what we've found out over the last year).

The follow on thought - if Apple has compromised iOS for the NSA/Govt. they probably have compromised OS X as well.

556fmjoe said:
Truecrypt had a number of question marks though. Nobody could ever generate a binary that matched the binaries on Truecrypt's site, the Windows version wrote random data to the last 65024 bytes of the header whereas the Linux version wrote zeroes (nobody knows what that random data was for), the devs were anonymous, it was never truly open source, and the Truecrypt Foundation was listed as being located in Antarctica for a while.

By themselves, none of these things are a huge deal and could have reasonable explanations. The problem comes when they are all combined. It raised some eyebrows in the security community.
Click to expand...

The 2nd part of the code audit (the encryption part of the code) is being conducted this summer and should either confirm suspicions or dispel them. Since the feds appeared to not be able to crack TrueCrypt HD's in several instances, I'm betting nothing nefarious will show up...but we'll see.
 
Last edited:
jennyp said:
Oh, come on. Can you 'prove' anything at all, whatsoever?
Click to expand...

Yeah, you can.

----------
benthewraith said:
He's not the only one that's come forward with that information. The NSA has a history of it.
Click to expand...

Unless there is actual evidence of this, it's the NSA's word vs the interviewees' words. I don't see how you could trust either one.

----------
dumastudetto said:
There is no reason to believe Apple would ever do anything to deliberately compromise the security of our data. Apple is the one company that strives to do everything to protect us and our privacy from prying eyes.
Click to expand...
If you doubt the integrity of this story, there was the recent "goto fail" SSL bug they on purposely left unfixed for anyone who dared not update to iOS 7 on a device that could support it. That seems deliberate.
 
It's been plainly obvious for a long time that Apple has been facilitating back door access to iOS devices. For profit corporations such as Elcomsoft, AccessData, and Cellebrite make products that can easily pull data from iOS devices, yet Apple sits back and does little to nothing to prevent it. Apple, in fact, owns and uses Cellebrite devices in Apple Stores. At least we now know in more detail how these products work.

-iTG
 
macduke said:
If this is true, then this sucks, but what can we honestly do about it? Switch to Android? Oh sure, I bet Android is so much more secure. Yeah right. I'm starting to think it's time to make another revolution. I've got a garage, a background in design, and I'm an a**hole who is bold enough to think that I can change the world. Any hardware engineers and software developers care to join me? Nothing will change until we make it happen. If Apple turns into the new IBM then we're all screwed. It's far better to be proactive than to sit around and hope that things get better. That's what Steve did, and I'll be damned if I'll sit around while his vision gets bastardized.
Click to expand...

I'm all in. I don't know where we're going or what we're doing but I'm all for being proactive.
 
PocketSand11 said:
If you doubt the integrity of this story, there was the recent "goto fail" SSL bug they on purposely left unfixed for anyone who dared not update to iOS 7 on a device that could support it. That seems deliberate.
Click to expand...

AFAIK there is no established way, programmatically, for iOS to offer an update to a non-latest version while also allowing other users of the same device to update to iOS 7. In other words, I don't believe Apple actually has the ability to push 6.1.6 to those devices without simultaneously disabling the ability to install iOS 7... unless they were to rewrite the code to allow this sort of thing to happen (requires an update, something they couldn't push without disabling access to iOS 7 anyways).

Whether this is a programming "problem" that is deliberate (i.e., to get people to the latest iOS) is actually irrelevant because, as it currently is, I don't think they had any other choice.
 
scottwaugh said:
BlackBerry with BES service (~$15 a Month per phone over your wireless service) will get you encrypted e-mail, messaging etc. to other people using a Blackberry with BES (not sure if this works going to other BES servers/services or not). At Snowden document time, BlackBerry's still required effort from the NSA to access (unlike iOS and Android), hopefully that's still the case. I'm seriously considering this (for intra-family communications) just to give the govt the finger...this stuff from Apple, if it pans out, may push me over the edge.

For an OS, you're looking at Linux of some sort, depending on how far down you want to pull that tinfoil hat (which I wear nowadays), it can be "easy" to use or hard (Tails). Seems like all U.S. commercial OS vendors should be considered totally compromised (based on what we've found out over the last year).

The follow on thought - if Apple has compromised iOS for the NSA/Govt. they probably have compromised OS X as well.



The 2nd part of the code audit (the encryption part of the code) is being conducted this summer and should either confirm suspicions or dispel them. Since the feds appeared to not be able to crack TrueCrypt HD's in several instances, I'm betting nothing nefarious will show up...but we'll see.
Click to expand...

The Truecrypt audit is going to be very interesting. My main concern regarding the actual encryption routine was that the KDF only used 1000 rounds and was not user configurable. The implementation seems solid, if complex. Any backdoors would be hidden in the precompiled binary rather than the source code IMHO, which would be very effective since only a miniscule percentage of people would compile Truecrypt themselves.
 
This may be the end of Iphone sales in China.

----------
Parasprite said:
AFAIK there is no established way, programmatically, for iOS to offer an update to a non-latest version while also allowing other users of the same device to update to iOS 7. In other words, I don't believe Apple actually has the ability to push 6.1.6 to those devices without simultaneously disabling the ability to install iOS 7... unless they were to rewrite the code to allow this sort of thing to happen (requires an update, something they couldn't push without disabling access to iOS 7 anyways).

Whether this is a programming "problem" that is deliberate (i.e., to get people to the latest iOS) is actually irrelevant because, as it currently is, I don't think they had any other choice.
Click to expand...

All they needed to do was to have both versions of code signed, they can even limit the signing to specific models of phones.. They have done it before and can do it again.
 
NT1440 said:
Do you work on FinFisher by any chance? Or one of the similar offerings?
Click to expand...

No. I wouldn't really say ours is similar. We did create the first live forensics tool that allows law enforcement to plugin a USB drive to any machine (Mac, Windows, Linux) and pull out all kinds of fun info like passwords, emails, browsing history, and a ton more all without leaving a trace. It's now been widely copied by all of the big names including AccessData and others.
 
Parasprite said:
AFAIK there is no established way, programmatically, for iOS to offer an update to a non-latest version while also allowing other users of the same device to update to iOS 7. In other words, I don't believe Apple actually has the ability to push 6.1.6 to those devices without simultaneously disabling the ability to install iOS 7... unless they were to rewrite the code to allow this sort of thing to happen (requires an update, something they couldn't push without disabling access to iOS 7 anyways).

Whether this is a programming "problem" that is deliberate (i.e., to get people to the latest iOS) is actually irrelevant because, as it currently is, I don't think they had any other choice.
Click to expand...

They could keep signing the latest iOS 6.1.6 for those devices, allowing users to manually update in iTunes by providing the 6.1.6 IPSW. They did this at some point with a different version of iOS.

----------
OldSchoolMacGuy said:
No. I wouldn't really say ours is similar. We did create the first live forensics tool that allows law enforcement to plugin a USB drive to any machine (Mac, Windows, Linux) and pull out all kinds of fun info like passwords, emails, browsing history, and a ton more all without leaving a trace. It's now been widely copied by all of the big names including AccessData and others.
Click to expand...

Wait, even if the Mac has FileVault enabled? O_O
But I don't see how it could take Keychain passwords. They're encrypted with AES, and you have to enter the keychain password as the key to unlock them. Unless it just stores the password in plain text somewhere...
 
glutenenvy said:
I thought that was our duty as citizens.

Has Apple fixed the FileVault error yet where FileVault accidentally forgets to forget an encryption password unless the media is physically removed? (Remount of an encrypted drive without a saved keychain password is allowed without a password if not disconnected.)

Apple has given me replies to bug reports that they do not discuss security issues.

These stories make my tin foil hat start to heat up.
Click to expand...


Thanks for pointing out that FileVault issue. I just tried it out and I was able to re-mount my encrypted Volume without entering a password!! I don't save passwords in the keychain. Not good at all. Oh Apple!
Who knows if or when this will be fixed. I wonder if this is fixed in OS X Yosemite?

-ITG
 
nebo1ss said:
All they needed to do was to have both versions of code signed, they can even limit the signing to specific models of phones.. They have done it before and can do it again.
Click to expand...

I was thinking more from within iOS, but I suppose they could sign it for those who both want to stay on iOS 6 and know how to update it manually. Else they could make an easier way for you to choose different versions from within iTunes (which I hadn't thought of until now).
 
OldSchoolMacGuy said:
No. I wouldn't really say ours is similar. We did create the first live forensics tool that allows law enforcement to plugin a USB drive to any machine (Mac, Windows, Linux) and pull out all kinds of fun info like passwords, emails, browsing history, and a ton more all without leaving a trace. It's now been widely copied by all of the big names including AccessData and others.
Click to expand...

Interesting, so this was before Microsoft released Cofee for law enforcement?
 
At least this time the researcher was able to get enough access to the device to figure out all the suspicious stuff that was going on behind the user's back. With more lockdown, more encryption and more stonewalling in just a few years you'll just have to trust Apple marketing. Yikes.

To all the doubters - read the conference paper our at least the pdf. There really are multiple questionable and concerning things in there.

Now in Apple's defense this all looks very targeted - as if they were required by some 3 letter agency to do this by law. I don't believe Apple wants to have user data or make iOS vulnerable by design - there's no possible motive there. But the open question is who can access this data - only Apple for lawful purposes or bad guys and oppressive governments?

In either case they should stop saying contradictory or misleading things. Stay mum instead of explicit denials that later turn out to be quite misleading.
 
dumastudetto said:
There is no reason to believe Apple would ever do anything to deliberately compromise the security of our data. Apple is the one company that strives to do everything to protect us and our privacy from prying eyes.
Click to expand...

Spoken like a true Apple fanboy. Trust in the :apple: and nothing else like a good boy.

----------
Reason077 said:
I don't understand why people get so worked up about this sort of thing.

Those backdoors are there for your protection. They are put there for the exclusive use of the governments who we democratically elected. i.e.: the good guys.

We should all stop being so suspicious, and learn to fully trust the NSA and GCHQ. These guys are serious, trained professionals - not spotty nerds who are out to steal credit card numbers or pictures of your girlfriend!

As long as these backdoors are secure (and surely they are!), then we have nothing to fear.
Click to expand...

I'm guessing you be on the streets protesting if it was a republican president.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back