Jonathan Zdziarski is a forensic computer scientist who is regarded as one of the best iOS security experts. As an expert in jailbreak, he also has a hacker side, in which he is known as NerveGas. His specialization and methodology as a forensic has been validated by the National Institute of Justice (USA), with whom he assiduously collaborates and has written several books on iPhone, including; iPhone Forensics, iPhone SDK Application Development, iPhone Open Application Development, and the last published, Hacking and Securing iOS Applications.
At this year's conference Hackers On Planet Earth (HOPE / X) has focused its presentation on «Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices»In outlined some problems he has encountered in iOS. Specifically, several backdoor services that Apple has included in the software. These covert security mechanisms are implemented by Apple, as stated by Zdziarski, facilitating data collection not only for Apple, but also for government agencies.
The services Zdziarski has detected include: «lockdown","mobile.file_relay" Y "pcapd" Y each of these mechanisms can be used to hack the encrypted backups and thus acquire your data through a WiFi connection, USB, or even through a cellular connection. It also points out that it is not information from the operator tools, or even the development tools, but personal information of the user.
I am not suggesting that there is a conspiracy; however there are some services running on iOS that shouldn't be there, which are intentionally added by Apple as part of the firmware, and that the encryption of the backup, your personal data, should never leave the phone. I think at least this requires an explanation by Apple and its disclosure to the nearly 600 million customers who are running iOS devices. At the same time, not a generalized security emergency, my level of paranoia is adjusted and I don't want to go crazy, just I hope Apple fixes the problem, nothing more and nothing less. I want these services of my phone to be private, they do not paint anything between my data.
Si do you want an immediate patch To deal with the situation, Zdziarski outlines some key steps. First, use a complex access code on your device. Also, suggest that users use the app Apple Configuration to configure the restrictions in Mobile Device Management (MDM), allowing device pairing, this delete pairing records. It is a limited solution, and only protects against third party forensic services, since it still leaves the device open to Apple's own tools.
