Undocumented iOS functions allow monitoring of personal data, expert says

Zdziarski

Apple has endowed iPhones with undocumented functions that allow unauthorized people in privileged positions to wirelessly connect and harvest pictures, text messages, and other sensitive data without entering a password or PIN, a forensic scientist warned over the weekend.

Jonathan Zdziarski, an iOS jailbreaker and forensic expert, told attendees of the Hope X conference that he can't be sure Apple engineers enabled the mechanisms with the intention of accommodating surveillance by the National Security Agency and law enforcement groups. Still, he said some of the services serve little or no purpose other than to make huge amounts of data available to anyone who has access to a computer, alarm clock, or other device that has ever been paired with a targeted device.

Zdziarski said the service that raises the most concern is known as com.apple.mobile.file_relay. It dishes out a staggering amount of data—including account data for e-mail, Twitter, iCloud, and other services, a full copy of the address book including deleted entries, the user cache folder, logs of geographic positions, and a complete dump of the user photo album—all without requiring a backup password to be entered. He said two other services dubbed com.apple.pcapd and com.apple.mobile.house_arrest may have legitimate uses for app developers or support people but can also be used to spy on users by government agencies or even jilted ex-lovers. The Pcapd service, for instance, allows people to wirelessly monitor all network traffic traveling into and out of the device, even when it's not running in a special developer or support mode. House_arrest, meanwhile, allows the copying of sensitive files and documents from Twitter, Facebook, and many other applications.

Read 8 remaining paragraphs | Comments