Daily Tech Briefing: July 25, 2014
Apple, iOS, hackers, mobile devices, packet sniffer, National Security Agency, Tim Cook, iPhone, iPhone 5C, Oracle, Linux 7, Red Hat Enterprise Linux 7, XFS file system, Tails Linux, Amnesic Incognito Live System, Exodus Intelligence, Invisible Internet Project,
Apple has denied a security researcher's claim that its iOS devices collect a lot of personal data without users' knowledge. At the recent Hackers on Planet Earth conference, security researcher Jonathan Zdziarski discussed some backdoors he believes he's found into iOS by way of some of those previously undocumented diagnostic features
One feature discussed was the com.apple.pcadp function, which starts a libpcap service on a user's iOS device. The libpcap service is an open-source packet sniffer technology and Zdziarski questioned why it is on every iOS device.
Zdziarski expressed concern that some of these features may have been used by the National Security Agency "to collect data on potential targets." For its part, Apple explained that "pcapd supports diagnostic packet capture from an iOS device to a trusted computer" and is useful for troubleshooting and diagnosing problems.
During a recent Apple earnings conference, an analyst asked Apple CEO Tim Cook whether the iPhone trade-in programs were resulting in sales of lower-cost used and refurbished phones that might be negatively impacting sales of new iPhone 5 units.
Cook explained that iPhones sold as a result of such trade-in programs were "hugely beneficial" to Apple and give people who Cook described as "cost sensitive" access to iPhones.
Oracle has launched Linux 7, which provides users with a freely available enterprise-grade Linux distribution. Linux 7 is based on the recent Red Hat Enterprise Linux 7 distribution released June 10. This means Linux 7 inherits many of the same new features.
But it has some different features as well. For instance, the XFS file system- which enables a file system to scale up to 500 terabytes - is the default.
Tails Linux distribution issued its 1.1 update on July 22, providing multiple security fixes. Tails, which is an acronym that stands for The Amnesic Incognito Live System, is focused on enabling user privacy while online.
However, security research firm Exodus Intelligence found a vulnerability in the Invisible Internet Project component used by Tails. This vulnerability could enable an attacker to de-anonymize a Tails user.
