Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Mobile
    • Networking

    Apple Denies iOS Devices Enable Access by NSA Snoopers

    By
    Sean Michael Kerner
    -
    July 24, 2014
    Share
    Facebook
    Twitter
    Linkedin
      Apple iOS security backdoor

      Apple has many different services on its iOS devices that collect diagnostic data, yet not all of them are well understood or documented. Security researcher Jonathan Zdziarski thought he found some backdoors into iOS by way of some of those previously undocumented diagnostic features.

      Zdziarski presented his findings at the HOPE (Hackers on Planet Earth) conference on July 18. Apple denies Zdziarski’s claims.

      “I have NOT accused Apple of working with NSA [National Security Agency]; however, I suspect (based on released documents) that some of these services may have been used by NSA to collect data on potential targets,” Zdziarski wrote in a blog post.

      Among the services that Zdziarski warns about is the com.apple.pcadp function. In his presentation slides, he noted that com.apple.pcadp starts a libpcap service on a user’s iOS device. The libpcap service is an open-source packet sniffer technology. Zdziarski noted that the com.apple.pcadp service is active on every iOS device and can be targeted over WiFi for remote monitoring.

      “Why do we need a packet sniffer running on 600 million personal iOS devices?” Zdziarski asked on one of his slides.

      Apple now has a public response on what com.apple.pcadp is all about and what the other diagnostic capabilities on iOS actually enable.

      “pcapd supports diagnostic packet capture from an iOS device to a trusted computer,” Apple noted in a support document. “This is useful for troubleshooting and diagnosing issues with apps on the device as well as enterprise VPN connections.”

      Apple adds that more information on the use of pcapd is also available in its developer library online.

      Another service that Zdziarski warned about is the com.apple.mobile.house_arrest feature. In Zdziarski’s presentation, he explained that it’s a feature that enables iTunes to copy documents both to and from third-party applications.

      He warned that the folders that can be accessed include sensitive account storage areas, which could include pictures and other user data.

      Apple explains in its support document that the com.apple.mobile.house_arrest function is used by iTunes to transfer documents to and from an iOS device for apps that support this functionality.

      “This is also used by Xcode to assist in the transfer of test data to a device while an app is in development,” Apple stated.

      Apple emphasized that iOS’ various diagnostic capabilities all rely on a secure trust model and data is encrypted. “Each of these diagnostic capabilities requires the user to have unlocked their device and agreed to trust another computer,” Apple stated. “Any data transmitted between the iOS device and trusted computer is encrypted with keys not shared with Apple.”

      The iOS backdoor allegations raised by Zdziarski are the second such set of privacy allegations leveled against Apple this month. In early July, Chinese broadcaster CCTV alleged that Apple was collecting information on Chinese user locations and represented a national security threat. Apple also refuted that claim, explaining that its Frequent Locations function does not transmit data to Apple.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×