Researcher Finds Hidden Data-Dumping Services In iOS 98
Trailrunner7 writes There are a number of undocumented and hidden features and services in Apple iOS that can be used to bypass the backup encryption on iOS devices and remove large amounts of users' personal data. Several of these features began as benign services but have evolved in recent years to become powerful tools for acquiring user data.
Jonathan Zdziarski, a forensic scientist and researcher who has worked extensively with law enforcement and intelligence agencies, has spent quite a bit of time looking at the capabilities and services available in iOS for data acquisition and found that some of the services have no real reason to be on these devices and that several have the ability to bypass the iOS backup encryption. One of the services in iOS, called mobile file_relay, can be accessed remotely or through a USB connection can be used to bypass the backup encryption. If the device has not been rebooted since the last time the user entered the PIN, all of the data encrypted via data protection can be accessed, whether by an attacker or law enforcement, Zdziarski said. Update: 07/21 22:15 GMT by U L : Slides.
Jonathan Zdziarski, a forensic scientist and researcher who has worked extensively with law enforcement and intelligence agencies, has spent quite a bit of time looking at the capabilities and services available in iOS for data acquisition and found that some of the services have no real reason to be on these devices and that several have the ability to bypass the iOS backup encryption. One of the services in iOS, called mobile file_relay, can be accessed remotely or through a USB connection can be used to bypass the backup encryption. If the device has not been rebooted since the last time the user entered the PIN, all of the data encrypted via data protection can be accessed, whether by an attacker or law enforcement, Zdziarski said. Update: 07/21 22:15 GMT by U L : Slides.
Attacker or law enforcement? (Score:4, Insightful)
whether by an attacker or law enforcement
For those who are innocent, law enforcement IS the attacker.
XOR (Score:5, Insightful)
? Well it's also kind of problematic (Score:5, Insightful)
For people who lose/have their device stolen.
Too many words (Score:5, Insightful)
People want to read something like "The iPhone has a secret backdoor for the NSA!!!". Anything much longer than that will never be read or understood by most people.
It's hopeless. Ask 100 people who have heard of this and 95 of them will tell you that it is proven now that the iPhone has a secret backdoor for the NSA over which all data can just be read by them.
(And I'm not even saying that it has NO such backdoor. Maybe it has. But this isn't it. This just isn't designed for mass surveillance, it needs a cooperating user and individual access to a device the user has connected his iPhone to. Maybe it's a side door for law enforcement and/or forensics additionally to a debugging tool.)
Re:DON'T PANIC (Score:5, Insightful)
How can you say that and yet still buy such devices? It's not like one doesn't have a choice...
Yes, they could buy Android instead. Or Windows.
Oh, hang one...
Re:DON'T PANIC (Score:5, Insightful)
And how much crap is installed on Android you can't disable (or know is there) without rooting your phone?
How much crap on Windows phone? I bet you can neither disable nor know it's there.
Your BlackBerry?
So, please, tell us, how are Android, Windows or BlackBerry phones any better? Can you prove none of them has something similar?
I very much doubt you can.
You can choose to not have a device at all, but I have my doubts you can choose a phone which doesn't have similar security holes you know nothing about.
Re:Pedos, drug lords, and terrorists take notice!! (Score:5, Insightful)
I'm going with "if you have nothing to hide, you have nothing to fear".
Which isn't so much a paranoid delusion, as it is a prevalent sentiment.
Re:Too many words (Score:5, Insightful)
People want to read something like "The iPhone has a secret backdoor for the NSA!!!". Anything much longer than that will never be read or understood by most people.
It's hopeless. Ask 100 people who have heard of this and 95 of them will tell you that it is proven now that the iPhone has a secret backdoor for the NSA over which all data can just be read by them.
(And I'm not even saying that it has NO such backdoor. Maybe it has. But this isn't it. This just isn't designed for mass surveillance, it needs a cooperating user and individual access to a device the user has connected his iPhone to. Maybe it's a side door for law enforcement and/or forensics additionally to a debugging tool.)
Except for the fact that Apples handing all of your data over to the NSA anyway. Apple has a very cozy relationship with the US federal government.
http://cdn.bgr.com/2013/11/app... [bgr.com]
According to that table there were 0 - 1000 cases in which "some" content data was disclosed to law enforcement in the US (and 1 in the UK and 0 in about 30 other countries). You call this "a very cozy relationship"? With 313 million citizens in the US there were less than 1000 requests granted. What's "cozy" about that?
Re:DON'T PANIC (Score:5, Insightful)
Android has the Google Play Services that has all permissions, that can update itself without asking or even telling the user and that has access to EVERYTHING on the phone. If the NSA wants you data, it gets it. Period.
And really, you need to do some reality-check here. You can't protect yourself against that. No way. Not without building your own hardware, writing your own software, including the firmware and the baseband.
All the geeks dreaming of technical solutions to political problems are just dreamers. What we need is some sane checks and balances for when and in which cases such things are used. This is a political problem and the first step to home in to a solution is accepting that there ARE cases where law enforcement and government agencies indeed have a right and a need to do this. Without accepting this you will only continue to shake your fists and even IF you may get into power with steadfastly requiring 100% security against everyone: Once you will notice that people will use the Internet and mobile devices to organize against you then, you WILL turn around and cry for surveillance and WILL try to defend yourself. Freedom has to have some teeth and hands and eyes to defend itself. The point is not to pull the teeth, the point is how to tame them. There are no technical solutions to that problem.
Re:JCS does not like Crypto devices (Score:3, Insightful)
Don't by the corporate colored glass beads, but roll your own crypto. Its not actually hard.
WHAT THE FUCK ARE YOU SMOKING? Rolling your own crypto is HARD. The near infinite number of ways you can screw up (fucked implementations like "optimizations", timing attacks, electromagnetic leakage, poor handling of entropy and key material--the list goes on and on) automatically make rolling your own crypto a bad idea.
You want better security, support the open source hardware and software guys (especially crypto devs who put out established/trustworthy products like OpenBSD).
And yes, I've written plenty of crypto code and STILL don't trust any of it.