light bulb

Did You Know?



Reply
Posts: 4,383
Topics: 2,731
Kudos: 5,388
Registered: ‎06-12-2013

Researcher Identifies Hidden Data-Acquisition Services in iOS

If I had an iPhone I woud find this worrying and I wonder how often people actually reboot their phone.

 

July 21, 2014 by Dennis Fisher

 

"There are a number of undocumented and hidden features and services in Apple iOS that can be used to bypass the backup encryption on iOS devices and remove large amounts of users’ personal data. Several of these features began as benign services but have evolved in recent years to become powerful tools for acquiring user data.

Jonathan Zdziarski, a forensic scientist and researcher who has worked extensively with law enforcement and intelligence agencies, has spent quite a bit of time looking at the capabilities and services available in iOS for data acquisition and found that some of the services have no real reason to be on these devices and that several have the ability to bypass the iOS backup encryption. One of the services in iOS, called mobile file_relay, can be accessed remotely or through a USB connection can be used to bypass the backup encryption. If the device has not been rebooted since the last time the user entered the PIN, all of the data encrypted via data protection can be accessed, whether by an attacker or law enforcement."

 

Full Article

Sr. Community Leader

Community Guide
Posts: 180
Registered: ‎10-31-2013

Re: Researcher Identifies Hidden Data-Acquisition Services in iOS

Interesting read, I ended up repostng this on spiceworks.
Community Manager Community Manager
Community Manager
Posts: 3,930
Registered: ‎12-16-2013

Re: Researcher Identifies Hidden Data-Acquisition Services in iOS

Posts: 8,452
Topics: 577
Kudos: 7,037
Registered: ‎02-03-2012

Re: Researcher Identifies Hidden Data-Acquisition Services in iOS

So they should allow AV's to run on there iOS devices and I bet Webroot would be very good, like on Android Devices right? :smileyhappy:

 

Daniel :smileywink:

coollogo_com-133794099.gif


asapvip.png  SigSVIP.png EPA.png


Webroot® SecureAnywhere™ Internet Security Complete Beta v8.0.7.33 on my main system Windows 7 Ultimate 64bit & on Win XP 32bit, Win Vista 32bit, Win 7 32bit, Win 8.1 Pro 32bit & 64bit, Win 10 Preview 32bit & 64bit Build 9926 all on VM's also on my HTC One M8 Android Lollipop 5.0.1 Phone v3.6.0.6652.


MVP.gif.png Microsoft® MVP Consumer Security


Twitter.png Untitled-1.png Community-Badges-BetaTester.png

Posts: 2,926
Topics: 1,811
Kudos: 2,014
Blog Posts: 0
Registered: ‎06-02-2014

Re: Researcher Identifies Hidden Data-Acquisition Services in iOS


TripleHelix wrote:

So they should allow AV's to run on there iOS devices and I bet Webroot would be very good, like on Android Devices right? :smileyhappy:

 

Daniel :smileywink:


I second that Webroot would do a excellent job and catch those rascals:smileywink:

Community Leader

Posts: 4,383
Topics: 2,731
Kudos: 5,388
Registered: ‎06-12-2013

Hidden services in iOS devices could allow users’ surveillance

Here is a little bit information about the hidden services.

 

by paganinip on July 22nd, 2014

 

iOS

 

"The file_relay tool can be used to steal user’s information from iOS device, including email, location, social media accounts, the address book and the user cache folder, below the description provided in the presentation:

  • Accounts A list of email, Twitter, iCloud, Facebook etc. accounts configured on the device.
  • AddressBook A copy of the user’s address book SQLite database; deleted records recoverable.
  • Caches The user cache folder: suspend screenshots (last thing you were looking at), shared images, offline content, clipboard/pasteboard, map tile images, keyboard typing cache, other personal data.

“Between this tool and other services, you can get almost the same information you could get from a complete backup,” “What concerns me the most is that this all bypasses the consumer backup encryption. When you click that button to encrypt the backup, Apple has made a promise that the data that comes off the device will be encrypted.” Zdziarski said in an interview. "

 

Full Article

Sr. Community Leader

Posts: 2,926
Topics: 1,811
Kudos: 2,014
Blog Posts: 0
Registered: ‎06-02-2014

Intentional backdoors in iOS devices uncovered

Comment:How far do we trust Apple now??? In this article it was intnetional done by Apple which has features within the software which can be used by law enforcement and attackers......

================================================================================================

Author:

Zeljka Zorz HNS Managing Editor/ Posted on July 22 2 014

 

A researcher has revealed that Apple has equipped its mobile iOS with several undocumented features that can be used by attackers and law enforcement to access the sensitive data contained on the devices running it.

Jonathan Zdziarski, a well-known iOS forensics expert, was spurred into digging into the OS after he read a report by Der Spiegel that said that the NSA used a software implant to access information on a target's iPhone and turn it into a recording device

 

Help Net Security/ Full Read Here/ http://www.net-security.org/secworld.php?id=17155

Community Leader

Community Manager Community Manager
Community Manager
Posts: 3,930
Registered: ‎12-16-2013

Re: Hidden services in iOS devices could allow users’ surveillance

Posts: 724
Topics: 244
Kudos: 683
Registered: ‎02-15-2012

Re: Hidden services in iOS devices could allow users’ surveillance

Another, slightly more recent story about this iOS 'backdoor' was published earlier today on 'The Guardian'. It's pretty detailed and has some great quotes from Jonathan Zdziarski (the researcher). You can read the full story here

 

And here's an interesting portion of the story:

 

'Apple has explained these services as genuine “diagnostic” features to allow IT departments and store assistants to manage iPhones.

But Zdziarski said these functions break Apple promises in that they “bypass backup encryption while copying more of your personal data than ever should come off the phone for the average consumer”.

“I understand that every OS [operating system] has diagnostic functions, however these services break the promise that Apple makes with the consumer when they enter a backup password; that the data on their device will only come off the phone encrypted,” he said in a blog post in response to Apple’s explanation for the tools’ existence.'

 

iOS Backdoors could be used for surveillance.png

 

(Source: The Guardian) 

--Yegor P--
Social Media Content Coordinator

New to the Community? Sign up for FREE today.
Posts: 4,383
Topics: 2,731
Kudos: 5,388
Registered: ‎06-12-2013

Apple confirms iOS backdoors, researcher says explanation is misleading

Posted on 24 July 2014.

 

In the wake of the discovery of undocumented features in Apple's iOS that can serve as backdoors, the company has modified a knowledge base article to enumerate and explain the three questionable services found by iOS forensics expert Jonathan Zdziarski.


The pcapd utility, it is explained, "supports diagnostic packet capture from an iOS device to a trusted computer," and is used for "troubleshooting and diagnosing issues with apps on the device as well as enterprise VPN connections."

 

Full Article

Sr. Community Leader