Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsHidden network packet sniffer in MILLIONS of iPhones, iPads – expert
Plus host of spying tools. But Apple's backdoor not totally open for all, guru tells usAn analysis of iOS by a security expert digging into claims of the NSA spying on Apple products has revealed some unexplained surveillance tools in the operating system.
His study has also shown that a user's data may not be as safe as Cupertino is making out.
Data forensics expert and author Jonathan Zdziarski wrote an academic paper on the topic in March, and gave a talk [PDF] at the Hackers On Planet Earth (HOPE X) conference in New York on Friday showing his findings. The results of his research indicate a backdoor into iOS, although it's not as wide open as some reports have suggested.
<>
This data includes a copy of the user's address book, stored photos, the voicemail database and audio files, any accounts configured on the device such as iCloud, Facebook or Twitter, a cache of screenshots, keystrokes and the device's clipboard, GPS data, and on iOS 7 metadata disk sparseimage of the iOS file system.
http://www.theregister.co.uk/2014/07/21/ios_firmware_contains_packet_sniffer_and_host_of_secret_spying_tools/
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
6 replies, 1253 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (15)
ReplyReply to this post
6 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
Hidden network packet sniffer in MILLIONS of iPhones, iPads – expert (Original Post)
IDemo
Jul 2014
OP
Trillo
(9,154 posts)1. Not really surprising.
The scope of the information would seem specifically designed to enable Internet stalking.
IDemo
(16,926 posts)2. More from Zdziarski -
Apple Responds, Contributes Little
Posted on July 21, 2014 by Jonathan Zdziarski
In a response from Apple PR to journalists about my HOPE/X talk, it looks like Apple might have inadvertently admitted that, in a classic sense, they do indeed have back doors in iOS, however claim that the purpose is for diagnostics and enterprise.
The problem with this is that these services dish out data (and bypass backup encryption) regardless of whether or not Send Diagnostic Data to Apple is turned on or off, and whether or not the device is managed by an enterprise policy of any kind. So if these services were intended for such purposes, youd think theyd only work if the device was managed/supervised or if the user had enabled diagnostic mode. Unfortunately this isnt the case and there is no way to disable these mechanisms. As a result, every single device has these features enabled and theres no way to turn them off, nor are users prompted for consent to send this kind of personal data off the device.
(more) http://www.zdziarski.com/blog/?p=3447
Posted on July 21, 2014 by Jonathan Zdziarski
In a response from Apple PR to journalists about my HOPE/X talk, it looks like Apple might have inadvertently admitted that, in a classic sense, they do indeed have back doors in iOS, however claim that the purpose is for diagnostics and enterprise.
The problem with this is that these services dish out data (and bypass backup encryption) regardless of whether or not Send Diagnostic Data to Apple is turned on or off, and whether or not the device is managed by an enterprise policy of any kind. So if these services were intended for such purposes, youd think theyd only work if the device was managed/supervised or if the user had enabled diagnostic mode. Unfortunately this isnt the case and there is no way to disable these mechanisms. As a result, every single device has these features enabled and theres no way to turn them off, nor are users prompted for consent to send this kind of personal data off the device.
(more) http://www.zdziarski.com/blog/?p=3447
Gulp, this will not go over well..
WillyT
(72,631 posts)3. More Here:
DULink: http://upload.democraticunderground.com/10025273215
& Rec !!!
lpbk2713
(42,751 posts)4. This is why ...
I'm hanging on to my four year old plain old vanilla flip phone for as long as it will hold up.
IDemo
(16,926 posts)5. I saw a Tracphone for $3.99 on the shelf at K-Mart yesterday
I paid $14.99 for mine. It's running Java, not iOS, not Android, not Windows. Voice, text, camera, mp3's; what more do I need?
nilram
(2,886 posts)6. Zdziarski's presentation is available here...