Like, WOW, man!
His study has also shown that a user's data may not be as safe as Cupertino is making out.
Ya think? An American company surreptitiously placing "sekrit" access in its products? I'm shocked...shocked!!...I say....
An analysis of Apple's iOS operating system by a security expert has revealed various tools in the software that could be used for surveillance if one were so inclined. Jonathan Zdziarski concluded that the vast majority of iThing owners are unaware of lax mechanisms protecting their data. Data forensics expert and author …
it's clear Apple owes customers some answers.
Apple won't want to say anything, and if they are forced they will say something like it's part of their quality control and information is only used in the aggregate and users are not personally identified etc etc. Same ol' Apple B.S.
Your Android App requires the following permissions:
1) Access to Everything
2) I said Everything
3) All of it...
4) I might even make some long distance telephone calls, hope you don't mind.
Six of one, half dozen of the other.
"
1) Access to Everything
2) I said Everything
3) All of it...
4) I might even make some long distance telephone calls, hope you don't mind.
"
5) User clicks Do Not Install and gets another app that does the same thing without requiring all those permissions.
>Of course, to access all these hidden tools you'd need access to the target's iPhone, and Apple's security is invincible, right? Not so fast there: Zdziarski has also uncovered a way to get around this that, while hard for hackers, wouldn't be too tough for law enforcement.
I can only presume that this means "with some help from Apple".
> it's clear Apple owes customers some answers.
I doubt that Apple will provide much of anything to these kinds of findings, they have a new product about to be launched so their interests lie elsewhere for the moment.
If Apple have these kinds of undocumented APIs, it is safe to presume that everyone else does too, whether it be with or without the NSAs blessing.
API : ( Access to Privates Interface) - Don't let coders make you beleive that it means something else.
Hello:
> If Apple have these kinds of undocumented APIs, it is safe to presume that everyone else does too,
> whether it be with or without the NSAs blessing.
Indeed ...
Particularly the fellows at Redmond.
And the XP/Win7 etc. 'end of life' putsch on behalf of MS is nothing but the polishing up of the back door tools to integrate them as seamlessly as possible into the OS.
To be fair, though, if Android contained something like this we'd already know about it, assuming that the version that's put in phones is [almost] the same as the open source version.
Whilst most people are probably not going to give a monkey's nut about these kind of things, it's a bit disconcerting, particularly in light of Apple ranting about how good a company they are.
if Android contained something like this we'd already know about it, assuming that the version that's put in phones is [almost] the same as the open source version
That's a rather massive "if", especially since its originator specialises in getting their grubby hands on any data they can scurry out of your life.
That is as simple as it gets, really. I have been a longtime blackberry user who has decided to move to Android, but am doing so knowing that I am accepting much more risk in doing so. It means I will not store banking passwords, etc. on my mobile... and I will look to run anti-malware on my device.
BlackBerry may not be as app-rich of an ecosystem, but the darned things are pretty solid in terms of core function, reliability and security..... or at least, that is what the USA's NSA want's us to think... lol.
Blackberry rolls over for law enforcement on a regular basis. And there are few rollovers for law enforcement that aren't also accessible by hackers.
http://en.rsf.org/blackberry-gives-way-to-pressure-11-10-2011,41159.html gives a summary of several instances of government pressure and varying degrees of caving.
"...a summary of several instances of government pressure and varying degrees of caving."
What's speleology got to do with this?
If you are going to use a cliche, at least get it right.
It should be "... a summary of several instances of government pressure and varying degrees of caving in"
Ending a sentence with a proposition is something up with which we shall not put!
The phrase "cave in" is a non-hyphenated compound word that, whilst it might apparently contain the preposition "in", is not itself a preposition. A sentence ending with "cave in" is grammatically valid, though for clarity it might be best to hyphenate it as "cave-in".
Never say never.
==-
Two guys at a Boston streetcorner:
MIT guy: Excuse me, can you tell me where the bookstore is at?
Other guy: At HAH-vaad, we don't end a sentence with a preposition.
MIT guy: [Looks down at sidewalk] You're right. I'll rephrase it. [Looks up] Can you tell me where the bookstore is at, ASSHOLE?
—Faye Kane ♀ girl brain
Sexiest astrophysicist you'll ever see naked
Arrogant semiotic pedantics like this is why girls won't let you fu ck them. Even I won't, and I'm a geek myself. Stupid guys do everything fast and hard and brutally, with naught a whit of thought as to whether it's "correct."
LEARN, Poindexter.
You're supposedly good at that.
♥,
-faye kane ♀ girl brain
Sexiest astrophysicist you'll ever see naked
Pix: tiny url dot com slash nakedfaye1
Blackberry rolls over for law enforcement on a regular basis. And there are few rollovers for law enforcement that aren't also accessible by hackers.
I hear good things of their implementation of QNX, though, and that's from people who I know to be thorough in their fact checking. I plan to check them out, provided they have adopted standards like IMAP and ActiveSync instead of this BES malarky - it's what put me off last time round.
"I hear good things of their implementation of QNX, though, and that's from people who I know to be thorough in their fact checking. I plan to check them out, provided they have adopted standards like IMAP and ActiveSync instead of this BES malarky - it's what put me off last time round."
IMAP and ActiveSync already there. I use ActiveSync on a Z10, seems to work very well. BB10 does a good job of messaging.
There is know way to secure any wall garden CrapApple devices. Never has been, Never will Be, Apple users are eye candy controlled zombies who can't think for themselves,
Like Steve Jobs said "We control the widgets, The widgets control the widget users", Never did he speak truer words, has for me I don't use Apple, Facebook, Google or M$ products, I can think for and act for myself. Smartphones are for the not so smart people who haven't got the brains they were born with,
Quote:- Users are so damn stupid - won't they ever learn to use Apple's products correctly?
Reply :- Don't kid yourself, There is only one way to use Apple product. That's the way Mac programmed it, to control their widget users, The only good Apple users are the ones that have jail broke theirs. They are the ones with common sense
Well, if Apple builds back doors into their products like everyone else, then having a closely guarded app store doesn't prevent the hackers from reverse engineering that back door info, does it? What's the point of choosing any platform for it's better security, if every platform is Swiss cheese, security wise, anyway?
It doesn't matter how secure your phone is, you still have to connect it to a public facing network in order to use it. So the likes of Vodafone can track you, monitor your usage and sell your data to the advertisers. (as they are currently doing with their targeted advertising texts!) They are also more likely to respond to police inquiries about your usage at specific times than Apple/Google/Microsoft as well.
It doesn't matter how secure your phone is, you still have to connect it to a public facing network in order to use it
Yup, which produces some of that annoying meta data like location. However, a mobile device should treat *any* network as hostile for data connectivity, be it GPRS (remember that?), 3/4/nG or WiFi.
pcapd - so top sekret it's been a documented developer tool for years
https://developer.apple.com/library/mac/qa/qa1176/_index.html
lockdownd - the daemon which provides information to things like device activation, DRM services, ability to use emergency call or connect to itunes
http://theiphonewiki.com/wiki/Lockdownd
mobile.file_relay - appears to be the service which supports applications sending and receiving files through itunes sharing or local network sharing. Here's someone's client implementation on github from 4 years ago.
https://github.com/bryanforbes/libimobiledevice/blob/master/src/file_relay.c
Calling these "undocumented" is simply incompetent, and bringing the NSA into it is just alarmist bull.
"pcapd - so top sekret it's been a documented developer tool for years"
No - the developer doc you linked to is about analyzing traffic from another device on the network, not by the device itself which is what pcapd does, allegedly. The doc you linked to says "iOS does not support packet tracing directly". That's contradicted by Jonathan's claims.
The other things you link to are not documented by Apple officially (AFAIA). They may well have been known for a while. There's no harm in a serious security researcher joining up all the dots for everyone.
Unless you're just happy doodle dandy with everything as it stands.
C.
I've no issue with anyone asking Apple to explain things in more detail, and in the current environment all such companies need to allay fears about privacy, but the assumption that they're in bed with the NSA handing over all our data, based on not having an official explanation, is frankly ridiculous.
It was the same with the discovery of a location cache, everyone blogged about how Apple was spying and the sky was falling in, until Apple explained what it was for and common sense ensued.
"Unless you're just happy doodle dandy with everything as it stands" - pretty much, yes. "As it stands" there are some poorly documented, not secret functions and no evidence of any spying. Much as I might enjoy becoming a conspiracy loon in the absence of any real details on these functions I think I'll wait to see what Apple actually have to say.
pcap is the packet capturing library used by wireshark, and pretty much every other packet analysing tool on any platform.
pcapd is a daemon, running on an iphone, that provides the possibility of doing packet captures on an iphone, ported to run on that platform, that's been demonstrated (by this guy) to allow you to do packet captures on the device, like anyone familiar with pcap would expect.
Apple docco says there is no native way to do packet captures on iOs devices.
EIther that's a lie, or some developer has gone rogue, and installed a pcap daemon in iOs without Apple knowing.
Neither possibility bothers you? Cool.
Bothers me.
@DMDeck16, Either that or that, eh? Thanks for clearing that up with impeccable logic and hard evidence.
Given your earlier, much more nuanced reply I will assume you ran out of caffeine there :) - I think the question is valid (although I'd be grateful if someone could point me at the docs which confirm that "Apple docco says there is no native way to do packet captures on iOs devices" because it's AFAIK pretty much a standard diagnostics tool on any Unix-alike platforms).
There is nothing wrong with raising questions, but I also agree with you that being all alarmist about it is stupid. However, that's what the press trained us to expect now - anything is either the end of the world or not worth reporting (reminds me of a clip that showed what a falling tea cup looks like in a US movie - it explodes - but sadly I cannot locate it on Youtube).
I would like to see this sort of work done on *any* mobile platform. The only functional weapon against subversion is transparency.
Thankyou, caffeine reinstated. I suspect the pcap daemon has a legitimate use but is not officially supported for end users or it is used during internal development and should have been disabled. ie at best misunderstood, at worst cockup. But conspiracy is far more interesting and entertaining.
I think Apple need to explain themselves pronto, but my point is that leaping to conclusions of conspiracy immediately makes all rational discussion that much more difficult. Eg another media outlet is reporting this as "Backdoors and surveillance mechanisms in iOS devices", another says "Your iPhone May Be Rigged to Spy on You" and so, tediously, on.
The jury has spoken before the evidence has even been heard. It's tiresome because there are plenty of examples of privacy abuse taking place WITH evidence all over the place in IT, government, corporations, public sector, which hardly raise an eyebrow because they're not as sexy as the idea of iPhones and Apple spying on you.
Apple's done an excellent job of managing security (see their latest whitepaper) but their propensity to stay tight lipped isn't going to see this one go away.
http://www.apple.com/ipad/business/docs/iOS_Security_Feb14.pdf
"I suspect the pcap daemon has a legitimate use but is not officially supported for end users or it is used during internal development and should have been disabled. ie at best misunderstood, at worst cockup"
Oh right, that's a much more convincing, evidence based assessment right there. You suspect. Cracking.
==-
> " there are plenty of examples of privacy abuse taking place WITH evidence all over the place in IT, government, corporations, public sector,"
That's exactly why we don't trust Apple. PARTICULARLY when they get caught and then stonewall us.
faye kane ♀ girl brain
@Fred Flintstone and @DMDeck16
Do you guys not bother to read and understand either the article, the links in the article, or even the thread you're participating in, before posting comments?
The docs that say "there is no native way to do packet captures on iOs devices" are linked in the article, and IN THIS THREAD YOU'RE REPLYING TO. The article author has also explained that's the case in this thread, again, in case you missed it.
Here's the link for the third time, and the quote;
https://developer.apple.com/library/mac/qa/qa1176/_index.html
"iOS does not support packet tracing directly."
"AFAIK (pcap is) pretty much a standard diagnostics tool on any Unix-alike platforms"
Not when you're building a consumer / business grade mobile phone it isn't. It really is not.
Show me another phone with a pcap daemon built into it, out of the box.
What we can learn from this is that it's harder and harder to hide backdors in the code and at the same time it's ever as hard for big companies like Apple or why not Sony (back then) to grasp it. Rather funny really (to choose a stupid word) but how do those programmers doing the coding sell it, do they say, Y,es Sir, this software is undetectable with a straight face. If not, would they get the boot. Are only the big brands involved in this terrosist/snoopping psychosis. Why do I have this feeling that Big Brother is getting madder and madder, not because he needs to, but because there are more and more opportunities to get madder and madder in a world he has less and less ability to technically understan.
The thing is, it's reaching the point where they don't NEED to hide it anymore. The government is such that no sense of privacy is increasingly the norm, and if you don't like it, you probably won't be doing much good anymore. IOW, by this point, the spooks don't care because they're EVERYWHERE.
"The data is also in too raw a format to be of any use to a Genius Bar tech support team."
I am offended that he seems to be trying to pull the wool over my eyes. OK, most Genius Bar staff might be unable to hack the raw data, but the implication is that no-one can hack it.
There are, after all, code breaking competitions where the challenge is to decrypt a block of raw data.
I think you misunderstand - he's saying that the data is not of direct use to the Genius Bar tech support in their day-to-day activities of supporting users. He's not saying that they (or anyone else) would be incapable of putting together a tool to extract said data and use it for other purposes, rather that there doesn't seem to be a legitimate use for the data for tech support.
That's how I read it anyway.
"I don’t buy for a minute that these services are intended solely for diagnostics. The data they leak is of an extreme personal nature. There is no notification to the user. A real diagnostic tool would have been engineered to respect the user, prompt them like applications do for access to data, and respect backup encryption."
Don't recall any of those features in gdb or Dr Watson tbh..
"What makes him a "forensic scientist"?
"He analyses how iphones work, hacks banks, does pentests, etc."
adj. Relating to, used in, or appropriate for courts of law or for public discussion or argumentation.
adj. Of, relating to, or used in debate or argument; rhetorical.
adj. Relating to the use of science or technology in the investigation and establishment of facts or evidence in a court of law: a forensic laboratory.
It's kind of funny how tools that are supposed to help enterprise IT department are not documented anywhere.
So let's pretend I'm in IT for a large enterprise, let's pretend I specialised in mobility and iOS, those tools might be very useful for me, and I might even have inquired about the possibility of running a pcap on my devices, I suspect Apple would have volunteered that information as of course I'm their exact target audience for those tools (according to their PR / media disaster recovery service)?
I suspect I don't need to tell you that strangely enough none of those have ever been mentioned.
Anonymous coward as I might not like Apple's men in black (maybe they already erased me once about the pcapd!).
Apple does a good deal of its business with 'enterprise IT departments' behind the closed doors of confidential meetings that are protected by legally binding non-disclosure agreements. What they sell to one 'enterprise IT department' may not be the same as what they sell to another 'enterprise IT department'. It's quite possible that the secret utilities buried in the iOS are for the use of one 'enterprise IT department' and that they feel compelled to make them generally available due to the nature of 'bring your own device' policies within that enterprise.
Of course it could also well be the case that the 'enterprise IT department' in question is that which serves 'the corporation' better known as a three letter agency.
One more reason why I do not and will not have an Apple phone or tablet. I do have an iMac a by now elderly 2008 model. my phone and my tablet are from LG and Samsung, respectively.
Yes, I know they may have their secrets, too. But Apple seems to be increasingly underhanded with their spying. If they need it for "Analysis and Diagnostics" why don't they install it only of devises it provides to employees? Alternately, they could provide then free or at low cost to people that agree to that level of intrusiveness?
When you have to hide what you're doing, it's a good sign that you know you shouldn't be doing it.
One more reason why I do not and will not have an Apple phone or tablet. I do have an iMac a by now elderly 2008 model. my phone and my tablet are from LG and Samsung, respectively.
Hahaha - and you really think those are better? Either platform has problems, and these reports need independent confirmation first - and decent answers.
Apple is one of the few companies that doesn't give out their source code. What other reason, except for betraying the user can there be for this?
I think we should ban binary only software. It's not just to much of a security risk, it's also a question of consumer rights. If I buy a car or a vacuum cleaner I have every right to modify it in any way I want. Why don't I have that right with software? Why can't I just patch out features I don't like or patch in features I'd like to have?
Nobody is stopping you from modifying software you purchased, but nobody is forced to provide you with everything needed for the most convenient way. With binary code, you'll have to do it in assembler but nobody stops you in principle.
Did your vacuum cleaner company give you the production tooling and source files used to build the vacuum? No? Did your car vendor hand the source code for the ECU? Did they give you VHDL code for the ICs? Assembly instructions? No? Bas*ards!
As far as for banning, I'd first start with banning stupidity. But, for some reason it would not work.
Re: The hacks "...are not deliberately provided for government agencies to exploit. Instead, they are for "diagnostic" purposes and to allow enterprise IT bods to manage workers' devices."
Sounds like an NSA PR lawyer wrote the response. One interpretation could be Apple wants to ensure employers who provide devices to workers can "manage" them (workers?). Bizarre, no?
Of course full access for every government in the world is a possibility, too.
Whatever is going on we know one thing:
Don't trust Apple.
>> "pcapd - so top sekret it's been a documented developer tool for years"
> "No - the developer doc you linked to is about analyzing traffic from another device on the network, not by the device itself which is what pcapd does, allegedly. The doc you linked to says "iOS does not support packet tracing directly". That's contradicted by Jonathan's claims."
I was right. In http://support.apple.com/kb/HT6331 Apple references the exact same developer document and explains where pcapd fits in.