News

Security researcher exposes backdoors in iOS 7 – update

By admin
Spread the love

Security researcher Jonathan Zdziarski claims to have found a number of backdoors in iOS 7. The backdoors can be used to bypass the encryption of the OS. Apple denies the claims.

According to Zdziarski, user data can be accessed via the so-called file_relay function. For example, an attacker can gain access to almost all data on an iPhone or iPad, even if it should be encrypted. For example, address books can be read, account information can be requested and GPS logs can be viewed. It is still unclear whether the file_relay function can also be used remotely to read a device or can only be applied locally. However, an iPhone or iPad must first be paired to a computer in order to use file_relay. However, the so-called pairing records can be stolen or an iPhone owner can be persuaded to place his device in a manipulated device, for example a docking station, to subsequently generate a pairing record.

Zdziarski also describes pcapd, an integrated packet sniffer for intercepting network data. Pcap can be activated remotely via WiFi.

The security researcher states that the backdoors and the undocumented functions were probably introduced in iOS by Apple under pressure from the American secret services. The functionality would be useless for debugging and support purposes. Older iOS versions would also contain some of the backdoors.

Zdziarski concludes that Apple violates the privacy of its users by, among other things, making it possible to bypass encryption completely and by not informing the user when data is tapped. The backdoors would also offer opportunities to criminals and other malicious parties.

Apple says in a response that these are “diagnostic functions” that would not harm privacy and security. According to Apple, a user must first unlock his phone and give permission if it is linked to another computer. Apple also reiterates its earlier claim that it has never worked with government agencies to build backdoors into its products.

Update, 22/7, 11:50: Comment from Apple added to the article.

You might also like
News

Apple has been working on its own search engine for years. It’s called…

News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Russian ministry bans iPhones due to suspicion of espionage