Apple’s iOS operating system might be well known for its impressive security features, but that doesn’t mean that it’s invulnerable to all threats. In fact, backdoors may have been located in the operating system, which allow Apple and law enforcement agencies like the NSA to access the devices.
The discovery was made by Jonathan Zdziarski, a forensic scientist who spoke at the Hackers on Planet Earth (HOPE) conference in New York City. According to Zdziarski, Apple’s untouchable operating system might have hidden backdoors that let certain institutions access personal information. These backdoors are thought to be used for debugging, but due to the information that is taken from the devices being of a personal nature, this isn’t likely. It’s also unlikely that the information is being used for data backup and recovery, as it cannot be returned to the devices after it has been extracted in a raw format.
So, what exactly is this data used for? Nobody knows. These services aren’t referenced by any other Apple software or documentation, and to make matters worse, they also work around data encryption. This “flaw” is most commonly seen in iOS 7.0. Locking your device doesn’t even make it safe. The second you boot up the phone and unlock the system, the data can be accessed and retrieved, even through the lock screen.
Zdziarski says, “Your device is almost always at risk of spilling all data, even while locked.” He also claims that it’s not outlandish to suggest that third-party forensic software companies also have access to this information, who then market it to law enforcement for a price. It’s already been confirmed as of last month that Russian software firm Elcomsoft markets a tool which allows users to access backup files from an iCloud account, without the account holder’s Apple ID. If that’s not sketchy, we don’t know what is.
iOS 8, which is currently in development, is supposed to tote several improved privacy features which could give Apple the edge they need to outrun the Android mobile OS. However, if these problems remain an issue, Apple’s reputation will surely suffer.
This whole situation brings up the question of whether or not Apple is the only company which participates in this shady activity. If these problems aren’t fixed in future versions of iOS, their support will likely run dry as the public continues to favor Android, or the Windows Phone 8.1.
When it comes to purchasing new mobile devices, you want the most secure option for your company’s sensitive files. PACE Technical Services can help you find the right technology for your business needs. To keep your business safe from external threats, contact PACE Technical Services at 905.763.7896. We’ll equip your company with a security solution that’s right for you.
What are your thoughts on the potential backdoor threats? Are you an Apple user, and does this change your opinion on anything?