Apple Concedes Iphones Let Others Access Your Personal Data

apple inc
Apple has conceded that personal data including text messages, contact lists and photos can be extracted from iPhones through previously unpublicized techniques by Apple employees.

The same techniques to circumvent backup encryption could be used by law enforcement or others with access to the trusted computers to which the devices have been connected.

Researcher Jonathan Zdziarski showed how the services take a surprising amount of data for what Apple now says are diagnostic services meant to help engineers.

Users are not notified that the services are running and cannot disable them, Zdziarski said. There is no way for iPhone users to know what computers have previously been granted trusted status via the backup process or block future connections.

He further said, there is no way to unpair except to wipe the phone. As word spread about Zdziarski’s statement, some cited it as evidence of Apple collaboration with the National Security Agency.

The company, however, denied creating any back doors for intelligence agencies.

Apple said, they have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues.
Apple also posted its first descriptions of the tools on its own website, and Zdziarski and others who spoke with the company said they expected it to make at least some changes to the programs in the future.

Zdziarski said he did not believe that the services were aimed at spies. But he said that they extracted much more information than was needed, with too little disclosure.

For all the attention to the previously unknown tools and other occasional bugs, Apple’s phones are widely considered more secure than those using Google’s rival Android operating system, in part because Google does not have the power to send software fixes directly to those devices.

Leave a Reply

Your email address will not be published. Required fields are marked *