or Connect
AppleInsider › Forums › Mobile › iPhone › Apple's iOS 'dishing out a lot of data behind our backs,' security researcher charges
New Posts  All Forums:Forum Nav:

Apple's iOS 'dishing out a lot of data behind our backs,' security researcher charges

post #1 of 44
Thread Starter 
Noted forensic scientist and iOS hacker Jonathan Zdziarski has uncovered a number of undocumented "backdoor" services in Apple's mobile operating system that he argues could be exploited by law enforcement agencies, the NSA, or other malicious actors to bypass encryption and siphon sensitive personal data from iOS devices.




Zdziarski -- an early member of iOS jailbreaking teams and author of the O'Reilly title Hacking and Securing iOS Applications -- presented his discoveries as part of a talk at the annual HOPE/X conference, a long-running hacking and development conference in New York. The slides from that talk were first noted by ZDNet.

In the talk, Zdziarski touches on a number of services that run in the background on iOS but, he believes, do not appear to serve developers, Apple's engineering staff, or support personnel in any way. Others are designed for the benefit of enterprise administrators, but are crafted in such a way that they could be used for nefarious purposes.

"Much of this data simply should never come off the phone, even during a backup," Zdziarski wrote in one slide, referring to the information made available by those background services.

One service, com.apple.pcapd, captures HTTP data packets that flow to and from a user's device via libpcap. The service is active on every iOS device, according to Zdziarski, and could possibly be targeted via Wi-Fi for monitoring without the user's knowledge.




Zdziarski takes particular issue with the com.apple.mobile.file_relay service, which came around in iOS 2 but has been significantly expanded with successive release. This service completely bypasses iOS backup encryption, he says, exposing a "forensic trove of intelligence" including the user's address book, CoreLocation logs, the clipboard, calendars, notes, and voicemails.

In one particularly poignant example, Zdziarski says that an attacker could make use of this service to grab recent photos from a user's Twitter stream, their most recent timeline, their DM database, and authentication tokens that could be used "to spy on all future [Twitter] correspondence remotely."

Neither iTunes nor Xcode make use of these hidden services, Zdziarski notes, and the data is "in too raw a format" for Genius Bar use and cannot be restored to the device in any way.




Zdziarski also panned some of Apple's enterprise-friendly features, including mobile device management options that could allow an attacker to load custom spyware on a device by forging a security certificate. Zdziarski created a proof-of-concept spyware application for iOS in this way, he said, though Apple closed the loophole through which it collected data by denying applications the ability to create socket connections to the device itself.

A few of these services have already been tapped by manufacturers of commercial forensic devices, Zdziarski says, including companies like Elcomsoft, AccessData, and Cellebrite. Cellebrite products are widely used by U.S. law enforcement agencies to extract the contents of mobile devices seized from suspects.

Apple's iOS security is "otherwise great," Zdziarski wrote, noting that Apple has "worked hard to make iOS devices reasonably secure against typical attackers."
post #2 of 44
This will be lost on the noise ...

Apple's iOS security is "otherwise great," Zdziarski wrote, noting that Apple has "worked hard to make iOS devices reasonably secure against typical attackers."
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
post #3 of 44
Yet more reasons to never jailbreak.
You never know what jailbreak apps really do.

Sent from my iPhone Simulator

Reply

Sent from my iPhone Simulator

Reply
post #4 of 44

I want to see this guy demonstrate this function.
 

I'm so sick of people talking about what "could be happening" or that it's "possible". Quit talking out of your ass to make a name for yourself and show us a working, functioning exploit where you've successfully pulled data off a device. Like he claims forensics agencies are doing.

 

Otherwise STFU.

Author of The Fuel Injection Bible

Reply

Author of The Fuel Injection Bible

Reply
post #5 of 44
Quote:
Originally Posted by Torrid Foster View Post

if you think Apple is bad you should look at Android cause Android is worse!

I'd hate to be an Android owner, becuase the NSA pwns all of Android phones. And windoze

Apple is Awesome!

NSA is turning out just like in the sci-fi movies such as Minority Report, Fifth Sense, etc. In the future no one will have any real privacy.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #6 of 44
Apple isn't above valid criticism. If these complaints are valid, I'm confident Apple will look into them.

Proud AAPL stock owner.

 

GOA

Reply

Proud AAPL stock owner.

 

GOA

Reply
post #7 of 44
Quote:
Originally Posted by EricTheHalfBee View Post
 

I want to see this guy demonstrate this function.
 

I'm so sick of people talking about what "could be happening" or that it's "possible". Quit talking out of your ass to make a name for yourself and show us a working, functioning exploit where you've successfully pulled data off a device. Like he claims forensics agencies are doing.

 

Otherwise STFU.

 

Zdziarski said the services could also be abused by ex-lovers, co-workers, or anyone else who is in possession of a computer that has ever been paired with an iPhone or iPad. From then on, the person has the ability to wirelessly monitor the device until it is wiped. He said he makes personal use of those features to keep tabs on his iPhone-using children.

 

"The forensic tools I've written for myself privately I use for parental monitoring where when I set the phone up I'll pair it with my desktop and then at any point in the future I can just easily scan the network, find my kids' devices and dump all their application data, see who they're talking to, and what their doing online," he explained."

http://arstechnica.com/security/2014/07/undocumented-ios-functions-allow-monitoring-of-personal-data-expert-says/

post #8 of 44

Go ahead NSA. I don't give a sht. I got nothing to hide.

post #9 of 44
Quote:
Originally Posted by Torrid Foster View Post

if you think Apple is bad you should look at Android cause Android is worse!

I'd hate to be an Android owner, becuase the NSA pwns all of Android phones. And windoze

Apple is Awesome!

I would rather see iOS issues addressed, rather than people just saying "But Android is worse".


Edited by Haggar - 7/21/14 at 10:38am
post #10 of 44
Quote:
Originally Posted by fallenjt View Post
 

Go ahead NSA. I don't give a sht. I got nothing to hide.

Yeah, but it is none of their business either. They don't need to read the txt I send my wife.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #11 of 44
Quote:
Originally Posted by Haggar View Post

I would rather see iOS issues addressed, rather than people just saying "But Android is worse".

He's read to many Daniel Eran Dilger articles. I avoid them like the plague.

W. Pauli, winner of the Nobel prize in physics, said that all scientific methods fail when questions of origin are involved.


http://m.youtube.com/watch?v=z6kgvhG3AkI

http://www.answersingenesis.org...

Reply

W. Pauli, winner of the Nobel prize in physics, said that all scientific methods fail when questions of origin are involved.


http://m.youtube.com/watch?v=z6kgvhG3AkI

http://www.answersingenesis.org...

Reply
post #12 of 44
Quote:
Originally Posted by EricTheHalfBee View Post

I want to see this guy demonstrate this function.

 
I'm so sick of people talking about what "could be happening" or that it's "possible". Quit talking out of your ass to make a name for yourself and show us a working, functioning exploit where you've successfully pulled data off a device. Like he claims forensics agencies are doing.


Otherwise STFU.

Totally agree. He just wants his 15 minutes. I say to him demonstrate it so apple knows what to fix or so that users can take cautionary steps. Otherwise he's all hot air.

W. Pauli, winner of the Nobel prize in physics, said that all scientific methods fail when questions of origin are involved.


http://m.youtube.com/watch?v=z6kgvhG3AkI

http://www.answersingenesis.org...

Reply

W. Pauli, winner of the Nobel prize in physics, said that all scientific methods fail when questions of origin are involved.


http://m.youtube.com/watch?v=z6kgvhG3AkI

http://www.answersingenesis.org...

Reply
post #13 of 44
Quote:
Originally Posted by fallenjt View Post

Go ahead NSA. I don't give a sht. I got nothing to hide.


 



Sounds brave, but the issue isn't whether you think you have anything to hide, it's whether the NSA thinks you have anything to hide.
post #14 of 44
Quote:
Originally Posted by EricTheHalfWit View Post

I'm so sick of people talking about what "could be happening" or that it's "possible".

...quit talking out of your ass.... STFU.

You don't get to present at these conferences if you're an idiot. The standards for appearing there are fairly high.

The standard for posting comments on AI forums, not so much.

You should take your own advice (in bold above).

Keep in mind that people challenged the government in court for years about being spied on, only to be told "you can't prove it - go away"

Then Snowden reveled their immoral / illegal activity, now the cases are moving forward again.

It is difficult to get a man to understand something, when his salary depends upon his not understanding it - Upton Sinclair
Edited by vaporland - 7/21/14 at 11:09am
post #15 of 44
I'm glad these questions are being asked, and these details are being dug up.

I hope I will also be glad when the answers emerge!

It's always possible to improve.
post #16 of 44
Quote:
Originally Posted by ExceptionHandler View Post
Totally agree. He just wants his 15 minutes. I say to him demonstrate it so apple knows what to fix or so that users can take cautionary steps. Otherwise he's all hot air.

 

Perhaps you should take a moment to peruse the slide deck linked in the article, where you will find several working examples. 

post #17 of 44
Quote:
Originally Posted by mstone View Post

NSA is turning out just like in the sci-fi movies such as Minority Report, Fifth Sense, etc. In the future no one will have any real privacy.
I hate to say it, but I saw this day coming. As soon as the Edward Snowden leaks came out, detailing all the major tech companies complicity with the NSA, I knew there had to be something, somewhere embedded in the iOS code. This was just a treasure trove for the likes of the NSA, which they'd be fools to ignore.

Now, the real question, will Apple man up to this, acknowledging it in spite of their gag order from the NSA, and shut them out, or be a good little US corporate citizen and claim these reports are false and move along as if nothing happened? If they do the latter, they will lose a TREMENDOUS amount of credibility.

I sincerely hope Apple sets the example, stands up to the NSA, and expunges all code of this nature from their systems. Only time will tell.
post #18 of 44
Quote:
Originally Posted by ExceptionHandler View Post
 
Totally agree. He just wants his 15 minutes. I say to him demonstrate it so apple knows what to fix or so that users can take cautionary steps. Otherwise he's all hot air.

It is possible to extract data from the phone, at least with physical possession. Apple provides that service to law enforcement, although there is an extremely long waiting list. If Apple has a back door then it is not impossible for others to figure out how to gain access as well.

 

http://www.cnet.com/news/apple-deluged-by-police-demands-to-decrypt-iphones/

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #19 of 44

I think this researcher is saying if you modify the firmware then the iPhone may be snooped.  iOS update may change the firmware.  But apps can not. 

post #20 of 44
Quote:
Originally Posted by ExceptionHandler View Post



Totally agree. He just wants his 15 minutes. I say to him demonstrate it so apple knows what to fix or so that users can take cautionary steps. Otherwise he's all hot air.
Not necessarily. Have you thought about perhaps he's not releasing the details to the public to prevent this from being exploited by nefarious people outside the NSA?

I rather he do it the way he has, then give the facts over to Apple R&D for them to remove the code and plug the leaks.
post #21 of 44
"Dishing out a lot of data behind our backs.." is an very misleading, false, click bait type of headline. There are no examples in the article of where Apple "dished out" any information. I expect such crappy headlines from some but hoped AppleInsider was more truthful. How many of your other articles are now trustworthy?
post #22 of 44
Quote:
Originally Posted by TomMcIn View Post

"Dishing out a lot of data behind our backs.." is an very misleading, false, click bait type of headline. There are no examples in the article of where Apple "dished out" any information. I expect such crappy headlines from some but hoped AppleInsider was more truthful. How many of your other articles are now trustworthy?
Agreed, the headline is misleading...

As I'm at work, I don't have much time, but I did go into the original paper published by Jonathan Zdziarski, and to me at least, it would appear a great deal of the "backdoors" he identifies would be utilized by engineers at Apple to troubleshoot issues. While a lot of these could used for nefarious purposes if somewhat scrupulous individuals or organizations gained access to them, they do appear to be mostly troubleshooting utilities.
post #23 of 44
Quote:
Originally Posted by vaporland View Post


You don't get to present at these conferences if you're an idiot. The standards for appearing there are fairly high.

The standard for posting comments on AI forums, not so much.

You should take your own advice (in bold above).

Keep in mind that people challenged the government in court for years about being spied on, only to be told "you can't prove it - go away"

Then Snowden reveled their immoral / illegal activity, now the cases are moving forward again.

It is difficult to get a man to understand something, when his salary depends upon his not understanding it - Upton Sinclair

 

Poor little baby. What are you, 12? How clever changing my from Bee to Wit. How many hours did it take you to come up with that nugget of genius? I suppose you have a long list of words you can add an "i" in front of in order to make yourself appear witty as well.

 

I stand by my comments. It's one thing for someone to claim the government is spying without having concrete proof. It's quite another for someone to claim (and list ) modules in an OS that supposedly do this, and then refuse to back it up with examples of the exploit. This guy's just looking for his 15 minutes of fame by throwing out a bunch of "possibilities" disguised as "facts".

Author of The Fuel Injection Bible

Reply

Author of The Fuel Injection Bible

Reply
post #24 of 44
Quote:
Originally Posted by MagMan1979 View Post


Agreed, the headline is misleading...

As I'm at work, I don't have much time, but I did go into the original paper published by Jonathan Zdziarski, and to me at least, it would appear a great deal of the "backdoors" he identifies would be utilized by engineers at Apple to troubleshoot issues. While a lot of these could used for nefarious purposes if somewhat scrupulous individuals or organizations gained access to them, they do appear to be mostly troubleshooting utilities.

 

No kidding. Imagine that - the architects/developers of an operating system have ways to gain access to portions of it that normal people never would.

Author of The Fuel Injection Bible

Reply

Author of The Fuel Injection Bible

Reply
post #25 of 44
Quote:
Originally Posted by BobJohnson View Post

Perhaps you should take a moment to peruse the slide deck linked in the article, where you will find several working examples. 

I did. It read more from a standpoint of what is theoretically possible. I never saw a step by step WORKING example. I saw some naive code examples of how it could be possible that demonstrates the core idea. I also find it funny the mention of being able to spoof the fingerprint reader. I remember when news of that released. It basically required a perfect fingerprint under perfect conditions in order to work. Its POSSIBLE, but how likely is it?

Quote:
Originally Posted by mstone View Post

It is possible to extract data from the phone, at least with physical possession. Apple provides that service to law enforcement, although there is an extremely long waiting list. If Apple has a back door then it is not impossible for others to figure out how to gain access as well.

http://www.cnet.com/news/apple-deluged-by-police-demands-to-decrypt-iphones/

I never said what this guy is saying is impossible. I just think it's highly unlikely. Of course if someone has access to the hardware the security is basically gone. It's only a matter of time at that point. Same idea as physical access to a server room. If an attacker has your hardware it's over unless you have some insane encryption.

(Edit) insane encryption meaning a strong algorithm with a strong key. Then your only hope is the attacker gives up because it may be infeasible at this time to crack.
Quote:
Originally Posted by MagMan1979 View Post

Not necessarily. Have you thought about perhaps he's not releasing the details to the public to prevent this from being exploited by nefarious people outside the NSA?

I rather he do it the way he has, then give the facts over to Apple R&D for them to remove the code and plug the leaks.

That's what I meant and is typically how apple operates. When they hear news of an exploit or find something themselves, they don't announce the nitty gritty specifics until they have a fix. That's the only intelligent way to handle it.

Only problem is, if what this guy says is true, don't you think the NSA already has this capability or are now researching it because they know what's possible. Why not just tell apple and then announce what he found after the fix? Like I said, he wants his 15 minutes.
Edited by ExceptionHandler - 7/21/14 at 1:09pm

W. Pauli, winner of the Nobel prize in physics, said that all scientific methods fail when questions of origin are involved.


http://m.youtube.com/watch?v=z6kgvhG3AkI

http://www.answersingenesis.org...

Reply

W. Pauli, winner of the Nobel prize in physics, said that all scientific methods fail when questions of origin are involved.


http://m.youtube.com/watch?v=z6kgvhG3AkI

http://www.answersingenesis.org...

Reply
post #26 of 44
Why doesn't this guy do the OBVIOUS? Connect his iPhone to a hone WiFi network where the iPhone is the only device connected. Then record all of the traffic (packets) that leave the iPhone. Would be pretty easy to do and then you'd know EXACTLYwhat information is being "dished out" from your device.

Why hasn't he done this one very simple task?

Author of The Fuel Injection Bible

Reply

Author of The Fuel Injection Bible

Reply
post #27 of 44
Show us. Create videos that illustrate break-ins and what data can be obtained.
post #28 of 44
The technical know-how to figure out these exploits is often sufficiently high enough that only the worst offenders with mad skillz can figure them out and make use of them.

In either case, it's free consulting for apple.... Good work!
post #29 of 44
Quote:
Originally Posted by EricTheHalfBee View Post

Why doesn't this guy do the OBVIOUS? Connect his iPhone to a hone WiFi network where the iPhone is the only device connected. Then record all of the traffic (packets) that leave the iPhone. Would be pretty easy to do and then you'd know EXACTLYwhat information is being "dished out" from your device.

Why hasn't he done this one very simple task?

He doesn't need to prove anything to us. He is already a published author on iOS security, an early member of iOS jail breaking teams and invited to lecture at a well known conference. It is no different than a doctor lecturing at a medical conference about his work in cancer research. You don't expect him to first cure cancer before being allowed to give talk on the subject.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #30 of 44
Quote:
Originally Posted by EricTheHalfBee View Post

I want to see this guy demonstrate this function.

 
I'm so sick of people talking about what "could be happening" or that it's "possible". Quit talking out of your ass to make a name for yourself and show us a working, functioning exploit where you've successfully pulled data off a device. Like he claims forensics agencies are doing.


Otherwise STFU.

t's pretty common when discussing malware, security holes or other threats affecting any particular OS to talk about the theoretical possibility of user harm whether any actual harm has occurred or not. You know how it works. 1hmm.gif
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #31 of 44

I define "dishing out" as giving information to others with no restrictions.  From all reports, Apple does not do this.  My big complaint is the crappy headline.

 

If these hooks are necessary, they should have the same user controls as other ways that expose user data.  And by default, they should be OFF.

post #32 of 44
Quote:
Originally Posted by mstone View Post
 

He doesn't need to prove anything to us. He is already a published author on iOS security, an early member of iOS jail breaking teams and invited to lecture at a well known conference. It is no different than a doctor lecturing at a medical conference about his work in cancer research. You don't expect him to first cure cancer before being allowed to give talk on the subject.

 

If the doctor makes claims that people could use what he's talking about and cure cancer simply by doing a little extra work, then I'd have a problem with it. Or if he's claiming that others are already curing cancer using techniques he's talking about.

 

That's what he's saying - that the systems are in place, forensics experts are ALREADY exploiting them to get at data, and others could too "if they really tried".

Author of The Fuel Injection Bible

Reply

Author of The Fuel Injection Bible

Reply
post #33 of 44
Quote:
Originally Posted by Gatorguy View Post


t's pretty common when discussing malware, security holes or other threats affecting any particular OS to talk about the theoretical possibility of user harm whether any actual harm has occurred or not. You know how it works. 1hmm.gif

 

Funny how in previous discussions about the problems with malware on Android you demanded "proof" of something happening.

Author of The Fuel Injection Bible

Reply

Author of The Fuel Injection Bible

Reply
post #34 of 44
Quote:
Originally Posted by EricTheHalfBee View Post
 

I want to see this guy demonstrate this function.
 

I'm so sick of people talking about what "could be happening" or that it's "possible". Quit talking out of your ass to make a name for yourself and show us a working, functioning exploit where you've successfully pulled data off a device. Like he claims forensics agencies are doing.

 

Otherwise STFU.

I was thinking the exact same thing, it is like the whole concept of a space elevator, in theory it can be done, but no one can actually demonstrate it.

 

Instead of talking about back doors and possible exploits, show us how you did it and what happens when you do it.

 

Lots of systems have back doors and most of them as only accessible when the product is going through the manufacturing process or when it put into some debug mode which would be completely obvious to the everyday users 

post #35 of 44
Questions for the Emperor:
1. Why did you build the Death Star, whose sole purpose is to end life on a planetary scale? Isn't the purpose of the government to serve its citizens?
2. Why did you dissolve the Imperial Senate?
3. Now that the Separatists have been defeated, what is the purpose of the Grand Army of the Empire, other than to crush dissent?
4. How badly has the clone DNA degraded that the final batch of your elite stormtroopers can get their ass whooped by teddy bears wielding rocks and sticks?

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #36 of 44

It's too difficult for me to assess the technical merits of the issues this guy is raising, and I doubt I'll be able to really assess Apple's reply either, if they make one. 

 

So here's how I look at it: 

 

1. Apple's profits come from selling iPhones to consumers, not from selling consumers' data to other people. This leads me to think Apple will tend to be better (not perfect, just better) about respecting and protecting customer privacy than Google. (Microsoft's incentives are a little fuzzy here, but my sense is they are somewhere in between Apple and Google). 

 

2. Apple has to respect the governments and law enforcement officials in the countries where they operate. That means that if any given government (US, China, whoever) pressures Apple to share customer data, we cannot realistically expect Apple to resist that pressure. In fact, I'm not sure we should even want Apple to resist that pressure -- Apple should not be above the laws of the countries in which they operate. If the citizens of any given country don't like what their government is asking corporations to do, then the citizens need to change their government (I don't mean to imply that's an easy thing to do, but ultimately that is what's necessary).

post #37 of 44
Apart from the other accusations is this guy also asking for all personal data on the iPhone to be encrypted?

That's a completely different and over-reaching request.

If you connect a phone using, say, "iPhone explorer" you ( or anyone) can get in and 'explore' all the files on your iPhone once the phone is unlocked. It is up to the app developer to encrypt his apps data. Do we really expect that our iPhone will now encrypt/decrypt all data on the iPhone in "real time" ? That's crazy!
post #38 of 44
Quote:
 Apart from the other accusations is this guy also asking for all personal data on the iPhone to be encrypted?

That's a completely different and over-reaching request.

If you connect a phone using, say, "iPhone explorer" you ( or anyone) can get in and 'explore' all the files on your iPhone once the phone is unlocked. It is up to the app developer to encrypt his apps data. Do we really expect that our iPhone will now encrypt/decrypt all data on the iPhone in "real time" ? That's crazy!

 

You know that the iPhone already does this, right? What it *doesn't* do by default is combine the hardware encryption key with your passcode. That feature is available on an app by app basis (Data Protection), but I would be much happier if it were (at least optionally) implemented for the whole filesystem.

 

The way that things stand now, it's possible to access the contents of the phone's filesystem (bypassing the lock code). Anything that's not protected via Apple's Data Protection system can be read from the phone. The method for doing this is nontrivial but well known. 

post #39 of 44
Originally Posted by mstone View Post
He doesn't need to prove anything to us. He is already a published author on iOS security, an early member of iOS jail breaking teams and invited to lecture at a well known conference. It is no different than a doctor lecturing at a medical conference about his work in cancer research. You don't expect him to first cure cancer before being allowed to give talk on the subject.

 

AHAHAHAHAHAHAHAHAHA

 

Okay, NOW I understand why you believe some of the things you believe. That clears up a ton of confusion.

 

Originally Posted by fallenjt View Post
Go ahead NSA. I don't give a sht. I got nothing to hide.

 

This is in no way a valid argument.


By the way, mind posting a picture of your wife in her underwear holding the receipt of your credit card? After all, you have nothing to hide.

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply
post #40 of 44
Quote:
Originally Posted by EricTheHalfBee View Post
 
Quote:
If the doctor makes claims that people could use what he's talking about and cure cancer simply by doing a little extra work, then I'd have a problem with it. Or if he's claiming that others are already curing cancer using techniques he's talking about.

 

That's what he's saying - that the systems are in place, forensics experts are ALREADY exploiting them to get at data, and others could too "if they really tried".

I think it might be similar to saying we are making some interesting discoveries and some success in mice but we haven't done any human trials yet.

 

This security guy mentions three companies that offer iOS forensic services. I went to all three websites and they all claim they can get the data from iPhone. 

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • Apple's iOS 'dishing out a lot of data behind our backs,' security researcher charges
AppleInsider › Forums › Mobile › iPhone › Apple's iOS 'dishing out a lot of data behind our backs,' security researcher charges