or Connect
AppleInsider › Forums › Mobile › iPhone › Apple details iOS diagnostics capabilities in answer to 'backdoor' services allegations
New Posts  All Forums:Forum Nav:

Apple details iOS diagnostics capabilities in answer to 'backdoor' services allegations

post #1 of 45
Thread Starter 
In what appears to be a response to allegations of installing "backdoor" services with the intent to harvest data from iOS devices, Apple on Tuesday posted to its website an explanation of three diagnostics capabilities built in to the mobile OS.



As listed in the support document, Apple goes over three iOS services, explaining how they work and why they exist, possibly in an attempt to address accusations that it installs backdoor services in cahoots with government agencies looking to surveil device owners.

The services detailed were mentioned by forensic scientist and iOS hacker Jonathan Zdziarski in a recent talk at the HOPE/X conference in New York. Zdziarski highlighted certain suspicious iOS background assets that appeared to serve no diagnostics purposes, but could potentially be exploited by law enforcement agencies or malicious hackers to steal sensitive personal data from iOS devices.

In the support document, Apple addresses three of these services -- coincidentally listed in the same order as presented by Zdziarski in his slide deck -- explaining how each works and its intended use as a diagnostics tool for developers or IT professionals.

From Apple's support document:

  1. com.apple.mobile.pcapd

    pcapd supports diagnostic packet capture from an iOS device to a trusted computer. This is useful for troubleshooting and diagnosing issues with apps on the device as well as enterprise VPN connections. You can find more information at developer.apple.com/library/ios/qa/qa1176.

  2. com.apple.mobile.file_relay

    file_relay supports limited copying of diagnostic data from a device. This service is separate from user-generated backups, does not have access to all data on the device, and respects iOS Data Protection. Apple engineering uses file_relay on internal devices to qualify customer configurations. AppleCare, with user consent, can also use this tool to gather relevant diagnostic data from users' devices.

  3. com.apple.mobile.house_arrest

    house_arrest is used by iTunes to transfer documents to and from an iOS device for apps that support this functionality. This is also used by Xcode to assist in the transfer of test data to a device while an app is in development.

In addition, Apple points readers in the direction of documents explaining data syncing and the "Trust this computer" iOS feature that protects against data extraction from an unknown Mac or PC.

While the document answers for three services questioned by Zdziarski, the hacker brought up many more, including those with the potential to seemingly bypass iOS backup encryption to serve up data from a user's address book, capture pictures from social media feeds, install spyware using available enterprise tools and more.

For its part, Apple responded to the allegations in a statement issued on Monday, saying diagnostic functions in iOS are designed to thwart any compromise of user privacy and security.

"As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products of services," Apple said.

The company added that users must first unlock their device and agree to trust a connected computer before transferring over diagnostics data, a point reiterated in today's support document.
post #2 of 45
First it's denied. Then when it's realized that it has been put there on purpose it's a diagnostics tool? I guess I'll have to see what type of diagnostics this handles first. It's not currently being utilized. As noted by others, it's not an exploit. It's an open door intentionally programmed for something. Strangely it has access to all of your personal data. We'll just have to wait and see what that something is.

Edit: added (Strangely it has access to all of your personal data) above.
Edited by Silver Shadow - 7/22/14 at 9:37pm
post #3 of 45
Quote:
Originally Posted by Silver Shadow View Post

First it's denied. Then when it's realized that it has been put there on purpose it's a diagnostics tool? I guess I'll have to see what type of diagnostics this handles first. It's not currently being utilized. As noted by others, it's not an exploit. It's an open door intentionally programmed for something. We'll just have to wait and see what that something is.

Apple didn't deny that the services exist; they denied that they were created to help law enforcement agencies crack iDevices.

Good to see that Apple isn't letting the hit-whoring websites dictate the narrative completely. It's good practice for Apple's PR department which has been asleep at the wheel for years.
post #4 of 45
Quote:
Originally Posted by Rayz View Post

Apple didn't deny that the services exist; they denied that they were created to help law enforcement agencies crack iDevices.

Good to see that Apple isn't letting the hit-whoring websites dictate the narrative completely. It's good practice for Apple's PR department which has been asleep at the wheel for years.

I'm glad to see their response also, although nothing in their press release or the subsequent links contained therein actually addressed why the deliberate holes were made.

I'm hoping it's for a future product, but I'm optimistic! 1smile.gif

The problem is, if you JailBreak, that's instant access to every bit of personal data you have. That is of course if someone jailbreaks it. Those holes don't make it easier to JailBreak, but they do, all of your info is available. (Everything gets Jailbroken, it's just a matter of time).
post #5 of 45
Quote:
Originally Posted by Silver Shadow View Post

The problem is, if you JailBreak, that's instant access to every bit of personal data you have. That is of course if someone jailbreaks it. Those holes don't make it easier to JailBreak, but they do, all of your info is available. (Everything gets Jailbroken, it's just a matter of time).

 

That is not entirely true. Several apps implement their own data encryption, which is not tied to the default root credentials. This data would still be encrypted after a jailbreak. Truly critical data (and I admit that this is a very subjective definition) does not belong into apps without such security features. Of course, most people will use the stock apps which do not have this additional protection for most stuff.

 

Nevertheless, I would argue that there is no need to blow this out of proportion. If somebody has physical access to a device and all the time in the world, most private, and even most business devices (laptops etc.) are even easier to read out (remove the drive and read it on another computer). Absolutely nobody makes a fuss about it. And if a government agency has the device and the authority to access it, they will, encryption or not.

post #6 of 45
Quote:
Originally Posted by dreyfus2 View Post

That is not entirely true. Several apps implement their own data encryption, which is not tied to the default root credentials. This data would still be encrypted after a jailbreak. Truly critical data (and I admit that this is a very subjective definition) does not belong into apps without such security features. Of course, most people will use the stock apps which do not have this additional protection for most stuff.

Nevertheless, I would argue that there is no need to blow this out of proportion. If somebody has physical access to a device and all the time in the world, most private, and even most business devices (laptops etc.) are even easier to read out (remove the drive and read it on another computer). Absolutely nobody makes a fuss about it. And if a government agency has the device and the authority to access it, they will, encryption or not.

Aren't you the person/persons that believes a .99 app could replace a $15k thermal imaging camera?

Research what your posting about, because anyone with any real world experience can tell the difference. (Even opposed to researched material).

With the two new built in holes, you do not need physical access. It allows access to all of your personal data. It could be because of the beta. No one knows why those holes are there right now. To me it looks like a tie in with a future product. Others have a different view. NO ONE KNOWS FOR SURE yet. If they're still there when it comes out of beta then it will certainly get a lot of attention. I'll help to make sure of it.
post #7 of 45
Quote:
Originally Posted by Silver Shadow View Post

Aren't you the person/persons that believes a .99 app could replace a $15k thermal imaging camera?

Research what your posting about, because anyone with any real world experience can tell the difference. (Even opposed to researched material).

With the two new built in holes, you do not need physical access. It allows access to all of your personal data. It could be because of the beta. No one knows why those holes are there right now. To me it looks like a tie in with a future product. Others have a different view. NO ONE KNOWS FOR SURE yet. If they're still there when it comes out of beta then it will certainly get a lot of attention. I'll help to make sure of it.

Edit:
I'm very sorry. You are not the poster I was thinking of. I really am sorry...
post #8 of 45
Quote:
Originally Posted by Silver Shadow View Post

First it's denied. Then when it's realized that it has been put there on purpose it's a diagnostics tool? I guess I'll have to see what type of diagnostics this handles first. It's not currently being utilized. As noted by others, it's not an exploit. It's an open door intentionally programmed for something. Strangely it has access to all of your personal data. We'll just have to wait and see what that something is.

Edit: added (Strangely it has access to all of your personal data) above.
There's a fine line between silly and ignorance...
post #9 of 45
Quote:
Originally Posted by Michael_C View Post

There's a fine line between silly and ignorance...

Are you implying either of the two exist in my post?
post #10 of 45
Quote:
"As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products of services," Apple said.

I would feel a little more comfortable if they had not used limiting words in their response such as "government agency" or "backdoor".

By limiting their response to "government" agencies, it doesn't tell us what they may or may not have done for a civilian agency. And by using the word "agency", does that automatically cover "departments", "organizations", "units", "groups" and "corporations"?

A slightly more reassuring response would have been:

"As we have said before, Apple has never worked with any person or persons to bypass security or privacy," Apple said.
post #11 of 45
Quote:
Originally Posted by Silver Shadow View Post

First it's denied. Then when it's realized that it has been put there on purpose it's a diagnostics tool? I guess I'll have to see what type of diagnostics this handles first. It's not currently being utilized. As noted by others, it's not an exploit. It's an open door intentionally programmed for something. Strangely it has access to all of your personal data. We'll just have to wait and see what that something is.

Edit: added (Strangely it has access to all of your personal data) above.

It's not accessible if your device is locked.  Your device has to be unlocked, and trust the host computer.  Why did you unlock it and trusted the host computer?  Do you just trust any host computer for no reasons?

 

If you didn't password protect it, err - why are you even worried about this, because you obviously don't care anyway.

post #12 of 45
I don't believe that Apple would intentionally deceive us. However isn't there a US law that requires Apple hand over all their crypto keys or provide a comparable way to give away all the data and furthermore makes it a crime to even admit or hint that any such handover has been done? I don't think any US company is even legally allowed to speak of having been asked to hand over keys or data.

Hence Apple is pushing for "greater transparency" in these processes.

With that in mind, we can twist words so that one message is implied "your data is safe" but in reality a lie has been told.

"Apple has never worked any government agency from any country to create a backdoor in any of our products or services..." could literally be interpreted as:
1. They created the back doors of their own volition - letting the a govt use them is not a contradiction of the statement
2. They did the "create a backdoor" part - the programming etc. - all by themselves - they don't need to "work with" anyone to accomplish that
3. They worked with non-governmental agencies to do this
Etc.
post #13 of 45
Quote:
Originally Posted by Rayz View Post

Apple didn't deny that the services exist; they denied that they were created to help law enforcement agencies crack iDevices.

Good to see that Apple isn't letting the hit-whoring websites dictate the narrative completely. It's good practice for Apple's PR department which has been asleep at the wheel for years.

Everything has diagnostic capabilities, just it seems these should not be running unless developer mode is turned on and the device screen is unlocked. So nothing new here. Theoretically someone could craft data to make a MITM attack against the the services and an actual trusted device, or pretend to be the trusted device, but this still is far more limited than the clickbait sites would have you believe.
post #14 of 45
Quote:
Originally Posted by 65C816 View Post

It's not accessible if your device is locked.  Your device has to be unlocked, and trust the host computer.  Why did you unlock it and trusted the host computer?  Do you just trust any host computer for no reasons?

If you didn't password protect it, err - why are you even worried about this, because you obviously don't care anyway.

No. That's not the case this time. Sorry. It's not what I do for a living either, so take it with a grain of salt. However I'm more passionate about my hobbies than I am with my real job.

Real, engineered "holes" for lack of a better term, exist. It's not a question left to debate at the moment, they are there. Physical or wireless access. It's not really a security concern yet though. They are not exploits. Though right now it looks like if you jailbreak IOS8, you may as well hand over your wallet.

I do find it interesting that the PR department jumped on this when they're notoriously silent with every other problem or vulnerability.
post #15 of 45
Quote:
Originally Posted by Misa View Post

Everything has diagnostic capabilities, just it seems these should not be running unless developer mode is turned on and the device screen is unlocked. So nothing new here. Theoretically someone could craft data to make a MITM attack against the the services and an actual trusted device, or pretend to be the trusted device, but this still is far more limited than the clickbait sites would have you believe.

I agree everything should have diagnostic abilities. Access to all of your personal information (contacts, email, web history, SMS history, photos). I could be wrong, but I don't think that belongs in any type of diagnostic tool.

It's very limited at the moment. Only because no one has taken advantage of it.
post #16 of 45
Quote:
Originally Posted by Silver Shadow View Post

I agree everything should have diagnostic abilities. Access to all of your personal information (contacts, email, web history, SMS history, photos). I could be wrong, but I don't think that belongs in any type of diagnostic tool.

It's very limited at the moment. Only because no one has taken advantage of it.

A grown man, or woman, doesn't bother hiding behind some asinine name like Silver Shadow. Hell everyone here unwilling to actually put their real name out there really has no balls, in my estimation, and thus really knee caps their statements to being nothing more than a bunch of scared or self-serving children.
post #17 of 45
I have seen the "Trust this Computer" alert in action. I have four iPhones (4, 4S, 5 and 5S) and an iPad connected to my iMac. It is always interesting to see the alerts since it is my computer the devices are connected to. I do not remember when I started noticing the alerst... Maybe iOS 6 or even 5 when I transitioned development to the iMac from the MacBook Pro.
post #18 of 45
Quote:
Originally Posted by mdriftmeyer View Post

A grown man, or woman, doesn't bother hiding behind some asinine name like Silver Shadow. Hell everyone here unwilling to actually put their real name out there really has no balls, in my estimation, and thus really knee caps their statements to being nothing more than a bunch of scared or self-serving children.

So your real name is Mdrift Meyer? Very curious. Your post is probably the most childish I've seen in quite some time. However, instead of attacking my screen name (which I believe it's called) perhaps you would like to enlighten me as to how... Oh, wait... You didn't object to anything. You just have an apparent illogical fear for my screen name.

Carry on!
post #19 of 45
Quote:
Originally Posted by Silver Shadow View Post

So your real name is Mdrift Meyer? Very curious. Your post is probably the most childish I've seen in quite some time. However, instead of attacking my screen name (which I believe it's called) perhaps you would like to enlighten me as to how... Oh, wait... You didn't object to anything. You just have an apparent illogical fear for my screen name.

Carry on!

Just for the record, mdriftmeyer used to actually work at Apple.

So he doesn't have a real name, just a serial number.

1wink.gif
I always appreciate an Android fan who puts his energy into advertising Apple products.
Reply
I always appreciate an Android fan who puts his energy into advertising Apple products.
Reply
post #20 of 45

You can take off the tin foil hats now.

post #21 of 45
Quote:
Originally Posted by mdriftmeyer View Post

Quote:
Originally Posted by Silver Shadow View Post

I agree everything should have diagnostic abilities. Access to all of your personal information (contacts, email, web history, SMS history, photos). I could be wrong, but I don't think that belongs in any type of diagnostic tool.

It's very limited at the moment. Only because no one has taken advantage of it.

A grown man, or woman, doesn't bother hiding behind some asinine name like Silver Shadow. Hell everyone here unwilling to actually put their real name out there really has no balls, in my estimation, and thus really knee caps their statements to being nothing more than a bunch of scared or self-serving children.

Not feasible. Heck, even my surname which is not common in the English speaking world, was taken when I first registered here - same everywhere else, cyber squatters got there before I got up. I object to being JoeSmith33781, or making it easy to be tracked...or following someone else's idea of correct behaviour backed up by asinine reasoning.
post #22 of 45
Why do they say "products of services" in a sentence that most people unconsciously read as "products or services" without noticing?
post #23 of 45
This is simply an extension of the practice of sensationalizing everything having to do with Apple and using everything they do as an attack vector for promoting ones personal agenda. When you are at the top of your game everyone who has ambition to rise above the herd will do whatever they can to knock you off the top to make a name for themselves and get their own 15 minutes of fame or infamy. This is basic human nature dating back to the roots of human existence. Mass media and pervasive info spew has only increased the number of and volume of the contenders. Whether you love Apple or loath them, this is simply how human nature plays out. Apple is the top dog and as such they will be under constant attack from everyone who covets the success that Apple has achieved. A pervasive fallacy of the attackers is the belief that lowering Apple's stature somehow raises their own. This is a self rationalizing but often played losers game, "if I can't beat you head to head I will try to pull you down into the hole that I'm in." That's just the way the game is played in meatspace.
post #24 of 45
Quote:
Originally Posted by Silver Shadow View Post

First it's denied. Then when it's realized that it has been put there on purpose it's a diagnostics tool? I guess I'll have to see what type of diagnostics this handles first. It's not currently being utilized. As noted by others, it's not an exploit. It's an open door intentionally programmed for something. Strangely it has access to all of your personal data. We'll just have to wait and see what that something is.

Edit: added (Strangely it has access to all of your personal data) above.

I am confused. Apple never denied the alledged back doors. It denied working with governing agencies to provide unauthorized access. That combined with other statements and various reports seems like a clear message that Apple isn't intentionally selling its users out.

Moreover, Apple's explanations for the access seems satisfactory to me.
post #25 of 45
Quote:
Originally Posted by DewMe View Post

This is simply an extension of the practice of sensationalizing everything having to do with Apple and using everything they do as an attack vector for promoting ones personal agenda. When you are at the top of your game everyone who has ambition to rise above the herd will do whatever they can to knock you off the top to make a name for themselves and get their own 15 minutes of fame or infamy. This is basic human nature dating back to the roots of human existence. Mass media and pervasive info spew has only increased the number of and volume of the contenders. Whether you love Apple or loath them, this is simply how human nature plays out. Apple is the top dog and as such they will be under constant attack from everyone who covets the success that Apple has achieved. A pervasive fallacy of the attackers is the belief that lowering Apple's stature somehow raises their own. This is a self rationalizing but often played losers game, "if I can't beat you head to head I will try to pull you down into the hole that I'm in." That's just the way the game is played in meatspace.

That may be true for "meatspace", an apt term. However, a rational person need only look around a little to realize that there is an abundance of countless and limitless other "spaces" which are created by merely looking.

 

Sad to say, many of Apple's potential competitors don't seem to realize this. But I think IBM sanely does and is preparing to "play nicely" with its new partner and ally.

Daniel Swanson

Reply

Daniel Swanson

Reply
post #26 of 45
Quote:
Originally Posted by tenly View Post

I would feel a little more comfortable if they had not used limiting words in their response such as "government agency" or "backdoor".

By limiting their response to "government" agencies, it doesn't tell us what they may or may not have done for a civilian agency. And by using the word "agency", does that automatically cover "departments", "organizations", "units", "groups" and "corporations"?

A slightly more reassuring response would have been:

"As we have said before, Apple has never worked with any person or persons to bypass security or privacy," Apple said.

This is paranoid nonsense. Apple was addressing specific allegations that it conspired with the government. You don't accuse someone then take their denial as implied admission for something entirely different.

When read in light of the actual allegations, Apple's response is every bit as reassuring as a verbal statement can be.
post #27 of 45
Quote:
Originally Posted by Silver Shadow View Post

First it's denied. Then when it's realized that it has been put there on purpose it's a diagnostics tool? I guess I'll have to see what type of diagnostics this handles first. It's not currently being utilized. As noted by others, it's not an exploit. It's an open door intentionally programmed for something. Strangely it has access to all of your personal data. We'll just have to wait and see what that something is.

Edit: added (Strangely it has access to all of your personal data) above.

And the android trolls are the first to respond! Samsung maybe?
post #28 of 45
Quote:
Originally Posted by Silver Shadow View Post

I'm glad to see their response also, although nothing in their press release or the subsequent links contained therein actually addressed why the deliberate holes were made.

I'm hoping it's for a future product, but I'm optimistic! 1smile.gif

The problem is, if you JailBreak, that's instant access to every bit of personal data you have. That is of course if someone jailbreaks it. Those holes don't make it easier to JailBreak, but they do, all of your info is available. (Everything gets Jailbroken, it's just a matter of time).

If you jailbreak, you're a moron.
post #29 of 45
Actually both.
post #30 of 45
Quote:
Originally Posted by iaeen View Post


This is paranoid nonsense. Apple was addressing specific allegations that it conspired with the government. You don't accuse someone then take their denial as implied admission for something entirely different.

When read in light of the actual allegations, Apple's response is every bit as reassuring as a verbal statement can be.

 

I'm not saying that AAPL is guilty of anything or has admitted to anything - implied or otherwise.  I'm also not saying that they're intentionally lying or misleading anyone.

 

All I'm saying is that the wording they used in their denial is identical to the wording some of the worlds best liars would have used.  I've dealt with a lot of liars in my day and this is exactly how they reply when accused.  Instead of flat out denying everything, they add enough qualifiers to create a scope narrow enough that they can reply with a statement which is actually truthful (but doesn't necessarily fully answer the original question).

 

If you refer to my previous posts, it's pretty obvious that I'm pro-Apple.  I own many Apple devices and currently control 2600 shares of AAPL in a mix of actual shares and options.  I don't think that any of the capabilities currently under scrutiny are there for nefarious purposes. 

 

The point of my original post was just that I wish that Apple had been more clear and more general in their response.  I wish they had used wording that could not be questioned.  I wish they had removed the qualifiers completely from the statement they issued.  If they had, it would have been impossible for anyone to challenge the statement without accusing them of straight out lying.

post #31 of 45
Quote:
Originally Posted by joogabah View Post

Why do they say "products of services" in a sentence that most people unconsciously read as "products or services" without noticing?

Because it was simply a typo in the original email by the Apple PR guy?  Seriously, what would "products of services" even mean in that context?

post #32 of 45
Quote:
Originally Posted by tenly View Post
 

The point of my original post was just that I wish that Apple had been more clear and more general in their response.  I wish they had used wording that could not be questioned.  I wish they had removed the qualifiers completely from the statement they issued.  If they had, it would have been impossible for anyone to challenge the statement without accusing them of straight out lying.

There is no way a large corporation could every make an assertion like you wanted to put in their mouths without having a high likelihood of being "caught in a lie."  If I told my wife "I've never had an inappropriate sexual relationship with another woman"  in response to a question about that.  Is she going to assume that I'm covering up a relationship with a man or be reassured that I addressed a particular concern of hers.  If instead I said "I have never done anything inappropriate," would that be more reassuring or almost certainly false--in some ways that I perhaps can't even remember?  And now try to apply that to a corporation with decades of history and tens of thousands of employees.  Specific factual assertions are better than overly broad platitudes that can't be verified.

post #33 of 45

Quote:

[quote]Originally Posted by tenly View Post
 

The point of my original post was just that I wish that Apple had been more clear and more general in their response.  I wish they had used wording that could not be questioned.  I wish they had removed the qualifiers completely from the statement they issued.  If they had, it would have been impossible for anyone to challenge the statement without accusing them of straight out lying.[/quote]

 

Originally Posted by malax View Post
 

There is no way a large corporation could every make an assertion like you wanted to put in their mouths without having a high likelihood of being "caught in a lie."  If I told my wife "I've never had an inappropriate sexual relationship with another woman"  in response to a question about that.  Is she going to assume that I'm covering up a relationship with a man or be reassured that I addressed a particular concern of hers.  If instead I said "I have never done anything inappropriate," would that be more reassuring or almost certainly false--in some ways that I perhaps can't even remember?  And now try to apply that to a corporation with decades of history and tens of thousands of employees.  Specific factual assertions are better than overly broad platitudes that can't be verified.

 

I see your point, but to continue playing devil's advocate here...  by choosing to use the word 'woman' and 'inappropriate' in your reply to your wife, you've left open the possibility that you've had inappropriate sexual relationships with men, girls, animals, etc. (mostly kidding about this part).   But, by inserting the word 'inappropriate' into your answer, you've further limited your denial it to the type of relationship that *YOU* would consider inappropriate. 

Perhaps you think that it's inappropriate to have sex with another woman you have feelings for, however you could have convinced yourself that it's not "inappropriate" to do so with an escort or call girl since their are no feelings involved.

 

Okay.  All joking aside now - In the case of your specific example, the alternative to "I've never had an inappropriate sexual relationship with another woman" is not "I have never done anything inappropriate".  As you've said - that's far too general.  However, wouldn't this be more reassuring to your wife and still limited in such a way that you can't be convicted for something that may have happened in your distant past?  "I don't remember EVER doing anything you'd find inappropriate, but I absolutely haven't while we've been together!"

 

Anyhow.  I'm happy to concede my original point.  Apple PR has answered to the best of their ability.  I don't believe that they are intentionally inserting code into their OS to create a backdoor for governments.  Further - if they ever were ordered/mandated to assist government agencies in this type of invasion/data collection, it would probably not be implemented via code that lives on your phone all the time.  It would be implemented via a server-side intercept or pushed from an Apple server to your device dynamically and/or temporarily.

post #34 of 45
Quote:
Originally Posted by Silver Shadow View Post


Are you implying either of the two exist in my post?

“Backdoor” in the computing world is a method of bypassing normal authentication, securing remote access to a computer without the owner of the computer knowing or agreeing to the “connection".  Providing functionality which allows Apple support, with approval from user, to obtain diagnostic data is not a “backdoor” service.  Nothing in what Apple has said or written has indicated they provided a pathway to “all of your personal data”.  A hacker claiming these services could be used to gain access to personal data "doesn’t make it so”.

 

Apple makes money selling high quality hardware, and is not likely to jeopardize their business by collecting user personal information.  They continually get dinged for not providing more user info to companies paying for iAds.  There are other companies, on the other hand, who make their money off of user data, who have motivation to collect as much data as they can.  There are other things at work here that put so much attention on Apple, and less on the companies who are in the business of selling our information.
 
In your subsequent post, you describe the “holes” that Apple has created.  Providing the functionality described is not creating a hole.  Bypassing the user permission would be a potential for someone to access personal info, but even that is just a “potential possibility".  Apple is not perfect and there will be errors they will need to address once discovered, but there is nothing indicating the service functionality has any issues.
 
At best, to take a position as you have, is silly.
post #35 of 45
I love that Apple is the story here. Something that I have noticed with Google, in cases where you don't notice the product, it is probably you.
post #36 of 45
Quote:
Originally Posted by Silver Shadow View Post

First it's denied. Then when it's realized that it has been put there on purpose it's a diagnostics tool? I guess I'll have to see what type of diagnostics this handles first. It's not currently being utilized. As noted by others, it's not an exploit. It's an open door intentionally programmed for something. Strangely it has access to all of your personal data. We'll just have to wait and see what that something is.

Edit: added (Strangely it has access to all of your personal data) above.

 

1. Not denied. Denied as a "backdoor", and more specifically, as a backdoor for access by .... anyone uninvited. It IS a diagnostic tool. In fact. Really.

 

2. No need to toss up a 'cloud of doubt'. There's a link. To the pages on the Apple site that explain specifically "what type of diagnostics it handles".

 

3. As noted by others, it is NOT an "exploit". As also noted by others, it is NOT an "open door" either. How is it an open door?

 

If you live in a locked house, and someone asks permission to come in, and you unlock and open the door for them... I suppose you could call that an "open door". For that one visitor. That you gave permission to. Only.

 

How is this any different?

 

4. Strangely (really?) "It" has access to ALL your personal data.

 

"It"? Define "it"? And "all"... have you confirmed that once permission is given to this scary nameless, faceless entity, "it" now has access to ALL your personal data?

 

Sounds scary. Which it isn't. When you stop hyperventilating histrionically and start understanding the three, important, and specific points Apple clarified with.

 

Permissions. Permissions. Permissions. Limits. Limits. Limits.

 

If you worry about this? Don't give permission ... simple as that.

 

 

EDIT: all your posts after this one refer to "intentional holes" being added to the operating system. As if those are actually "holes" and are "open doors", which they are not. They are access points, guarded by 'permissions-based security checkpoints'.

 

There are all kinds of ways to access 'personal data' once we give permission for it to happen. Via websites, applications, etc. It doesn't take any scary-sounding "holes" or "backdoors".... hell, websites and apps ask for "permission" to access my Facebook contacts, posts, images, etc. all the time. If I say YES, that's my choice. According to you, those 'features' are equal to "Facebook and others have built in 'holes" simply by asking for access... 

 

What you are talking about more specifically are SECURITY HOLES (typically accessed via exploits), which these are not. And by the way, you don't automatically override all permissions-based security simply by jailbreaking an iPhone. Saying that "jailbreaking" automatically means these checkpoints are disabled, is nonsense...

 

Show me otherwise, or stop talking like it's "a given". Thanks.


Edited by tribalogical - 7/23/14 at 3:27pm
post #37 of 45
Quote:
Originally Posted by Silver Shadow View Post


Are you implying either of the two exist in my post?

 

I'd say quite a bit of both with a healthy dose of FUD on top.... 

post #38 of 45
Quote:
Originally Posted by colinng View Post

I don't believe that Apple would intentionally deceive us. 

In that case, you should be thrown off the jury.

 

There are many people who think this way (or at least WANT to think this way), and thus precludes them from every comprehending that Apple is no different from Google, Facebook, or Microsoft under the surface. Once you get this big and this successful, the mafia comes in and shakes you down for everything you've got, and won't allow you to continue unless you play ball. And by mafia I of course mean government.

 

They were compromised years ago, I'm sure.

post #39 of 45
Quote:
Originally Posted by FreeRange View Post

And the android trolls are the first to respond! Samsung maybe?

I've never owned an Android device. I have tried them for a few minutes in stores. However even if I can afford it, I see no reason to purchase one when the devices I have already handle everything perfectly. My brother has a Moto X. The home pages seem pretty cool but after that it's not so great.

I'm very sorry if I don't fall into the category you would wish me in. By the way, me being "first" was coincidence. Usually I'm posting to long dead threads.
post #40 of 45
Quote:
Originally Posted by FreeRange View Post

If you jailbreak, you're a moron.

Actually, as it currently stands, you don't need to jailbreak. However even if they tighten up the holes people would have to be brain dead to jailbreak iOS 8.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • Apple details iOS diagnostics capabilities in answer to 'backdoor' services allegations
AppleInsider › Forums › Mobile › iPhone › Apple details iOS diagnostics capabilities in answer to 'backdoor' services allegations