Forensic scientist identifies suspicious ‘back doors’ running on every iOS device

 

Original site linkage: http://www.zdnet.com/forensic-scientist-identifies-suspicious-back-doors-running-on-every-ios-device-7000031795/

QUOTED FROM SOURCE:

Forensic scientist identifies suspicious ‘back doors’ running on every iOS device

“Forensic scientist and author Jonathan Zdziarski has posted the slides (PDF) from his talk at the Hackers On Planet Earth (HOPE/X) conference in New York called Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices.

The HOPE conference started in 1994 and bills itself as “one of the most creative and diverse hacker events in the world.”

Zdziarski, better known as the hacker “NerveGas” in the iPhone development community, worked as dev-team member on many of the early iOS jailbreaks and is the author of five iOS-related O’Reilly books including “Hacking and Securing iOS Applications.”

In December 2013, an NSA program dubbed DROPOUTJEEP was reveled by security researcher Jacob Appelbaum that reportedly gave the agency almost complete access to the iPhone.

The leaked document, dated 2008, noted that the malware required “implant via close access methods” (presumably physical access to the iPhone) but ominously noted that “a remote installation capability will be pursued for a future release.”

In his talk, Zdziarski demonstrates “a number of undocumented high-value forensic services running on every iOS device” and “suspicious design omissions in iOS that make collection easier.” He also provides examples of forensic artifacts acquired that “should never come off the device” without user consent.

According to one slide the iPhone is “reasonably secure” to a typical attacker and the iPhone 5 and iOS 7 are more secure from everybody except Apple and the government. But he notes that Apple has “worked hard to ensure that it can access data on end-user devices on behalf of law enforcement” and links to Apple’s Law Enforcement Process Guidelines, which clearly spell this out. ”

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: