Monday, July 21, 2014

Hidden network packet sniffer found in millions of iPhones, iPads

An analysis of iOS by a security expert digging into claims of the NSA spying on Apple products has revealed some unexplained surveillance tools hidden in the operating system.
His study has also shown that a user's data may not be as safe as Cupertino is making out.

Data forensics expert and author Jonathan Zdziarski wrote an academic paper on the topic in March, and gave a talk [PDF] at the Hackers On Planet Earth (HOPE X) conference in New York on Friday showing his findings. The results of his research indicate a backdoor into iOS, although it's not as wide open as some reports have suggested.
"There are certain steps that have to be taken to get this data," Zdziarski told The Register. "Backdoors are guarded, there are things protecting it – you don’t just type 'Joshua' for full access."
Zdziarski's analysis shows that 600 million iOS devices, particularly those running the most recent version 7 builds, have data discovery tools that are separate from those used by Apple for standard backup and storage. These include a file-relay service that can snoop out data, bypassing the Backup Encryption service offered by Apple.

Read more here.

No comments: