Apple prides itself on the security of its iOS mobile operating system, and aside from the occasional hiccup that besets all software at one point or another, this tends to be the case. However, one jailbreak expert has done some serious digging into the guts of iOS and discovered that while the software is pretty safe from the continued threat of hacks and attacks from malware makers, there are certain loopholes within the iOS make-up that make it potentially easy for Apple and government agencies to covertly get hold of your personal data.
With all of the NSA spy stories and general scaremongering that has gone on in recent times, the findings of Jonathan Zdziarski, forensic expert and jailbreaking extraordinaire, will not make for particularly happy reading among the general public. At a time when consumers are on red-alert as far as their data, security and privacy are concerned, the supposed safe haven offered by iOS is actually quite susceptible to intrusion by those with the heavy duty forensic tools required.
Zdziarski discovered a bunch of services, including but not necessarily limited to "lockdownd," "pcapd," and "mobile.file_relay" – all of which are able to sneak through your supposedly encrypted backup data and transfer information through a variety of means. Apparently, the data picked up can then be moved via USB, Wi-Fi and potentially even cellular connection, but since the tools are not accessible to developers or carriers – Apple doesn’t make any mention of them in any of its iOS-related literature – it is very unlikely that those with malicious intent could use these services to unscrupulous ends.
Nevertheless, for a company with such a reputation for advocating the interests of the consumer – particularly when it comes to security – the presence of these services is in direct conflict with what Apple is all about, and while the Mac maker has yet to issue a comment on this discovery, it would certainly be interesting to hear an explanation from the top as to why the Cupertino deems the existence of these services to be acceptable.
After all, even though, as Zdziarski notes, there’s no imminent threat from malware as a result of said services, the fact that iOS harbors a means for data to be privately and discreetly accessed is worrying, and does compromise the integrity of the OS in general.
We’re not necessarily holding our breath for an official statement on the matter, but nevertheless, what do you make of all this? Be sure, as ever, to leave your comments via the usual channels below.’