Former iPhone jailbreak hacker Jonathan Zdziarski recently gave a presentation at the HOPE/X conference regarding iOS device security. He said that the platform is reasonably secure from attacks by malicious hackers, but noted there are several backdoors built-in for surveillance.
In the presentation, called ‘Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices,’ Zdziarski detailed a number of undocumented high-value forensic services running on iOS devices, and suspicious design omissions in the OS, that appear to be for snooping…
If the name sounds familiar, that’s because Zdziarski was once a well-known figure in thejailbreakcommunity. Under the handle NerveGas, he worked as a dev-team member on many of the early jailbreaks. He has since authored 5 books, includingHacking and Securing iOS Applications.
Here are some of Zdziarski’s more serious claims against Apple (viaZDNet):
And some of the questions he’d like to ask the company:
As wild as the accusations sound, they do match up with reports from late last year accusing iOS devices of having backdoors for government surveillance. Aleaked documentrevealed an iPhone-specific NSA program code-named DROPOUTJEEP, and many wondered if Apple was involved.
Users have been questioning Apple’s stance on user privacy ever since it was named in Edward Snowden’sPRISM program leaklast summer. The program claimed to allow the NSA to access private user information on servers of 9 major tech companies, including Google, Microsoft and Apple.
Apple has emphatically denied involvement in any kind of secret government programmultiple times, and has even joined a coalition of tech companies campaigning formore transparencyfrom the government. Following Zdziarski’s report, Apple issued the following statement (viaTim Bradshaw):
So there’s a lot to take in here, what do you make of all of this?
