In a recent research paper which highlights back doors and surveillance mechanisms in iOS devices, security researcher Jonathan Zdziarski brought to light some potential issues with the mobile OS that could potentially be used to compromise user privacy.
The paper argues that people with inside information of how iOS 7 operates could use vulnerabilities which are coded into the source code to install applications or extract data from devices, even without assistance from Apple.
Apple does have the ability to provide law enforcement with SMS messages, call history, contacts, videos and other media to law enforcement with a valid search warrant, but Zdziarski argues that advanced techniques exist to provide third parties with that information through ulterior methods. This allegedly includes more data than Apple can provide even as required by law enforcement, including deleted items.
iOS has since issued a statement to Financial Times journalist Tim Bradshaw, which was published on Twitter:
“We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues. A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent.
As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products of services.”
It’s worth noting that Zdziarski has stated that he’s not looking to create a Snowden-esque security emergency with his paper. Instead he wants Apple to remove the questionable services from iOS devices, or at the very least to provide some level of disclosure as to why they’re there.
via Blogger http://ift.tt/1uc2zkc