Apple Denies It Built NSA a Backdoor for 600 Million Devices
Access points 'may have been used' by NSA, researcher suggests, though maker of computer giant adamantly denies working 'with any government agency' while creating any product or service
After Jonathan Zdziarski, a computer security researcher, presented an academic paper last week revealing previously-unknown backdoors in Apple's iOS software running on hundreds of millions of iPhone an iPad devices, Apple has gone on the defensive by publicly stating it did not wittingly create a portal for government spying and reaffirmed previous claims by saying they have "never worked with any government agency from any country to create a backdoor in any of our products or services."
Subsequently, responding to Apple's statement, Zdziarski said the computer maker may have "inadvertently" admitted that "they do indeed have back doors in iOS" even as they denied working with government agencies to create them.
In his original presentation presented last Friday at the Hackers On Planet Earth (HOPE/X) conference in New York—called Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices—Zdziarsk highlighted three specific backdoor capabilities in the iOS software running on over 600 million iPads and iPhones, all of which had never been known publicly before Zdziarski found them. In a blog post written the same day Zdziarski stated his concern that “some of these services may have been used by the NSA to collect data.”
Apple's response to Zdziarski's claims arrived on Monday in a statement to iMore, saying that the backdoors are"diagnostic functions" and "do not compromise user privacy and security."
After Apple's response, Zdziarski made a cogent and pointed response on his blog, noting that "these services break the promise that Apple makes with the consumer when they enter a backup password; that the data on their device will only come off the phone encrypted."
"I don’t buy for a minute that these services are intended solely for diagnostics," he wrote. "The data they leak is of an extreme personal nature. There is no notification to the user. A real diagnostic tool would have been engineered to respect the user, prompt them like applications do for access to data, and respect backup encryption."
The security issues stem from the "pairing" process that occurs when a user decides a certain computer or device is trustworthy and connects their device to it. Once the trusted connection is set up, a huge amount of personal data can be accessed.
"Pairing records can be stolen a number of different ways, ranging from a shared coffee shop computer to an ex-lover whose computer you used to trust," Zdziarski explains. The only way to disable access to data via a previously-made pairing seems to be a complete erase of the device. Users are not notified of the services, are not asked to consent to them in any way, and have no ability to turn them off, even when the "Send Diagnostics to Apple" setting is disabled.
Zdziarski has made it a point to be clear that he is "not suggesting some grand conspiracy," but still believes that there are "services running in iOS that shouldn't be there, that were intentionally added by Apple as part of the firmware and that bypass backup encryption while copying more of your personal data than ever should come off the phone for the average consumer."
As Rene Ritchie noted on iMore—given that "the NSA surveillance controversy is still fresh in many people's minds"—Zdziarksi added a "don't panic" statement on his blog in order to emphasize "that he wasn't accusing Apple of working with the NSA, but does suspect that the NSA might be using the techniques he outlined to collect data."
"We know, from the Snowden leaks via Der Spiegel, that NSA has penetrated target desktop machines to later access iPhone features," Zdiarski explained. "We also know that desktop machines are often seized by law enforcement and with that pairing record data, can access the data on the device using these services – even if backup encryption is turned on."
While some have speculated that the backdoors are there to conform with America's 1994 Communications Assistance for Law Enforcement Act, Zdziarski pointed out that the level of access provided to such sensitive data "exceeds anything that law requires."