Apple responds to allegations of iOS ‘backdoor’

“Information security has never been a more sensitive subject than it is these days, so it’s little surprise that allegations from a security researcher that iOS contains a ‘backdoor’ permitting access to users’ information provoked a strong response from Apple,” Dan Moren reports for Macworld. “Those accusations came from security researcher Jonathan Zdziarski, who was presenting at the Hackers on Planet Earth conference earlier this wee.”

“Apple, as you might expect, did not take these allegations lying down,” Moren reports. “‘We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues,’ an Apple spokesperson told Macworld. ‘A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent.'”

Moren reports, “The company also reiterated its stance that it doesn’t compromise its systems for the purpose of providing those access points to the authorities: ‘As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services.'”

Read more in the full article here.

Related article:
Forensic scientist claims suspicious ‘back doors’ running on every iOS device – July 21, 2014

55 Comments

  1. Translation: Yes, we have a back door in iOS, but we’re gonna call it “diagnostic functions” and hope you don’t know that means open door for the NSA.

    Hope they like all the pics of my junk.

      1. We all know that it is physically impossible to lie in a press release. No corporation would ever deceive the public if telling the truth would make them look bad. I stand corrected.

        1. I know it’s hard for you to believe, but it’s also possible to tell the truth in a press release. I suppose that would run counter to your apparent “all corporations are evil” viewpoint, and we wouldn’t want any other viewpoint to counter your prejudices, would we?

          1. Of course it’s possible for a corporation to tell the truth. My point is that we have no independent way to VERIFY if what Apple claims is true, and confirmation is everything. How is asking for outside, independent confirmation a bias? It seems to work fine as mechanism in the Scientific Method, but not for corporations? I am skeptical, not prejudiced.

            1. Just another fool who prefers to live in Paranoia/Conspiracy La La Land. Of all the companies out there I believe Apple has consumers security interests most at heart as opposed to the rampant theft that goes on with Google because of their business model and steal data or die approach.

            2. Your point about skepticism is well-taken, but it has an odd way of making itself felt. For instance, for some reason you appear to be accepting whatever it that this Johnathan Zdziarski says as gospel.

              Which leads to the question: What makes Zdaiarski correct, especially over the perspective of the people that make the devices in question? Has there been evidence of a backdoor in iOS products confirmed by someone else?

              Until this becomes as issue–which as far as I can tell it isn’t–I am not losing to much in the way of sleep over it.

    1. The beauty of Apple’s position is that they don’t *need* to prove anything until someone else comes up with proof to the contrary. It is near-impossible to disprove something that doesn’t exist, but until you prove it does, it doesn’t matter.

    1. It sounds (per Apple) like someone has to have physical possession of your phone, unlock it, before they have access to what’s on it. In other words, it’s nothing for 99.9999 percent of us to worry about.

      1. Yeah, and if someone has physical access to your phone, it should never be considered fully secure. Given enough time, money, and hardware, you’d have to assume someone could eventually find their way in if they really, really wanted to.

        I’ll start worrying when someone tells me my data can be hacked when my phone is my pocket.

        ——RM

    2. At this point, anything Apple has to say is taken as merely amusing. Once third party professionals have thrashed through iOS to verify and further extrapolate on Zdziarski’s research, questions and claims, we’ll see the real whether there’s any excrement to hit the fan. What ever Apple has done, it’s been sloppy. That’s evident. The worst part, from my comprehension at this point, is the packet sniffer.

  2. Are you serious? It is within the realms of possibility that there may be a few people around who run their businesses in a truthful manner. And I’d say that probably the most likely candidate of all is Apple. Certainly way more likely than Google, Amazon, Microscum, Samecopy and others.

    1. What is exactly a backdoor as compared to a designed instruction procedure?

      If there is a backdoor, does it mean it’s a procedure designed for use by NSA?

      I trust Apple more than all the others… Like Microsoft and Google… Or web services like AMS of Amazon etc., but I have to say Apple marketing and PR really is to the contrary of what most people think; they sucks… so is the legal team.

  3. You have to do a bit of reading between the lines and blanks on this one. For example:

    “Information security has never been a more sensitive subject than it is these days [Insert due to terrorists and wannabe nations such as the United Hates violating the norms of civilized behavior here], so it’s little surprise that allegations from a security researcher that iOS contains a “backdoor” permitting access to users’ information provoked a strong response from Apple [Insert as opposed to organizations from aforementioned fifth rate nations who continue to violate at will here].”

    However, here is the rub.

    “Apple has taken a firm stand on privacy, and it’s disappointing to see the company not fully and transparently explaining why these systems have the range of access that they do, why they circumvent security processes the company itself put into place, and why there’s no way for a user to easily disable them.”

    Now think about this for a moment, citizens of the free world. Massive companies like Google, Microsoft and are threats to global security in that they create software that is ridden with insecurity and malicious behavior, reflecting of course the population of their nation. Apple has to portray that same facade or they might be considered a threat to national security. At the same time they provide tools to maintain global security. Many of us have seen the results of these diagnostic tools.

    – NSA tracking, want to see a picture of the tracking agent’s wife fucking a dog?
    – Today’s risk of invasion per location.
    – Torture index.
    – Shock and dismay index, heck remember how high that went when the Russians took over Crimea….without a single shot being fired. I mean that’s sooooooooooooo unAmurdercan.

    Apple’s just being careful and supporting both sides, those on the moral high ground, and the others, you know the ones that go invade countries on a whim, torture, do suicide missions, kill civilians and laugh cause the innocent children they just slaughtered did not bring weapons to a gun fight.

    It’s a bit like the Swiss in World War 2, they stayed secure and neutral.

    That’s the kind of attitude that we’ve grown to expect from the company, and we’d like to see them live up to it.

      1. Sure beats going to the UN and whining…whaaaaaaaaaaaaaa Iraq has weapons of mass destruction… whaaaaaaaaaaaaaa Iraq was involved in 9-11….whaaaaaaaaaaaaa…. we are going to walk away from a democratic vote cause it might not go our way and invade Iraq….. whaaaaaaaaaaaa we are going to hold and torture people and spy on everyone cause we are so paranoid.

        Just saying.

            1. I’ve been a lot lower than 6 feet underground and yes the world is a better place because of my presence regardless of where I am.

              Of course you are probably referring to the world being a better place once I am dead. I’m so glad I have rattled your cage to that point Tower Tone. Perhaps you’d like to take it one step further and actually utter a death threat my way. You can join the line up.

              Buffoon.

      2. Oh, and it was a joke, which in an of it’s own right is incorrectly speaking. I just keep forgetting that I have to put a joke tag (what is that /j for joke or /h for humor?) after such posts as there is such a vast audience that comes here that just have such a low sense of humor.

          1. Yes, I know. Someone once told me that you have to advertise to Americans that a joke is coming up, then insert the joke, and then explain it. I’ve seen some examples. Adds to the hilarity.

  4. It’s FUD instigated by an Apple competitor, – they hire a PR company to find a ‘security researcher’ who will say something negative about Apple’s security, in order to cast doubt on IBM’s decision to partner with Apple in their enterprise push, to create fear and uncertainty in the marketplace to prevent a company purchasing the Apple/IBM solution to the enterprise needs.

    1. “to cast doubt on IBM’s decision to partner with Apple in their enterprise push”
      Seems considerably more likely that the fact that Apple is out-and-out lying. Lying is a dangerous tactic, as Microsoft has found out in the past.

          1. Exactly, lying is dangerous. If Apple has a NSA back door and they are found out it would be commercial suicide for them, especially for penetration overseas and the IBM deal.
            Ergo – they wouldn’t risk it.

            What I’m suspicious of is the timing of this ‘discovery’, straight after an announcement that would be tarnished if Apple’s security were called in to question.

            1. There’s no way the NSA just asked Apple to install a secret backdoor and they said yes. That’s just bad conspiracy-thinking paranoia, that doesn’t take into account that Apple is a private company with its own set of interests that don’t mesh with the NSA’s. What is far more likely than that is the NSA at least attempting to plant backdoors in iOS without Apple’s knowledge, by planting code in open source projects used by Apple such as OpenSSL and by infiltrating Apple’s programming staff.

  5. I don’t understand how is Apple’s answers taken as misleading. According to the statement above, Apple does NOT allow ANYONE to access ANY iOS device, UNLESS user EXPLICITLY allows this. In other words, either what the “researcher” had alleged in his article is incorrect, or Apple is lying. Based on the well-documented track record of Apple (and somewhat less well documented record of this researcher), I am inclined to believe that the researcher is wrong and Apple didn’t lie.

    In other words, iOS is safe and secure, and has no secret backdoor for others to snoop.

    1. But for a moment let’s suppose that Apple and the NSA have collaborated to create a back door. Could we expect Apple to happily admit this? Or is it more likely that they would issue a press release claiming that no such code exists? I can’t see any situation where Apple would acknowledge collusion with the NSA under any circumstances, given the sensitive nature of the subject. In fact, it would be fiscally illegal for Apple to betray it’s shareholders by admitting what could be true. So take it for what it’s worth, since there is no possible scenario under which Apple would admit a back door exists.

        1. I’m actually kind of with montex, except I don’t think he’s got it quite right.

          Let’s suppose that Apple and our new overlords from Epsilon Eridani have collaborated to create a back door. Could we expect Apple to happily admit this?

          Or is it more likely that they would issue a press release claiming that no such overlords exists? I can’t see any situation where Apple would acknowledge collusion with aliens under any circumstances, given the sensitive nature of the subject.

          So there you go. Pretty much conclusive. There ARE backdoors. Apple is covering it up. And our new alien overlords will be arriving soon.

    1. Well, if all you ask of Apple is to be better than Android, you have pathetically low standards.

      Apple’s standard denial form didn’t answer any questions. What specifically does Apple consider diagnostic data? Why won’t Apple allow the end user to sniff these diagnostic logs?

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.