Why that iOS ‘backdoor’ isn’t really a threat unless Big Brother is after you

ios backdoor isnt really a threat iphone 5s fingerprint scanner
Last week, forensic scientist and iOS hacker Jonathan Zdziarski revealed what appears to be a backdoor in iOS at the Hackers On Planet Earth conference in New York. Shortly thereafter, his report flooded the Internet, alerting iOS users to the danger.

Zdziarski stated that the backdoor could be used by hackers, the NSA, or other government agencies to spy on unsuspecting iOS users. Apple stated that no backdoor was intentionally built into iOS and that it works with no government surveillance programs whatsoever. The company also said that the feature is used to diagnose problems with iPhones and iPads only. In response, Zdziarski cautioned iOS users against overreacting to his report, but encouraged Apple to solve the issue.

However, Zdziarski did not address the main question that iPhone and iPad users want answered: Is the backdoor in iOS and immediate and likely threat to my iOS devices?

Based on Zdziarski’s report, the answer is no. But before we get to that, let’s take a closer look at his report.

What info does the backdoor reveal?

When exploited, the backdoor Zdziarski found in iOS would allow hackers access to all the metadata stored on your iPhone, your GPS location data, calendar and contacts, photos, and recent messages. The backdoor could easily be used to surveil a person once the device is compromised. Zziarski stated that the features could be used by high-level hackers, the NSA, or other government agencies.

Zdziarski added that although he doesn’t think it’s a “grand conspiracy” by Apple, “there are some services running in iOS that shouldn’t be there, that were intentionally added by Apple as part of the firmware and that bypass backup encryption while copying more of your personal data than ever should come off the phone for the average consumer.”

In a statement to Financial Times writer Tim Bradshaw, Apple countered that iOS is designed “so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues,” adding that “a user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent.”

Apple (once again) did deny creating the backdoor to give governments easy access to user data.

How would a hacker access the information?

Zdziarski’s report revealed that hackers can access the backdoor  only when the iPhone or iPad is paired via USB with a Mac or PC. During the pairing process, a pairing file is created and stored on both the PC/Mac and the iOS device. If a hacker retrieves this file, he can access all the user information listed above. The hacker could then surveil the user from the device itself, after using a few tools built into iOS itself.

  • Using the lockdownd feature, the com.apple.mobile.installation_proxy service lets any person with an Apple enterprise license to download malware to the iOS device.
  • Hackers could exploit the com.apple.mobile.house_arrest feature to view databases and personal data from third-party apps. The tool also includes a packet sniffer, which can record every action the user takes on the iOS device from then on.
  • Another tool called file relay could let hackers copy all your metadata, GPS location, calendar, contacts, photos, and recent messages typed on the screen.

However, in order to access all these malicious backdoor features in iOS, hackers must go through several key steps with specific information on hand. First, the hacker has to know where your iOS device is located, what Wi-Fi network its on, and the pairing codes used by your PC or Mac and iOS device during USB pairing. The iOS device must also be unlocked, connected to Wi-Fi, and paired to an infected computer.

Is it easy to exploit the features and will it happen to me?

Apple quickly pointed out that it is highly unlikely that the average hacker will have all that highly detailed information about you and your iOS device. Essentially, the hacker would have to know where you live, have access to your personal computer, and be very stealthy to exploit these features.

Based on Zdziarski’s report, it appears that unless your brother is a hacker or Big Brother is watching you, the backdoor is no threat to you or your personal data.

Nonetheless, the fact that the NSA or other government agencies could take advantage of these features is concerning and Apple should fix the issue immediately.

Gaming

Skateboarding legend says ‘Tony Hawk’s Skate Jam’ will appeal to his fans

Tony Hawk's Skate Jam is now available for free on iOS and Android devices, and Digital Trends had the chance to talk to the legendary skater about its development and how it captures the magic of his best games.
Mobile

These parental control apps will help keep your kids' device habits in check

Looking for extra security and monitoring on mobile devices? Take a look at the best parental control apps for limiting time and keeping watch on your child's phone usage and behavior. We have the top options for Android and iOS here.
Mobile

5G’s arrival is transforming tech. Here’s everything you need to know to keep up

It has been years in the making, but 5G is finally becoming a reality. While 5G coverage is still extremely limited, expect to see it expand in 2019. Not sure what 5G even is? Here's everything you need to know.
Social Media

GIF almost anywhere with Giphy’s new keyboard and sticker maker

We all love GIFs, but not every app supports them. Fortunately, the new Giphy' keyboard brings GIFs to any iOS app that supports multimedia. The update also comes with a new tool for creating animated stickers.
Mobile

iOS jailbreak app store Cydia shuts down purchasing

For years, iOS users have been jailbreaking their devices to install software not approved by Apple. But now the popular app store alternative Cydia will no longer be accepting purchases.
News

Lawsuit alleges Apple falsely advertised the screen size of the iPhone X

A lawsuit alleges that Apple was dishonest in the way that it marketed the iPhone X. The lawsuit alleges that despite Apple's marketing campaign, the new iPhone is not in fact all screen because of the notch.
Business

Apple is still selling iPhones in China despite being ordered not to

Apple is following the FTC's lead and has sued Qualcomm for a massive $1 billion in the U.S., $145 million in China, and also in the U.K., claiming the company charged onerous royalties for its patented tech.
Mobile

Is somebody watching you? How to stop apps from tracking your location

If you don't like the idea of your every movement being tracked by apps on the phone in your pocket, then you may want to turn location tracking off. We take a look at how to do it on an iPhone or Android phone in this easy guide.
Mobile

Report: Samsung's upcoming foldable phone will cost a hefty $1,800

Samsung has been showcasing bendable display tech for a few years and now a folding smartphone might finally arrive. The Galaxy X, or perhaps the Galaxy F, may be the company's first example. Here's everything we know about it.
Smart Home

Starbucks teams with Uber Eats for delivery from 2,000 of its U.S. stores

Starbucks has teamed up with Uber Eats to offer customers deliveries from almost a quarter of its stores in the U.S. The major expansion launches early next year, making life even easier for fans of the coffee giant.
Mobile

Huawei Nova 4 has a hole in the screen, and a 48-megapixel camera on the back

Huawei has launched the Nova 4, a new smartphone that has abandoned the screen notch and adopted a punch hole alternative, and also has a massive 48-megapixel camera. Here's what you need to know about the Nova 4.
Mobile

Black hole in the screen of Samsung's new Galaxy A8s has a camera inside

Samsung is building exciting, technologically innovative midrange phones, and the latest to be revealed is the new Samsung Galaxy A8s, which may give us an idea of what the new Samsung Galaxy S10 will look like.
Mobile

Score a Christmas deal with Speck’s half-off sale on its entire range of cases

The holidays might be nearing, but bargains don't take time off. To celebrate the last day for U.S. ground shipping, Speck will be offering a sitewide 50-percent-off deal for one day only on Monday December 17.
Mobile

Doubts emerge over when LG will reveal its folding smartphone

LG may be working on a folding smartphone, making it the latest device manufacturer to be linked to the technology, which may become one of the standout designs of the coming year.