Yesterday I posted about http://www.contadorharrison.com/jonathan-zdziarski-identifies-backdoors-that-runs-on-all-ios-devices/ presentation at HOPE/X conference and now Apple has responded to the discovery of alleged deliberate backdoors in its iOS operating system, detailing three “diagnostic capabilities” and allaying fears by saying they are in place to help IT departments and developers troubleshoot issues. Apple’s comments follow the release of research by hacker and app developer Jonathan Zdziarski, who found functions that allow for invisible remote start-up and monitoring, the capturing of data from a user’s address book, photos, messages, social media accounts data, the installation of spyware among several others.
In response to the Jonathan Zdziarski claims, Apple has today listed three previously undocumented iOS services and explained how they work. Each was intended as a diagnostic tool for IT departments or app developers, and allowed interoperability with iOS devices, internal testing on beta software, AppleCare support, and app development. Each one of them required the device to be unlocked and in a ‘trust’ relationship with another computer, and the data transmitted between the devices is encrypted with keys not shared with Apple, the statement said.However, I noticed that Apples failed to address a number of other concerns around Jonathan Zdziarski’s claims like the bypassing of iOS backup encryption and the installation of spyware. Apple specifically referred to three services – “pcapd,” “file_relay,” and “house_arrest”.
pcapd supports diagnostic packet capture from an iOS device to a trusted computer. This is useful for troubleshooting and diagnosing issues with apps on the device as well as enterprise VPN connections. Read more information at developer.apple.com/library/ios/qa/qa1176.
file_relay supports limited copying of diagnostic data from a device. This service is separate from user-generated backups, does not have access to all data on the device, and respects iOS Data Protection. Apple engineering uses file_relay on internal devices to qualify customer configurations. AppleCare, with user consent, can also use this tool to gather relevant diagnostic data from users’ devices.
house_arrest is used by iTunes to transfer documents to and from an iOS device for apps that support this functionality. This is also used by Xcode to assist in the transfer of test data to a device while an app is in development.