Apple has installed security backdoors on 600m iPhones and iPads, claims security researcher
Apple says its diagnostic tools "do not compromise user privacy" but researchers say the un-publicised tools give access to 'excessive' data
Apple has been accused of intentionally installing security backdoors in some 600 million iOS devices that offer surveillance-level access to data including photos, browsing history and GPS locations.
The vulnerabilities were uncovered by security expert Jonathan Zdziarski, who presented an academic paper on the subject at a hacker conference in New York last Friday.
Apple has issued a statement in response to the allegations saying that the company’s “diagnostic functions do not compromise user privacy and security,” but Zdziarski has responded by noting that these services “dish out data” regardless of whether the user has agreed to diagnostics.
“There is no way to disable these mechanisms,” Zdziarski writes on his personal blog. “This makes it much harder to believe that Apple is actually telling the truth here.”
The backdoors reportedly cover a range of hidden tools and protocols that activate with “paired” computers – machines connected to an iPhone or iPad via USB that the user has granted security access to.
Apple says that this allows individuals and businesses to manage their devices, but Zdziarski has pointed out that the system offers unecrypted access to users' online log-ins, contacts and web history and could be compromised by anyone with access to the same Wi-Fi network.
"Pairing records can be stolen a number of different ways, ranging from a shared coffee shop computer to an ex-lover whose computer you used to trust," writes Zdziarski.
Technology site The Register speculates that the protocols are there to conform with America’s 1994 Communications Assistance for Law Enforcement Act - legislation that requires technology companies to maintain backdoors for the benefit of law enforcement agencies. Zdziarski, however, told the site that the level of access Apple provides “exceeds anything that law requires.”
The allegations could be especially damaging for Apple in China, where the national broadcaster CCTV recently suggested that the iPhone’s ‘Frequent Locations’ feature was a threat to national security.
Video: Apple refutes Chinese security claims
Apple has responded by repeating that it has “never worked with any government agency from any country to create a backdoor in any of our products or services”.
Zdziarski has since repeated his assertions that the amount of information offered by these backdoors is unprecedented: “These services break the promise that Apple makes with the consumer when they enter a backup password; that the data on their device will only come off the phone encrypted.
“The consumer is also not aware of these mechanisms, nor are they prompted in any way by the device. There is simply no way to justify the massive leak of data as a result of these services, and without any explicit consent by the user.”
He adds that he is in no way accusing Apple of working directly with security agencies but that he suspects that "some of these services may have been used by [the] NSA to collect data".
Life & Style blogs
What marriage would look like if we actually followed the Bible
Overly-controlling parents cause their children lifelong psychological damage, says study
What do the emojis on Snapchat mean?
Star Wars BB-8 droid toy is real, should be impossible
Orthorexia nervosa: How becoming obsessed with healthy eating can lead to malnutrition
Britain to take more refugees as Cameron bows to pressure after more than 250,000 back our campaign
Senior British politicians tell David Cameron: When dead children are being washed up on beaches – it's time to act
Jeremy Corbyn calls Osama bin Laden's killing a 'tragedy' - but was it taken out of context?
If these extraordinarily powerful images of a dead Syrian child washed up on a beach don't change Europe's attitude to refugees, what will?
If you're not already angry about the refugee crisis, here's a history lesson to remind you why you really should be
Make your voice heard: Sign The Independent's petition to welcome refugees
- 1 President Obama leaves touching comment on Humans of New York photo from Iran
- 2 If these extraordinarily powerful images of a dead Syrian child washed up on a beach don't change Europe's attitude to refugees, what will?
- 3 The Chinese city where men have 'three girlfriends because there are so many women'
- 4 'Heartbreaking' Syria orphan photo wasn't taken in Syria and not of orphan
- 5 German police forced to ask public to stop bringing donations for refugees arriving by train
iJobs Gadgets & Tech
£25000 per annum: Recruitment Genius: The IT Support Engineer is needed to ass...
£22000 - £30000 per annum: Recruitment Genius: This is an exciting opportunity...
£35000 - £40000 per annum: Recruitment Genius: A great opportunity to join a p...
Negotiable: Recruitment Genius: Do you get a buzz from thinking up new ideas a...