Apple has installed security backdoors on 600m iPhones and iPads, claims security researcher

Apple says its diagnostic tools "do not compromise user privacy" but researchers say the un-publicised tools give access to 'excessive' data

Apple has been accused of intentionally installing security backdoors in some 600 million iOS devices that offer surveillance-level access to data including photos, browsing history and GPS locations.

The vulnerabilities were uncovered by security expert Jonathan Zdziarski, who presented an academic paper on the subject at a hacker conference in New York last Friday.

Apple has issued a statement in response to the allegations saying that the company’s “diagnostic functions do not compromise user privacy and security,” but Zdziarski has responded by noting that these services “dish out data” regardless of whether the user has agreed to diagnostics.

“There is no way to disable these mechanisms,” Zdziarski writes on his personal blog. “This makes it much harder to believe that Apple is actually telling the truth here.”

The backdoors reportedly cover a range of hidden tools and protocols that activate with “paired” computers – machines connected to an iPhone or iPad via USB that the user has granted security access to.

Apple says that this allows individuals and businesses to manage their devices, but Zdziarski has pointed out that the system offers unecrypted access to users' online log-ins, contacts and web history and could be compromised by anyone with access to the same Wi-Fi network.

"Pairing records can be stolen a number of different ways, ranging from a shared coffee shop computer to an ex-lover whose computer you used to trust," writes Zdziarski.

Technology site The Register speculates that the protocols are there to conform with America’s 1994 Communications Assistance for Law Enforcement Act - legislation that requires technology companies to maintain backdoors for the benefit of law enforcement agencies. Zdziarski, however, told the site that the level of access Apple provides “exceeds anything that law requires.”

The allegations could be especially damaging for Apple in China, where the national broadcaster CCTV recently suggested that the iPhone’s ‘Frequent Locations’ feature was a threat to national security.

Video: Apple refutes Chinese security claims

Apple has responded by repeating that it has “never worked with any government agency from any country to create a backdoor in any of our products or services”.

Zdziarski has since repeated his assertions that the amount of information offered by these backdoors is unprecedented: “These services break the promise that Apple makes with the consumer when they enter a backup password; that the data on their device will only come off the phone encrypted.

“The consumer is also not aware of these mechanisms, nor are they prompted in any way by the device. There is simply no way to justify the massive leak of data as a result of these services, and without any explicit consent by the user.”

He adds that he is in no way accusing Apple of working directly with security agencies but that he suspects that "some of these services may have been used by [the] NSA to collect data".

Life and Style
ebookNow available in paperback
ebooks
ebookA delicious collection of 50 meaty main courses
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Recruitment Genius: Software Developer

    £27500 - £35000 per annum: Recruitment Genius: This is an exciting opportunity...

    Recruitment Genius: IT Support Analyst

    £35000 - £45000 per annum: Recruitment Genius: They are the go-to company for ...

    Guru Careers: Graduate Software Developer / Junior Developer

    £20 - 28k + Benefits: Guru Careers: We are seeking a Graduate Software Develop...

    Recruitment Genius: Digital Web Designer

    Negotiable: Recruitment Genius: A Digital Web Designer is required to join a f...

    Day In a Page

    Fifa corruption: The 161-page dossier that exposes the organisation's dark heart

    The 161-page dossier that exposes Fifa's dark heart

    How did a group of corrupt officials turn football’s governing body into what was, in essence, a criminal enterprise? Chris Green and David Connett reveal all
    Mediterranean migrant crisis: 'If Europe thinks bombing boats will stop smuggling, it will not. We will defend ourselves,' says Tripoli PM

    Exclusive interview with Tripoli PM Khalifa al-Ghweil

    'If Europe thinks bombing boats will stop smuggling, it will not. We will defend ourselves'
    Raymond Chandler's Los Angeles: How the author foretold the Californian water crisis

    Raymond Chandler's Los Angeles

    How the author foretold the Californian water crisis
    Chinese artist who posted funny image of President Xi Jinping facing five years in prison as authorities crackdown on dissent in the arts

    Art attack

    Chinese artist who posted funny image of President Xi Jinping facing five years in prison
    Marc Jacobs is putting Cher in the limelight as the face of his latest campaign

    Cher is the new face of Marc Jacobs

    Alexander Fury explains why designers are turning to august stars to front their lines
    Parents of six-year-old who beat leukaemia plan to climb Ben Nevis for cancer charity

    'I'm climbing Ben Nevis for my daughter'

    Karen Attwood's young daughter Yasmin beat cancer. Now her family is about to take on a new challenge - scaling Ben Nevis to help other children
    10 best wedding gift ideas

    It's that time of year again... 10 best wedding gift ideas

    Forget that fancy toaster, we've gone off-list to find memorable gifts that will last a lifetime
    Paul Scholes column: With the Premier League over for another year, here are my end of season awards

    Paul Scholes column

    With the Premier League over for another year, here are my end of season awards
    Heysel disaster 30th anniversary: Liverpool have seen too much tragedy to forget fateful day in Belgium

    Liverpool have seen too much tragedy to forget Heysel

    Thirty years ago, 39 fans waiting to watch a European Cup final died as a result of a fatal cocktail of circumstances. Ian Herbert looks at how a club dealt with this tragedy
    Amir Khan vs Chris Algieri: Khan’s audition for Floyd Mayweather may turn into a no-win situation, says Frank Warren

    Khan’s audition for Mayweather may turn into a no-win situation

    The Bolton fighter could be damned if he dazzles and damned if he doesn’t against Algieri, the man last seen being decked six times by Pacquiao, says Frank Warren
    Blundering Tony Blair quits as Middle East peace envoy – only Israel will miss him

    Blundering Blair quits as Middle East peace envoy – only Israel will miss him

    For Arabs – and for Britons who lost their loved ones in his shambolic war in Iraq – his appointment was an insult, says Robert Fisk
    Fifa corruption arrests: All hail the Feds for riding to football's rescue

    Fifa corruption arrests

    All hail the Feds for riding to football's rescue, says Ian Herbert
    Isis in Syria: The Kurdish enclave still resisting the tyranny of President Assad and militant fighters

    The Kurdish enclave still resisting the tyranny of Assad and Isis

    In Syrian Kurdish cantons along the Turkish border, the progressive aims of the 2011 uprising are being enacted despite the war. Patrick Cockburn returns to Amuda
    How I survived Cambodia's Killing Fields: Acclaimed surgeon SreyRam Kuy celebrates her mother's determination to escape the US

    How I survived Cambodia's Killing Fields

    Acclaimed surgeon SreyRam Kuy celebrates her mother's determination to escape to the US
    Stephen Mangan interview: From posh buffoon to pregnant dad, the actor has quite a range

    How Stephen Mangan got his range

    Posh buffoon, hapless writer, pregnant dad - Mangan is certainly a versatile actor