Forensic scientist raises fears about potential for backdoor data mining.
Hidden features in iOS have created a backdoor that can be used to bypass security and release customer data, according to forensic scientist Jonathan Zdziarski.
The services are said to have evolved over the past few years through Apple firmware updates, allowing the company to collect personal data from its customers, and potentially opening the OS to interference by the National Security Agency (NSA).
"I think at the very least, this warrants an explanation and disclosure to the some 600 million customers out there running iOS devices," Zdziarski said.
"At the same time, this is not a zero day and not some widespread security emergency."
A spokesman from Apple maintained that the company had designed its diagnostics with respect for user privacy and security, but that relevant information still needed to be sent to computer departments, developers and Apple for troubleshooting reasons.
Users had to unlock their device and agreed to trust another computer before it was able to access the "limited diagnostic data", according to the spokesman.
"As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services," they said.
Zdziarski disputed this, claiming that the services released data whether or not the "Send Diagnostic Data to Apple" feature was enabled.
"I don't buy for a minute that these services are intended solely for diagnostics," he said.
"A real diagnostic tool would have been engineered to respect the user, prompt them like applications do for access to data, and respect backup encryption."
Source: Company Press Release
get a cbr Cyber Security weekly update
Unable to register now