[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Hidden iOS Services Bypass Security
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2014-07-22 6:35:00
Message-ID: alpine.DEB.2.02.1407220634490.6571 () infosecnews ! org
[Download RAW message or body]

http://www.informationweek.com/mobile/mobile-applications/hidden-ios-services-bypass-security/d/d-id/1297452

By Thomas Claburn
InformationWeek
7/21/2014

A computer researcher asks why Apple allows undocumented services to 
bypass encryption and access user data.

Apple's iPhone and iPad run undisclosed services that allow security 
features to be bypassed, according to a prominent computer security 
researcher.

In a presentation at the HOPE/X hacking conference in New York on Friday, 
forensic researcher Jonathan Zdziarski described several undocumented iOS 
services that can function backdoors, allowing ostensibly encrypted data 
to be accessed and subverting user privacy.

Zdziarski in a blog post stresses that he is not accusing Apple of working 
with the NSA, but he voices suspicion that the NSA might have used some of 
these services to access data on iOS devices, as described in a recent Der 
Spiegel report.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
[prev in list] [next in list] [prev in thread] [next in thread]