[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Hidden iOS Services Bypass Security
From: InfoSec News <alerts () infosecnews ! org>
Date: 2014-07-22 6:35:00
Message-ID: alpine.DEB.2.02.1407220634490.6571 () infosecnews ! org
[Download RAW message or body]
http://www.informationweek.com/mobile/mobile-applications/hidden-ios-services-bypass-security/d/d-id/1297452
By Thomas Claburn
InformationWeek
7/21/2014
A computer researcher asks why Apple allows undocumented services to
bypass encryption and access user data.
Apple's iPhone and iPad run undisclosed services that allow security
features to be bypassed, according to a prominent computer security
researcher.
In a presentation at the HOPE/X hacking conference in New York on Friday,
forensic researcher Jonathan Zdziarski described several undocumented iOS
services that can function backdoors, allowing ostensibly encrypted data
to be accessed and subverting user privacy.
Zdziarski in a blog post stresses that he is not accusing Apple of working
with the NSA, but he voices suspicion that the NSA might have used some of
these services to access data on iOS devices, as described in a recent Der
Spiegel report.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic