Jonathan Zdziarski's HOPE X talk, Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices, suggests that hundreds of millions of Iphone and Ipad devices ship from Apple with intentional back-doors that can be exploited by law enforcement, identity thieves, spies, and employers.
The original paper (paywall), published in Elsevier's Digital Investigation sparked a non-denial denial from Apple, basically admitting that the back-doors were there, but misleadingly suggesting that they were only for enterprise administration.
But as you can see from Zdziarski's slides (PDF), neither this nor other excuses really hold water. The backdoors are actively maintained code that can be accessed over networks, possibly over cellular networks, without developer tools, and even on devices that are not in enterprise mode. The backdoors expose deep and sensitive data that is nominally encrypted and locked, and there are tools and systems in the field that rely on them, including law-enforcement tools for slurping up data from people who've been detained -- a practice the Supreme Court recently held to be illegal.
Additionally, Zdziarski points out that some NSA leaks reference a secret tool called DROPOUTJEEP, for attacking Ios devices; he speculates that this backdoor may be the key to DROPOUTJEEP's functionality.
Questions for Apple:
Why is there a packet sniffer running on 600 million
personal iOS devices instead of moved to the developer
Why are there undocumented services that bypass user
backup encryption that dump mass amounts of personal
data from the phone?
Why is most of my user data
not encrypted with the
PIN or passphrase, enabling the invasion of my personal
privacy by YOU?
Why is there still no mechanism to review the devices my
iPhone is paired with, so I can delete ones that don’t
When estimating his net worth, Pepe the Cheeto is apt to include a multibillion dollar valuation for the “Trump” brand-name; but new Trump Hotels will be called “Scion” hotels, “a nod to the Trump family and to the tremendous success it has had with its businesses, including Trump Hotels, while allowing for a clear distinction […]
Facebook — which accounts for as much as 75% of the traffic to popular websites — tweaked its algorithm to downrank those same publishers, who had been engaged in an arms-race to dominate Facebook users’ feeds through techniques intended to gain high rank in Facebook’s secret scoring system.
Update: According to The Verge, Facebook has verified the authenticity of the screenshot below. In what appears to be an internal Facebook post, Zuckerberg defends his company’s ongoing association with Peter Thiel — Facebook investor/board member and major donor to white-supremacist/pro-rape presidential candidate Donald Trump.
This week’s top deals from the Boing Boing Store range from lobster to wine to desk organization. 1. Get Maine Lobster (50% Off)With these discounted packages from Get Maine Lobster, you can experience the sweet, fresh flavor of world-renowned Maine lobster right at your own dinner table. There are four options to choose from, each at […]
Nothing is more frustrating than needing to edit or sign a PDF and not having access to the original document. That’s why PDFpenPRO is a must-have app in our books.With this extremely useful app, you can merge, markup, and create PDF documents without ever having to convert your PDFs into word processor file formats. Type directly onto […]
From self-driving cars to stock market predicting software to the recommendations you get on Amazon and Netflix, machine learning is at the core of modern technology. You could find yourself building technology that is literally changing the world with the skills you’ll learn in The Complete Machine Learning Bundle. This bundle of 10 courses includes 406 lessons that will teach […]