Earlier this week Apple reaffirmed to iMore that it had never worked with any government agency to create a backdoor in any product or service. That was in answer to questions raised by Jonathan Zdziarski concerning iOS privacy and security. Apple has now published a new support page titled iOS: About diagnostic capabilities which elaborates on the services Zdziarski called out as data leaks. It does not, however, address vulnerabilities in passcode, pairing keys, or trusted device, though Apple typically does not address those types of things until they've pushed out patches. Here's Apple's full support article on the services:
iOS offers the following diagnostic capabilities to help enterprise IT departments, developers, and AppleCare troubleshoot issues.
Each of these diagnostic capabilities requires the user to have unlocked their device and agreed to trust another computer. Any data transmitted between the iOS device and trusted computer is encrypted with keys not shared with Apple. For users who have enabled iTunes Wi-Fi Sync on a trusted computer, these services may also be accessed wirelessly by that computer.
1. com.apple.mobile.pcapd
pcapd supports diagnostic packet capture from an iOS device to a trusted computer. This is useful for troubleshooting and diagnosing issues with apps on the device as well as enterprise VPN connections. You can find more information at developer.apple.com/library/ios/qa/qa1176.
2. com.apple.mobile.file_relay
file_relay supports limited copying of diagnostic data from a device. This service is separate from user-generated backups, does not have access to all data on the device, and respects iOS Data Protection. Apple engineering uses file_relay on internal devices to qualify customer configurations. AppleCare, with user consent, can also use this tool to gather relevant diagnostic data from users' devices.
3. com.apple.mobile.house_arrest
house_arrest is used by iTunes to transfer documents to and from an iOS device for apps that support this functionality. This is also used by Xcode to assist in the transfer of test data to a device while an app is in development.
When Chinese TV called iOS a location tracker, Apple responded on the consumer facing portion of their Chinese website, and in much more direct-to-customer terms. It's interesting to see Apple address the specific services in Zdziarski claims, but to address them in a support document, and to address them in technical terms.
Apple is already increasing the security in iOS 8. Hopefully diagnostics, pairing records, and any other newly discovered vectors will have their security increased as well, and soon.
Source: Apple Support
We may earn a commission for purchases using our links. Learn more.
Physical Steve Jobs application letter sells for $343,000, NFT nets $27,643
A year before Steve Jobs joined Atari and a long time before Apple was founded, a now-famous job application was penned by the man himself. That application most recently sold for more than $200,000 — and it's up for auction again. Oh, and there's an NFT version as well!
You can now download the third public beta for macOS Monterey
Are you ready to take the next version of macOS out for a spin? Here's how to install the public beta of macOS Monterey on your computer.
Review: Plugable's 7-Port Data and Charging Hub for USB-A ports galore
If you've bemoaned the lack of USB-A ports on your Mac, moan no more. Plugable's hub adds seven, count 'em, seven USB-A ports to your computer.
Protect your home with the best HomeKit security systems
Whether you go DIY or opt for professional monitoring, the best HomeKit security systems provide protection and peace of mind. These are the best of the best!