Apple has pushed back against accusations by forensic scientist Jonathan Zdziarski that the company has designed its products with back doors that give law enforcement access to data stored on the devices.
Zdziarski made the claim last Friday in his presentation at the Hackers on Planet Earth conference in New York, ZDNet reports. While he acknowledges that Apple devices are reasonably secure from typical attackers, he found that certain undocumented software running on all iOS devices makes data easily accessible by Apple on behalf of law enforcement.
As he explains in his presentation slides, which he has made available online, the main vulnerability results from the way iOS devices encrypt data. According to Zdziarski, encryption is only enabled when the phone is shut down. Once the user turns on and unlocks the device, these undocumented services can bypass any backup encryption and access data stored on the device via a USB or Wi-Fi connection, even if the user locks the device again.
However, on his blog, Zdziarski clarified that he is not accusing Apple of working with the National Security Agency, although he suspects that the NSA may have utilized the back doors built into Apple products.
In response, Apple released a statement denying Zdziarski’s allegations, claiming it has designed its products to protect user privacy, CNET reports.
“We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues,” the statement said.
The statement goes on to say that, counter to Zdziarski’s claims, a user must unlock the device, agree to trust another computer and agree to share the data with that particular computer in order to access the data.
However, in another blog entry, Zdziarski noted that this statement does in fact admit to the existence of back doors. Even if they were implemented for harmless diagnostic use, they could still be exploited by law enforcement. Additionally, Zdziarski expressed skepticism over Apple’s claim that the back doors are intended purely for diagnostic use.
