Here's another instance of your privacy being compromised by the NSA!
Forensic scientist Jonathan Zdziarski recently revealed a series of suspicious security backdoors found in all iOS 7 devices. Zdziarski - whose hacker handle is NerveGas - posted the slides from his presentation at a white-hat hacker convention online.
Zdziarski alleges that a 2013 NSA program called DROPOUTJEEP succeeded in giving the agency complete access to every iPhone. The document, originally revealed by security researcher Jacob Applebaum, is shocking.
The leaked document, dated 2008, noted that the malware required "implant via close access methods" (presumably physical access to the iPhone) but ominously noted that "a remote installation capability will be pursued for a future release."
The caveat that Zdziarski acknowledges is that iOS is a very safe platform against hackers. That is, unless the hacker is an NSA data analyst. Zdziarski discovered many undocumented services in the iOS system.
Services exposed by Zdziarski (like "lockdownd," "pcapd" and "mobile.file_relay") can bypass encrypted backups and be accessed via USB, Wi-Fi and "maybe cellular." What's most suspicious about the undocumented services (and the data they collect) is that they're not referenced in any Apple software, the data is personal in nature (thus unlikely to be for debugging) and is stored in raw format, making it impossible to restore to the device (making it useless to carriers or during a trip to the Genius Bar). Zdziarski does a good job of refuting most plausible explanations for the code.
It certainly sounds like a deal between Apple and a certain info-happy security agency was struck at some point. My question is this: Why isn't Apple more forthcoming with its customers? Wouldn't they want to know if their phones came prepackaged with a backdoor leading straight to an NSA data center?
Concerned about the NSA? You will be when you read stories on my site.
How do you think Apple should deal with this? Let's start a discussion in the comment section.