Apple acknowledges that iPhones allow extraction of deep personal data
July 27, 2014 Tech 2
Personal data including text messages, contact lists and photos can be extracted from iPhones through previously unpublicised techniques by Apple Inc employees, the company acknowledged this week.
The same techniques to circumvent backup encryption could be used by law enforcement or others with access to the “trusted” computers to which the devices have been connected, according to the security expert who prompted Apple’s admission.
In a conference presentation this week, researcher Jonathan Zdziarski showed how the services take a surprising amount of data for what Apple now says are diagnostic services meant to help engineers.
Users are not notified that the services are running and cannot disable them, Zdziarski said. There is no way for iPhone users to know what computers have previously been granted trusted status via the backup process or block future connections.