Following the conference presentation, in which Zdziarski implied that these loopholes could be used by the NSA or others to collect massive amounts of data from iPhone users, Apple released a statement saying that what he’s discovered is actually a diagnostic tool to send relevant info to Apple, and that these “diagnostic functions do not compromise user privacy and security.”
Additionally, Apple says the only way for any data to be transmitted is for the iPhone user to unlock their phone and hook it up to a “trusted” computer.
“The user must agree to share this information, and data is never transferred without their consent,” writes Apple, which again denied it was working with the NSA or “any government agency from any country to create a backdoor in any of our products of services.”
In response, Zdziarski posted on his blog Tuesday:
The problem with this is that these services dish out data (and bypass backup encryption) regardless of whether or not ‘Send Diagnostic Data to Apple’ is turned on or off, and whether or not the device is managed by an enterprise policy of any kind. So if these services were intended for such purposes, you’d think they’d only work if the device was managed/supervised or if the user had enabled diagnostic mode. Unfortunately this isn’t the case and there is no way to disable these mechanisms. As a result, every single device has these features enabled and there’s no way to turn them off, nor are users prompted for consent to send this kind of personal data off the device. This makes it much harder to believe that Apple is actually telling the truth here.
Apple then posted this updated technical support document, which provides more details on what each of the previously undocumented capabilities is used for.
The company also admitted that the iPhone’s connection to a trusted computer need not be physical, via a cable, but can be wireless if the user has enabled iTunes WiFi Sync.
This morning, Zdziarski posted another blog entry, clarifying that he’d never accused Apple of working with the NSA or that the undocumented functions were created for malicious purposes, but adding that just because they weren’t intended to allow snooping doesn’t mean “that the government can’t take advantage of back doors to access the same information.”
Additionally, he voices concern about Apple not responding to all of the issues he’s raised.
One of the bigger ones is the “file relay” function, which Apple says “supports limited copying of diagnostic data from a device” and “does not have access to all data on the device.”
But Zdziarski has a very different opinion on this topic.
“Apple is being completely misleading by claiming that file relay is only for copying diagnostic data,” he writes. “If, by diagnostic data, you mean the user’s complete photo album, their SMS, Notes, Address Book, GeoLocation data, screenshots of the last thing they were looking at, and a ton of other personal data – then sure… but this data is far too personal in nature to ever be needed for diagnostics. In fact, diagnostics is almost the complete opposite of this kind of data.”
He adds, “File relay is far too sloppy with personal data, and serves up a lot more than ‘diagnostics’ data.”
And while Zdziarski gives Apple credit for providing some information about these previously unknown services, he questions whether those in control at the company are “aware of how much non-diagnostic personal information it copies out, wirelessly, bypassing backup encryption.”
“All the while that Apple is downplaying it, I suspect they’ll also quietly fix many of the issues I’ve raised in future versions,” he writes. “At least I hope so. It would be wildly irresponsible for Apple not to address these issues, especially now that the public knows about them.”