Apple: We Don't Build Backdoors Into Any Services
Recently, Apple products were run through a gamut of tests by a forensic scientist. This expert claimed that a backdoor existed in Apple products, and those were used by the NSA to exploit features in iOS. Though this expert didn't directly blame Apple for creating a loophole, he did note they tend to be widespread. Apple has since issued a response.
According to Financial Times' Tim Bradshaw, Apple is categorically denying they purposefully place an y backdoor into their software. They also deny working with any government agency to create a workaround in keeping tabs on us:
We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues. A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent.As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products of services.
In a blog post, expert Jonathan Zdziarski defends his claims, saying "I have NOT accused Apple of working with NSA, however I suspect (based on released documents) that some of these services MAY have been used by NSA to collect data on potential targets," Zdziarski said in a blog post. "I am not suggesting some grand conspiracy; there are, however, some services running in iOS that shouldn't be there, that were intentionally added by Apple as part of the firmware, and that bypass backup encryption while copying more of your personal data than ever should come off the phone for the average consumer. I think at the very least, this warrants an explanation and disclosure to the some 600 million customers out there running iOS devices."
Zdziarski went on to say "The data they leak is of an extreme personal nature. There is no notification to the user. A real diagnostic tool would have been engineered to respect the user, prompt them like applications do for access to data, and respect backup encryption. Tell me, what is the point in promising the user encryption if there is a backdoor to bypass it?"
Apple hasn't responded to the latest claims, but they're not likely to. They may, however, take Zdziarski's concerns into consideration as they prep iOS 8 and OS X Yosemite. The OS duo, which will be released this Fall, offer increased security over the current OS offerings from Apple.
Via: CNET