In the last few days there has been an increasing noise related to some iOS backdoors. Apple does not deny they exist, but contests how they can be used.
This is not new, and the security researcher who presented his findings did highlight that, it is likely related to methods being used by certain forensic software sold to law enforcement.
What is “concerning” is the following:
– These backdoors are actively maintained and developed by Apple, how much more data will they allow to be extracted from iOS device in future;
– Those backdoors provide access to SMS, Contact, and other potential sensitive data on the phone; they also allow to bypass full disk encryption. This highlight the fact that unless you phone is off, the data on your phone is no longer encrypted per say, but only protected by access control (PIN);
– If it can be used by law enforcement, it can be used by “greyer” parties too
A few links to get further:
– Summary of this story
– Zdziarski presentation, detailed and very informative
– Apple response, not surprising and not really addressing the points of concert