NSA has access to every iOS device

Privacy has always been one big issue when it came to using smartphones, but no one knew precisely why. Many of us feared social networks and apps that required private information and payed less attention to the actual device and its OS system. It would seem Apple’s iOS features a so called “backdoor” that allows agencies like the NSA to have almost complete access to every iOS running device. Forensic scientist and writer Jonathan Zdziarski, presented some slides at the HOPE conference in New York, in which he proved that, in general, the iPhones are well secured, specially the iPhone 5S that runs iOS 7, but they will never be protected from the government or Apple itself.

Zdziarski is knows as the hacker “NorveGas” among his colleagues from Apple’s development community that worked on early iOS jailbreaks and actually wrote 5 books including “Hacking and Securing iOS applications”. NSA’s surveillance over iPhones was  magnified when security researcher Jacob Appelbaum reportedly gave the company almost complete access to the devices, actions later revealed by the same character in 2013, when NSA’s program dubbed “DROPOUTJEEP” was revealed. The leaked document suggesting the tight relationship between the two companies, noted that the so called “malware” required “implants via close access methods”, meaning perhaps an actual physical access to the devices. The document was dated in 2008, so we would have calmed down if this sentence didn’t popped-out : “a remote installation capability will be pursued for a future release”.

At the HOPE ( Hackers On Planet Earth) conference, Zdziarski revealed a number of forensics, high-valued services running on every iOS device, iPhones included. He also showed a large number of  “suspicious design omissions in iOS that make collection easier”, along with forensic artifacts that “should never come off the device” without the users knowledge. After ensuring everyone that iPhones are “reasonably secure”, Zdziarski noted that Apple has “worked hard to ensure that it can access data on end-user devices on behalf of law enforcement”. For those wanting to encrypt their data, Zdziarski suggested that the only way to do so is actually shutting down the device, not a “great” method if we may say so, but apparently the only one he thought about.

[ads2]

“Your device is almost always at risk of spilling all data, since it’s almost always authenticated, even while locked.” So, if not even shutting down the power isn’t secure enough, what is? The so called back doors are practically unstoppable, both Apple and the NSA/government have almost permanent and complete access to your iOS running device. Even if iPhones are well protected by “typical attackers”, as Apple notes, these back doors are forever unlocked for the company itself and the government.