July 28, 2014
'Trusted' Computers Can Access Personal Information of Users
Information on an iPhone may not be as secure as some users would like to believe.
Apple admitted this week users’ personal information — such as contacts and text messages — can be extracted from the devices.
The information can be taken off the phones using similar techniques employed to circumvent backup encryption, Reuters reported. Law enforcement or others who have access to trusted computers, the report stated, would allow the information to be accessed.
The revelation came late last week when researcher Jonathan Zdziarski showed how services take information for what Apple said is diagnostic services.
Bidness Etc said Apple did not dispute the claim but simply shrugged it off noting the data is extracted and is used by enterprise IT departments, developers and Apple to troubleshoot technical issues.
Zdziarski said iPhone users wouldn’t even be aware the services are running and have no way to turn them off. Adding to the mystery, or the unknown, for users is the fact that if computers have previously been granted the trust status is not known to users.
“There’s no way to `unpair’ except to wipe your phone,” Zdziarski said.
Late last week he posted a video demonstration during a conference showing what information he was able to take from an unlocked computer while using a trusted computer.
In the Reuters story, Apple was quoted as saying the services “do not compromise” privacy and security though some information is needed for certain services.
“A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data,” said Apple.
W. Brice McVicar is a staff writer for SiteProNews.