Mobile security and privacy of Apple iPhone called into question

Researchers have discovered that a great deal of data held by these smartphones can be extracted from them.

According to a recent mobile security acknowledgement from Apple, it is possible for its employees to be able to use previously unpublicized techniques in order to be able to extract data from consumer iPhones, such as contact lists, photos, and other types of personal data such as text messages.

The equivalent techniques could also be applied by law enforcement to work around backup encryption.

This same mobile security sidestepping technique could be applied by others who have “trusted” forms of computers to which the iPhones have been connected. This according to an expert in privacy and security who brought about the admission from the tech giant. Last week, at a presentation that took place in a conference, Jonathan Zdziarski, a researcher, demonstrated how the services were capable of accessing considerable quantities of data by way of diagnostic services that Apple has said are meant for use by engineers.

The researcher said that iPhone users are not told when this mobile security and private data access is occurring.

Zdziarski also stated that there is no way for users to disable the services or prevent them from running. This means that there is no way for the user of an iPhone to know which computers have already been labeled as a trusted device by way of the backup process and these users cannot choose to stop future connections. He stated that “There’s no way to `unpair’ except to wipe your phone.” He then went about demonstrating that he was capable of extracting private data from a locked phone through the use of a computer with trusted status.

Although some have stated that they feel that this is evidence that the National Security Agency and Apple are collaborating with each other, Apple has denied all claims that they have constructed any type of “back doors” to their mobile security be used by intelligence agencies. A statement from the company said that “We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues.”