Personal data of iPhone users, including text messages, contact lists and photos, can be extracted from their devices through previously unpublicized techniques by Apple employees, a security expert said, prompting an admission from the US technology giant.
Speaking at the recent Hackers on Planet Earth conference, researcher Jonathan Zdziarski said the same techniques to circumvent backup encryption could be used by law enforcement or others with access to “trusted” computers to which the devices have been connected, Reuters reported.
Apple said those were diagnostic services meant to help engineers, and denied allegations that they were “back doors” for intelligence agencies.
But users are not notified that the services are running and cannot disable them, Zdziarski was quoted as saying.
As word spread about Zdziarski’s presentation at the conference, some cited it as evidence that Apple was collaborating with the National Security Agency.
But the company denied this. “We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues,” Apple said. “A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data.”
Zdziarski also said he did not believe that the services were aimed at spies. But he said that they extracted much more information than was needed, with too little disclosure.
– Contact us at [email protected]