Apple documents previously undocumented services that can leak user data

Four days after a forensics expert warned that undocumented functions in iOS could leak personal user data, Apple has documented three services it says serve diagnostic purposes.

"iOS offers the following diagnostic capabilities to help enterprise IT departments, developers, and AppleCare troubleshoot issues," the support article published Tuesday stated. "Each of these diagnostic capabilities requires the user to have unlocked their device and agreed to trust another computer. Any data transmitted between the iOS device and trusted computer is encrypted with keys not shared with Apple. For users who have enabled iTunes Wi-Fi Sync on a trusted computer, these services may also be accessed wirelessly by that computer." As Ars reported Monday, three undocumented services include a packet sniffer dubbed com.apple.mobile.pcapd, a file downloader called com.apple.mobile.file_relay, and com.apple.mobile.house_arrest, a tool that downloads iPhone and iPad files to an iTunes folder stored on a computer.

Jonathan Zdziarski, the forensics expert who brought the undocumented functions to light on Saturday, published a blog post in response that criticized Apple's characterization of the services. He continued to maintain that at least one of the capabilities—stemming from the file relay service—constitutes a "backdoor" as defined by many security and forensics practitioners. He also took issue with Apple's suggestion that the purpose of the services was limited to diagnostics. He reiterated his previous stance that he doesn't believe Apple added the functions at the request of the National Security Agency.

Read 3 remaining paragraphs | Comments