Earlier this week, forensic scientist and iPhone jailbreak expert Jonathan Zdziarski had raised concerns over the so-called backdoor services included in iOS that could make data collection easier for both the iPhone maker and government agencies.
Apple had issued a statement earlier today denying claims that it had created the backdoor services for government agencies. It clarified that the services in question were diagnostic services provided needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues, and did not compromise user privacy and security.
Apple has gone a step further and published a support document that provides some more information about these diagnostic services to highlight how they’re being used in a legitimate way.
Each of these diagnostic capabilities requires the user to have unlocked their device and agreed to trust another computer. Any data transmitted between the iOS device and trusted computer is encrypted with keys not shared with Apple. For users who have enabled iTunes Wi-Fi Sync on a trusted computer, these services may also be accessed wirelessly by that computer.
pcapd supports diagnostic packet capture from an iOS device to a trusted computer. This is useful for troubleshooting and diagnosing issues with apps on the device as well as enterprise VPN connections. You can find more information at developer.apple.com/library/ios/qa/qa1176.
file_relay supports limited copying of diagnostic data from a device. This service is separate from user-generated backups, does not have access to all data on the device, and respects iOS Data Protection. Apple engineering uses file_relay on internal devices to qualify customer configurations. AppleCare, with user consent, can also use this tool to gather relevant diagnostic data from users’ devices.
house_arrest is used by iTunes to transfer documents to and from an iOS device for apps that support this functionality. This is also used by Xcode to assist in the transfer of test data to a device while an app is in development.
It is interesting to see Apple sharing more information to explain the legitimate reasons behind having these services to address some of the concerns raised by security experts. Ever since former NSA contractor Edward Snowden leaked documents that revealed how the NSA collects phone records on millions of customers and has software to spy on iOS device owners, major tech companies like Apple have faced an onslaught of criticism and investigation into how the personal information of users is being handled.
As a user it is great to see Apple being transparent about the issue, rather than ignoring or taking the we don’t care approach.