Apple tech note illuminates purported 'backdoor' services

Just a couple days after a security researcher alleged that iOS contained "backdoor" access to user information, Apple has posted a knowledge base article explaining many of the systems that were under scrutiny.

In the article, iOS: About diagnostic capabilities, Apple calls out three services: a packet capture tool called "pcapd," one called "file_relay," and a third dubbed "house_arrest." According to Apple, all three of these technologies are used "to help enterprise IT departments, developers, and AppleCare troubleshoot issues." The company also emphasized that users must unlock their devices and connect them (via a cable or iTunes Wi-Fi Sync) to a trusted computer for the information to be retrieved; and even then, data transferred between the two is encrypted, and the keys are not shared with Apple.

Only a brief overview is provided for each of the three tools. Pcapd is intended for diagnostic packet capture--that is, network troubleshooting--and determining problems with third-party apps and enterprise VPN connections. Further information is available in documentation on packet traces in Apple's iOS Developer Library.

File_relay, which security researcher Jonathan Zdziarski called the "biggest forensic trove of intelligence" on iOS devices, is, according to Apple, intended for "limited copying of diagnostic data from a device." The company also says it's separate data from backups that user makes, can't access everything on the device, and respects third-party encryption. It's specifically used by Apple engineering on internal devices and, in some cases, by AppleCare, for diagnostic purposes.

Finally, house_arrest is the tool underlying iTunes File Sharing, letting you copy documents to and from third-party apps that support it. Xcode also uses the service to transfer test data for apps in development.

While Apple's tech document may not allay all concerns about these tools--specifically that they, in some cases, seem to have a broader access than is really necessary for certain diagnostics--the fact that Apple unabashedly posted a tech document describing them does take a certain amount of air out of the argument that any of these are "secret backdoors" intended for snooping on users.

More to the point, Cupertino appears to be continuing to uphold the transparency that it's touted around privacy issues. That's the attitude we've come to expect from Apple, and it's good to see the company live up to that.

Join the CSO newsletter!

Error: Please check your email address.

Tags Appleios 7securityprivacy

More about AppleApple.

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Dan Moren

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts