Skip to main content
  1. Home
  2. Mobile
  3. News

Why that iOS ‘backdoor’ isn’t really a threat unless Big Brother is after you

By

ios backdoor isnt really a threat iphone 5s fingerprint scanner
Image used with permission by copyright holder
Last week, forensic scientist and iOS hacker Jonathan Zdziarski revealed what appears to be a backdoor in iOS at the Hackers On Planet Earth conference in New York. Shortly thereafter, his report flooded the Internet, alerting iOS users to the danger.

Zdziarski stated that the backdoor could be used by hackers, the NSA, or other government agencies to spy on unsuspecting iOS users. Apple stated that no backdoor was intentionally built into iOS and that it works with no government surveillance programs whatsoever. The company also said that the feature is used to diagnose problems with iPhones and iPads only. In response, Zdziarski cautioned iOS users against overreacting to his report, but encouraged Apple to solve the issue.

Recommended Videos

However, Zdziarski did not address the main question that iPhone and iPad users want answered: Is the backdoor in iOS and immediate and likely threat to my iOS devices?

Related

Based on Zdziarski’s report, the answer is no. But before we get to that, let’s take a closer look at his report.

What info does the backdoor reveal?

When exploited, the backdoor Zdziarski found in iOS would allow hackers access to all the metadata stored on your iPhone, your GPS location data, calendar and contacts, photos, and recent messages. The backdoor could easily be used to surveil a person once the device is compromised. Zziarski stated that the features could be used by high-level hackers, the NSA, or other government agencies.

Zdziarski added that although he doesn’t think it’s a “grand conspiracy” by Apple, “there are some services running in iOS that shouldn’t be there, that were intentionally added by Apple as part of the firmware and that bypass backup encryption while copying more of your personal data than ever should come off the phone for the average consumer.”

In a statement to Financial Times writer Tim Bradshaw, Apple countered that iOS is designed “so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues,” adding that “a user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent.”

Apple (once again) did deny creating the backdoor to give governments easy access to user data.

How would a hacker access the information?

Zdziarski’s report revealed that hackers can access the backdoor  only when the iPhone or iPad is paired via USB with a Mac or PC. During the pairing process, a pairing file is created and stored on both the PC/Mac and the iOS device. If a hacker retrieves this file, he can access all the user information listed above. The hacker could then surveil the user from the device itself, after using a few tools built into iOS itself.

  • Using the lockdownd feature, the com.apple.mobile.installation_proxy service lets any person with an Apple enterprise license to download malware to the iOS device.
  • Hackers could exploit the com.apple.mobile.house_arrest feature to view databases and personal data from third-party apps. The tool also includes a packet sniffer, which can record every action the user takes on the iOS device from then on.
  • Another tool called file relay could let hackers copy all your metadata, GPS location, calendar, contacts, photos, and recent messages typed on the screen.

However, in order to access all these malicious backdoor features in iOS, hackers must go through several key steps with specific information on hand. First, the hacker has to know where your iOS device is located, what Wi-Fi network its on, and the pairing codes used by your PC or Mac and iOS device during USB pairing. The iOS device must also be unlocked, connected to Wi-Fi, and paired to an infected computer.

Is it easy to exploit the features and will it happen to me?

Apple quickly pointed out that it is highly unlikely that the average hacker will have all that highly detailed information about you and your iOS device. Essentially, the hacker would have to know where you live, have access to your personal computer, and be very stealthy to exploit these features.

Based on Zdziarski’s report, it appears that unless your brother is a hacker or Big Brother is watching you, the backdoor is no threat to you or your personal data.

Nonetheless, the fact that the NSA or other government agencies could take advantage of these features is concerning and Apple should fix the issue immediately.

Editors’ Recommendations

Topics
Malarie Gokey
Malarie Gokey
Former Digital Trends Contributor
As DT's Mobile Editor, Malarie runs the Mobile and Wearables sections, which cover smartphones, tablets, smartwatches, and…
The iPhone 18 may get a big redesign you won’t be able to see
The back of the Apple iPhone 16 Plus.

The design of the iPhone can only be described as iconic. That rectangular shape has been a major influence on phone aesthetics and design since the first iPhone came onto the market back in 2007, and that isn't likely to change. The internal design of the iPhone might radically shift, however. Apple is supposedly planning to change how the iPhone hardware is designed to accommodate better AI performance.

Essentially, Apple wants to use discrete memory rather than integrated memory. Those are technical terms that basically mean separate and together. On the internal system on a chip (SoC), any memory that is stacked on top is considered integrated memory. Discrete memory would be RAM that is packaged separately from the SoC. If reports are correct, Apple will begin using discrete memory in 2026, and the shift would result in faster memory and better AI performance, according to The Elec.

Read more
The 10 best messaging apps for Android and iOS in 2024
best messaging apps.

Want to learn more about which messaging app best suits your needs? WhatsApp, Telegram, and Signal are among the most secure picks, with end-to-end encryption to keep your chats safe. But there are also unique apps like Dust, where messages self-destruct after 24 hours, and Discord, which lets gamers easily chat while playing together. Meanwhile, Snapchat and Kik are popular for younger crowds with fun filters and the ability to join large group chats.

With so many messaging apps out there offering features like video calls, file sharing, and disappearing messages, it can be hard to choose the best one. That's why we've tested 10 of the most popular options on Android and iOS. Check out the full rundown with all the must-know details. They run on the Galaxy Z Fold 6, iPhone 16, and anything else that runs on Android or iOS.
WhatsApp

Read more
How to use iOS 18 FaceTime gestures (and what they look like)
Video reactions in macOS Sonoma, with the balloons effect in use.

Apple iOS 17 brought FaceTime gestures to the iPhone last year, livening up the FaceTime experience for all users. FaceTime gestures are even more useful now with iOS 18 and Apple Intelligence. Once it’s set up correctly, you’ll be able to send 3D animations to your friends and family during FaceTime video calls. You’ll even be able to trigger the animations with physical gestures.

Getting your phone ready for action doesn’t take much time or effort, but we put this guide together to walk you through the process nonetheless. 
How to make a FaceTime gesture in iOS 18

Read more