Apple has had to rebuff claims (again) that it has included some features that could allow third parties to gather data from devices without users knowing.
Security researcher, Jonathan Zdziarski, reckons that Apple doesn't do enough to protect data through encryption.
He explained that once a device is first unlocked after reboot, most of the encrypted data is accessible until the device is shut down.
"Your device is almost always at risk of spilling all data, since it's almost always authenticated, even while locked," Zdziarksi added.
He highlighted the fact that some services run in iOS that shouldn't be there and were "intentionally added by Apple as part of the firmware".
He stopped short of accusing Apple of deliberately adding these to facilitate mass spying from intelligence agencies like the NSA.
Apple's forceful denial
Apple sent a statement to iMore explaining that "We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues."
It further added, "A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent."
Apple's statement ended by highlighting the fact that it "has never worked with any government agency from any country to create a backdoor in any of our products or services."
http://ift.tt/WBOvl8
No comments:
Post a Comment