• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Do Not Sell My Personal Information
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

Data-dumping feature on iOS revealed; close relationship with NSA spying tools possible

Updated on Jul 28, 2014 by Guest Authors

A security researcher has discovered several features on the iOS ecosystem that is responsible for circumventing the encrypted backup protection for sensitive data and metadata stored in iOS devices. Worse, these features can be used to remove those pieces of information from your iPhone or iPad or Mac.

According to Jonathan Zdziarski, a forensics expert, the mobile file_relay service in iOS system has the capability of acquiring data by bypassing encryption tools the Apple embedded into its line of products. When the file_relay feature was first installed on the iOS devices, it worked as a benign feature. It was only after a few years that the service grew into a malicious data-acquisition tool.

dark-apple

Attackers are able to access the iOS service through a remote server or via a USB link. The encryption bypassing feature works as long as the user has not yet changed the PIN that he entered last before the file_relay service turned into a data-acquiring tool for hackers.

What it further reveals is the loophole in what Apple said to be an all-encrypted data upon clicking on a button to encrypt the backup protection. The file_relay service has been on iOS for approximately five years now.

And it does not really matter whether you are a skilled developer or a novice when it comes to this field. As Zdziarski further disclosed, a packet capture feature also hounds iOS devices. It works to collect and unload data in transmitted through an inbound and outbound HTTP connection and users have no awareness when it happens because it operates in the background. Take note that the connection does not use encryption.

Some of the data that the file_relay tool can dump includes email addresses, social media accounts, address books, user caches, offline content and keyboard typing data, among others. The researcher also found a file_relay service component in iOS 7 that captures an image of the full metadata of a device. If it falls into the hands of hackers, they can gain access to metadata involving timestamps, sizes of data created and information on all apps that are stored in the device. Attackers can also learn of the names of files on your device, email attachment, keyboard autocorrect caches, photos and voicemails.

It is puzzling why these pieces of information should be found on an iOS device when in fact they should be quickly removed, being metadata only. Zdziarski observed that these features in iOS are somehow related to the tools used by the NSA as revealed by Edward Snowden.

Disclosure: As an Amazon Associate, I earn from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Footer

Laifen Swift Hair Dryer Review – How Is It The Perfect Dyson Supersonic Alternative?

SwitchBot Curtain Smart Electric Motor Review – The Upgraded Version

Purivortex Vortex Mini 2 (AC201B) Air Purifier Review

Shunzao S9 Cordless Stick Vacuum Cleaner Review

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • Laifen Swift Hair Dryer Review – How Is It The Perfect Dyson Supersonic Alternative?
  • BLUETTI EB3A Power Station – Ultra-Portable with 268Wh Capacity and 600W Inverter
  • BOB AND BRAD Q2 Mini Massage Gun – For On-the-go Usage
  • Bob and Brad C2 Massage Gun – The Best Features

Copyright © 2022 ยท All Rights Reserved