Security researcher and iOS forensics expert Jonathan Zdziarski has published a paper and hosted a talk at HOPE/X about identifying backdoors, attack points, and surveillance mechanisms in iOS devices.
Zdziarski has found that there are several services in iOS that reportedly facilitate organizations like the NSA. The services do not require the user to be in developer mode for them to work, therefore they are available on every iOS device.
For example, one of these services that Zdziarski points out in his presentation slides is a packet sniffer called “com.apple.pcapd”. The service “dumps network traffic and HTTP request/response data traveling into and out of the device” and can be targeted via WiFi for remote monitoring.
The packet sniffer is active on every iOS device and can be run without any visual indication to the user. Here is a slide which shows a snippet of data from the packet sniffer:
Over the past several years, Apple has continuously promoted user security and privacy in iOS. However, according to findings by Zdziarski, he believes this does not seem to be the case, as his research claims the company is making it even easier to get your data.
Zdziarski’s journal paper can be purchased for a small fee or you can read through his presentation slides from his HOPE/X talk for free. For anyone interested in the security mechanisms found in iOS, the presentation slides are an interesting read.
Contrary to this research, Apple has long stated it does not work with the NSA and their iOS devices are secure, as reiterated by CEO Tim Cook.