Apple has detailed some of the diagnostic capabilities in iOS following claims that such capabilities open up security holes into the operating system.
At a security conference last Friday, forensic scientist and author Jonathan Zdziarski said the NSA may have exploited certain features and services in iOS to gather data on potential targets by using back doors built into the operating system.
Apple acknowledged in a statement on Monday that specific services allow access to certain data for the purpose of diagnostics but asserted that it has never worked with any government agency to intentionally build back doors into iOS.
In a blog posted on Tuesday, Zdziarski said Apple's seeming admission to these so-called diagnostic back doors opens up privacy weaknesses because they bypass the backup password security offered in iOS. Zdziarski also raised doubts about these back doors by saying, "I don't buy for a minute that these services are intended solely for diagnostics."
Apple responded in a technical support document, in which the company attempted to explain how and why the diagnostic capabilities in question are used in iOS.
iOS offers the following diagnostic capabilities to help enterprise IT departments, developers, and AppleCare troubleshoot issues.
Each of these diagnostic capabilities requires the user to have unlocked their device and agreed to trust another computer. Any data transmitted between the iOS device and trusted computer is encrypted with keys not shared with Apple. For users who have enabled iTunes Wi-Fi Sync on a trusted computer, these services may also be accessed wirelessly by that computer.
pcapd supports diagnostic packet capture from an iOS device to a trusted computer. This is useful for troubleshooting and diagnosing issues with apps on the device as well as enterprise VPN connections. You can find more information at developer.apple.com/library/ios/qa/qa1176.
file_relay supports limited copying of diagnostic data from a device. This service is separate from user-generated backups, does not have access to all data on the device, and respects iOS Data Protection. Apple engineering uses file_relay on internal devices to qualify customer configurations. AppleCare, with user consent, can also use this tool to gather relevant diagnostic data from users' devices.
house_arrest is used by iTunes to transfer documents to and from an iOS device for apps that support this functionality. This is also used by Xcode to assist in the transfer of test data to a device while an app is in development.
Apple also pointed to a support document on the familiar "Trust this computer" alert that iOS users receive when they plug their device into a PC.
In another blog posted Wednesday, Zdziarski said he believes Apple is downplaying the risks of certain services.