back to article iOS slurpware brouhaha: It's for diagnostics, honest, says Apple

Faced with a growing backlash, Apple has added a page to its support website explaining iOS's previously unexplained data-slurping tools – which were recently highlighted by security researcher Jonathan Zdziarski. The utilities – which includes a silent packet sniffer, a file relay system that bypasses Apple's Backup …

  1. Destroy All Monsters Silver badge
    Holmes

    "Dead people are rising but Authorities say there is no cause for alarm."

    but there's no evidence that they were put there for any reason other than poor engineering

    I find this hard to swallow. Especially as it is Apple.

    1. John Tserkezis

      Re: "Dead people are rising but Authorities say there is no cause for alarm."

      "I find this hard to swallow. Especially as it is Apple."

      Dunno about that. If it were a Lemon, I would totally agree.

    2. Stuart Elliott
      Black Helicopters

      Re: "Dead people are rising but Authorities say there is no cause for alarm."

      One word..

      "Quack".

    3. Gordon 10

      Re: "Dead people are rising but Authorities say there is no cause for alarm."

      "Especially as it is Apple."

      You mean unlike perhaps Google?

      Apple are known for extreme control freakery, but not for flogging off your personal data.

      Google love to pretend they are your friend and they "do no evil" all to get you to be open with your personal data so they can flog it for their profit.

      If this is deliberate (which I doubt) then 99% likelyhood apple are slurping for their own purposes.

      In all these cases - before you get on your high horses and assume conspiracy - try applying Occams Razor. Incompetence trumps Conspiracy every time.

      Even with Snowden as a background - with the exception of Telco's most of the evidence is that the NSA and their ilk like to do things with no-one being aware of it.

      The only known examples of deliberate coercion are the Telco's, possibly the RSA, and NIST and the stuff done under FISA. They are typical spooks mostly - they don't like explaining themselves to their bosses in governments - and if they can do things in a secret squirrel way - they will - its their whole mindset.

      1. Hud Dunlap
        Unhappy

        @ Gordon 10

        Incompetence does not beat conspiracy every time. For all of their issues, Apple is very good at writing code.

        I am an Apple fanboy but I can't stand Cook, and I don't trust their explanation.

      2. Eddy Ito

        Re: "Dead people are rising but Authorities say there is no cause for alarm."

        You mean unlike perhaps Google?

        Wow, hypersensitive much? Who mentioned Google? Why does he have to mean it's unlike anyone? I took the comment that given how secretive Apple tends to be with everything that it is likely that there is much more to the story than Apple are telling.

        Getting back on topic, we know a few things. It only works with a trusted computer and it can work over wireless (WiFi at least). What we don't know is if there is a computer sitting at Apple HQ that is implicitly trusted by all iOS devices.

    4. Anonymous Coward
      Anonymous Coward

      Re: "Dead people are rising but Authorities say there is no cause for alarm."

      At least you KNOW Google are slurping, analysing and profiting from your information.

      1. Anonymous Coward
        Anonymous Coward

        Re: "Dead people are rising but Authorities say there is no cause for alarm."

        At least you KNOW Google are slurping, analysing and profiting from your information.

        Actually, you don't. They make a big play about "not handing off your data to a 3rd party", for instance (in Gmail help), whilst silently skipping over the fact that they themselves ARE a 3rd party. Google would prefer you forgot about what they really do for a living and go back to believing the "do no evil" meme. If I had to choose between trusting Google or Apple, I'd choose Apple over Google anytime.

        In reality I trust neither, but that's more because both are US companies.

        1. Oninoshiko
          WTF?

          Re: "Dead people are rising but Authorities say there is no cause for alarm."

          Umm... by definition Google aren't a 3rd party. While they will use the information you give them for one thing, for something else too, that doesn't make them a 3rd party.

  2. Paul Crawford Silver badge

    Maybe the Russians had a point in dumping iPads, etc, for gov work after all?

    1. Ol' Grumpy

      A valid point and watching Putin trying to make a voice call from one of the the typewriters they ordered could be amusing :)

    2. Annoyed Grunt

      I heard Tim Cook was an active KGB agent.

      1. Destroy All Monsters Silver badge

        He's that old?

  3. All names Taken
    Alien

    Maybe Apple cannot say anything else?

    1. Gordon 10

      Maybe Apple are running around thinking DOH what idiot put that in there.

    2. Ashton Black

      @All names Taken

      I find this plausible. Even if it was placed on the phones for more than "diagnostics" at the request of a given three letter agency, then you can guarantee they would have a gagging order.

      No way to find out, really.

      1. Cipher
        Big Brother

        Re: @All names Taken

        @Ashton Black

        Agree.

        It will interesting to see if Apple modifies these "Diagnostic Services." If they don't, I would think there are forces directing this effort. Why wouldn't they correct this? Unless they cannot under force of law.

        Time will tell...

  4. Gil Grissum

    Apple will likely come up with some way to mask the back doors in the upcoming iOS 8. They'll do a better job of hiding it in their next iPhone versions, as well. Someone slipped up and didn't mask the back doors. Someone has likely been quietly fired and given a gag order to keep them from discussing how they screwed up hiding the back doors. Likely, they'll have received a healthy severance in exchange for their silence...

    1. Anonymous Coward
      Anonymous Coward

      ... or a late night visit from the 'wet work' department that quaintly masquerade convincingly as Cupertino's tea ladies by day.

  5. bigphil9009

    Apple Support Document

    There's something odd going on here - on that support page, they infer that the packet capturing interface is innocent and secure and what-have-you. They then link to a developer page that has the following text in the iOS section:

    "iOS Packet Tracing

    iOS does not support packet tracing directly. However, if you're developing for iOS you can take a packet trace of your app in a number of different ways:

    If the problem you're trying to debug occurs on Wi-Fi, you can put your iOS device on a test Wi-Fi network. See Wi-Fi Capture for details.

    If your app uses HTTP, you can configure your iOS device to use a debugging HTTP proxy (such as Charles HTTP Proxy).

    In iOS 5 and later you can use the remote virtual interface facility."

    Which makes no mention of this innocent, secure feature.

    Are they trying to retcon something here? Or am I just being paranoid?

  6. Fred Flintstone Gold badge

    Why so complicated?

    FFS, just give the guy a first class ticket to Cupertino and let him help the team clean it up.

    All this to and fro and "he said" and "they said" is a waste of time.

    Getting him there means he can see for himself what is going on, help clean it up and get the kudos for it, and Apple gets a reputation for being a clean player. It's not like Apple cannot afford to do this. Just get on with it.

    Sorry for being simplistic here, but the best way to address a problem is to sort out the problem, not by prevaricating around the bush and generate acres of press coverage.

  7. Anonymous Coward
    Anonymous Coward

    Mountains and molehills

    Are the words that come to mind.

    FFS... what's the difference between this and say "tcpdump" that's commonly found on Linux machines ? The chances of iOS being exploited in the way the researcher is suggesting is far lower than a Linux machine which can be infiltrated in many ways....

    Time for a bit of balance.

  8. DropBear
    Coat

    As for the House Arrest function...

    Ok, raise your hand if you too read that as "House Atreides" at first glance. ...no? Just me...? Oh well... (mine is the one with all six volumes in its pocket-->)

    1. Fred Flintstone Gold badge

      Now now - not everyone reads Dune (and the movie was, er, as usual not quite like the books :).

      1. Anonymous Coward
        Anonymous Coward

        "...not everyone reads Dune"

        What kind of preposterous bluster is that, dammit man? Heresy!

  9. Nanners

    It's over

    Look, it's over. If they want you, you will be had. There is NO privacy, there is NO security. It died around the late 90's. if some one wants to find you, if they want your data... it's out there. To avoid it you would have to cut yourself off Putin style. No computers. Your SSN, your credit card numbers, your tax information, your contacts, your address, your profile, your search habits... it's already out there. What more could they want?

    1. Anonymous Coward
      Anonymous Coward

      Re: It's over

      Bull. There is no way I will let them win this one. As long as I have my own mind and as long as I have a family to protect there will be resistance to this sort of BS.

      Governments WANT you to give up (read up on the Panoptikon, that is the psychological aim), but I'm cut from a more stubborn material. It isn't right, nor should it be.

      I'm not some sort of fanatical activist, but there is such a thing as right and wrong.

      And I know I'm right :)

      1. Nanners

        Re: It's over

        What exactly are you trying to keep out of the hands of who? Because I guarantee you they already have it and have had it for a while.

        1. Anonymous Coward
          Anonymous Coward

          Re: It's over

          What exactly are you trying to keep out of the hands of who? Because I guarantee you they already have it and have had it for a while.

          They're welcome to my data - 75% of what's online is deception so I really hope they'll try and use some of it, I could really do with the money..

        2. Anonymous Coward
          Anonymous Coward

          Re: It's over

          "What exactly are you trying to keep out of the hands of who?"

          The subborning of a principle, mainly.

  10. Anonymous Coward
    Anonymous Coward

    "House arrest"?

    I know devs like to come up with cute names for things, but they have to realize these days that people look over binaries with a fine toothed comb and a name like that is going to make people wonder what the heck it is for!

  11. Dan Paul

    It's ALL for the government!

    Face it, the ubiquitous "THEY" want you to be traceable everywhere just like you were wearing an "ankle bracelet" and under house arrest. Who knows whether the GPS or microphone actually turns off when you flip the switch?

    I only have Android experience but I'm sure Apple is the same, and let's not even speculate on a Microsoft product. If you ever bothered to look at the permissions that Android apps request, you would hardly put any on the phone. IOS probably does the same surveilliance but does tell you. Microsoft, well we ALL know what they have been up to.

    It is either fallout of monetizing your personal data, feeding the advertisers, or the government(s).

    The mere capability simply proves the intent!

    1. Anonymous Coward
      Anonymous Coward

      Re: It's ALL for the government!

      The mere capability simply proves the intent

      That's a tad too simplistic IMHO.

  12. Anonymous Coward
    Anonymous Coward

    "...flaws that could be used by an outside attacker, but there's no evidence that they were put there for any reason other than poor engineering."

    No evidence for the 'benign stupidity' option either. Or have the NSA got a new openess policy requiring they install a brass plaque hand engraved with "Polite notice: vital freedom and democracy saving infrastructure, please leave" before we get twitchy?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like