"Dead people are rising but Authorities say there is no cause for alarm."
but there's no evidence that they were put there for any reason other than poor engineering
I find this hard to swallow. Especially as it is Apple.
Faced with a growing backlash, Apple has added a page to its support website explaining iOS's previously unexplained data-slurping tools – which were recently highlighted by security researcher Jonathan Zdziarski. The utilities – which includes a silent packet sniffer, a file relay system that bypasses Apple's Backup …
"Especially as it is Apple."
You mean unlike perhaps Google?
Apple are known for extreme control freakery, but not for flogging off your personal data.
Google love to pretend they are your friend and they "do no evil" all to get you to be open with your personal data so they can flog it for their profit.
If this is deliberate (which I doubt) then 99% likelyhood apple are slurping for their own purposes.
In all these cases - before you get on your high horses and assume conspiracy - try applying Occams Razor. Incompetence trumps Conspiracy every time.
Even with Snowden as a background - with the exception of Telco's most of the evidence is that the NSA and their ilk like to do things with no-one being aware of it.
The only known examples of deliberate coercion are the Telco's, possibly the RSA, and NIST and the stuff done under FISA. They are typical spooks mostly - they don't like explaining themselves to their bosses in governments - and if they can do things in a secret squirrel way - they will - its their whole mindset.
You mean unlike perhaps Google?
Wow, hypersensitive much? Who mentioned Google? Why does he have to mean it's unlike anyone? I took the comment that given how secretive Apple tends to be with everything that it is likely that there is much more to the story than Apple are telling.
Getting back on topic, we know a few things. It only works with a trusted computer and it can work over wireless (WiFi at least). What we don't know is if there is a computer sitting at Apple HQ that is implicitly trusted by all iOS devices.
At least you KNOW Google are slurping, analysing and profiting from your information.
Actually, you don't. They make a big play about "not handing off your data to a 3rd party", for instance (in Gmail help), whilst silently skipping over the fact that they themselves ARE a 3rd party. Google would prefer you forgot about what they really do for a living and go back to believing the "do no evil" meme. If I had to choose between trusting Google or Apple, I'd choose Apple over Google anytime.
In reality I trust neither, but that's more because both are US companies.
Apple will likely come up with some way to mask the back doors in the upcoming iOS 8. They'll do a better job of hiding it in their next iPhone versions, as well. Someone slipped up and didn't mask the back doors. Someone has likely been quietly fired and given a gag order to keep them from discussing how they screwed up hiding the back doors. Likely, they'll have received a healthy severance in exchange for their silence...
There's something odd going on here - on that support page, they infer that the packet capturing interface is innocent and secure and what-have-you. They then link to a developer page that has the following text in the iOS section:
"iOS Packet Tracing
iOS does not support packet tracing directly. However, if you're developing for iOS you can take a packet trace of your app in a number of different ways:
If the problem you're trying to debug occurs on Wi-Fi, you can put your iOS device on a test Wi-Fi network. See Wi-Fi Capture for details.
If your app uses HTTP, you can configure your iOS device to use a debugging HTTP proxy (such as Charles HTTP Proxy).
In iOS 5 and later you can use the remote virtual interface facility."
Which makes no mention of this innocent, secure feature.
Are they trying to retcon something here? Or am I just being paranoid?
FFS, just give the guy a first class ticket to Cupertino and let him help the team clean it up.
All this to and fro and "he said" and "they said" is a waste of time.
Getting him there means he can see for himself what is going on, help clean it up and get the kudos for it, and Apple gets a reputation for being a clean player. It's not like Apple cannot afford to do this. Just get on with it.
Sorry for being simplistic here, but the best way to address a problem is to sort out the problem, not by prevaricating around the bush and generate acres of press coverage.
Are the words that come to mind.
FFS... what's the difference between this and say "tcpdump" that's commonly found on Linux machines ? The chances of iOS being exploited in the way the researcher is suggesting is far lower than a Linux machine which can be infiltrated in many ways....
Time for a bit of balance.
Look, it's over. If they want you, you will be had. There is NO privacy, there is NO security. It died around the late 90's. if some one wants to find you, if they want your data... it's out there. To avoid it you would have to cut yourself off Putin style. No computers. Your SSN, your credit card numbers, your tax information, your contacts, your address, your profile, your search habits... it's already out there. What more could they want?
Bull. There is no way I will let them win this one. As long as I have my own mind and as long as I have a family to protect there will be resistance to this sort of BS.
Governments WANT you to give up (read up on the Panoptikon, that is the psychological aim), but I'm cut from a more stubborn material. It isn't right, nor should it be.
I'm not some sort of fanatical activist, but there is such a thing as right and wrong.
And I know I'm right :)
What exactly are you trying to keep out of the hands of who? Because I guarantee you they already have it and have had it for a while.
They're welcome to my data - 75% of what's online is deception so I really hope they'll try and use some of it, I could really do with the money..
Face it, the ubiquitous "THEY" want you to be traceable everywhere just like you were wearing an "ankle bracelet" and under house arrest. Who knows whether the GPS or microphone actually turns off when you flip the switch?
I only have Android experience but I'm sure Apple is the same, and let's not even speculate on a Microsoft product. If you ever bothered to look at the permissions that Android apps request, you would hardly put any on the phone. IOS probably does the same surveilliance but does tell you. Microsoft, well we ALL know what they have been up to.
It is either fallout of monetizing your personal data, feeding the advertisers, or the government(s).
The mere capability simply proves the intent!
"...flaws that could be used by an outside attacker, but there's no evidence that they were put there for any reason other than poor engineering."
No evidence for the 'benign stupidity' option either. Or have the NSA got a new openess policy requiring they install a brass plaque hand engraved with "Polite notice: vital freedom and democracy saving infrastructure, please leave" before we get twitchy?
Biting the hand that feeds IT © 1998–2020