Jonathan Zdziarski gave a great presentation at HOPE this year that I think anyone with an iOS device should read.
“Jonathan Zdziarski is considered to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field (sometimes known as the hacker NerveGas), his research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of Justice. Jonathan has extensive experience as a forensic scientist and security researcher specializing in reverse engineering, research and development, and penetration testing, and has performed a number of red-team penetration tests for financial and government sector clients. He frequently consults with law enforcement and military on high profile cases and assists federal, state, and local agencies in their forensic investigations, and has trained many federal, state and local agencies internationally. He has written several books related to the iPhone including iPhone Forensics, iPhone SDK Application Development, iPhone Open Application Development, and his latest, Hacking and Securing iOS Applications.” – http://x.hope.net/
From Johnathan Zdziarski blog:
In addition to the slides, you may be interested in the journal paper published in theInternational Journal of Digital Forensics and Incident Response. Please note: they charge a small fee for all copies of their journal papers; I don’t actually make anything off of that, but it does support the journal.
DON’T PANIC
Before the journalists blow this way out of proportion, this was a talk I gave to a room full of hackers explaining that while we were sleeping, this is how some features in iOS have evolved over the PAST FEW YEARS, and of course a number of companies have taken advantage of some of the capabilities. I have NOT accused Apple of working with NSA, however I suspect (based on released documents) that some of these services MAY have been used by NSA to collect data on potential targets. I am not suggesting some grand conspiracy; there are, however, some services running in iOS that shouldn’t be there, that were intentionally added by Apple as part of the firmware, and that bypass backup encryption while copying more of your personal data than ever should come off the phone for the average consumer. I think at the very least, this warrants an explanation and disclosure to the some 600 million customers out there running iOS devices. At the same time, this is NOT a zero day and NOT some widespread security emergency. My paranoia level is tweaked, but not going crazy. My hope is that Apple will correct the problem. Nothing less, nothing more. I want these services off my phone. They don’t belong there.
With that said, enjoy the slides and the paper; I think it’s solid academic quality research.