Be careful, iPhone users. There’s a trick that allows people to get hold of your information, even if you do not wish to give it to them.
According to iOS exploitation expert Jonathan Zdziarski, there are several critical system files that will allow a third party to retrieve sensitive data like GPS location, contacts and last entered message given that they have the required knowledge and technical expertise.
What makes it worse is that once the intruder’s PC gets paired to the victim’s phone, they may be even able to retrieve information in real time should they be within the same network.
This reveals a major security flaw which compromises the data protection policies that Apple upholds. The electronic giant has responded to his concerns and acknowledgement of the loopholes, but mentioned that they regard them as “diagnostic capabilities” which are solely used on their own accord in providing technical support for enterprise IT departments, developers, and Apple themselves.
This led to Zdziarski suggesting that it will be possible for the National Security Agency (NSA) to use such methods for accessing information of their targets albeit his lack of evidence to justify that.
Apple, on the other hand, responded that they have never worked with any government agencies from any country to create a backdoor in the products that they produce.
Apple went on to emphasize that in order for this entire “espionage” theory to work it will require the perpetrator to be in control of the pairing file and be in the same network as the target, as well as the need for the phone to be paired to the device.
While Apple may not be working with government agencies, it leaves one to wonder what are the possibilities of the enterprise entities and developers that have access to this “diagnostic capability” to be working with NSA?