Latest posts by Alvin Bryan (see all)
- Millionaire Tyupkin Malware ATM Hackers May Come to US, India After Hitting Europe - October 23, 2014
- BitLicense Will Allow Bitcoin Spying in New York - October 22, 2014
- Australians are Fighting Data Retention Laws - October 22, 2014
Apple is known to have cooperated with NSA spying. Several serious vulnerabilities in Apple software have been discovered since then. And since then, VPN iPhone encryption has helped users keep their activities private. Apple always denies that they allow these bugs that endanger users to remain in their software. But the level of access that they maintain over their users’ data is disturbing. Their access is also transferrable to any third party, including government agencies.
Apple and NSA Can Take All User Data
Apple is not only taking user data, but using data extraction methods that are not pubic knowledge. This secretive behavior makes the data gathering even more suspect. Part of the skills they employ can skirt backup encryption processes. Apple has given other parties access to data before. Now we know that they can also help any of these parties break encryption that is supposed to keep iPhone data secure. Many users trust iPhone security to allow them to privately connect their phones to other devices they own. But with this capability, anyone that Apple shares their techniques with can get into all the data.
Apple is very publicly proud of its server data security. They also keep denying that it cooperates with intelligence agencies like the NSA. The company has also issued many statements about user data security and privacy. Yet they have these systems in place that put users in more danger than any other mobile OS. Jonathan Zdziarski, the researcher who discovered the iOS hole, is not convinced that Apple designed the system so that the NSA could access user data. But he did confirm that Apple is taking way too much data for their declared purposes. And the fact that the company is not being forthcoming is worrisome.
Apple is compromising user security to get the data. This alone is not acceptable. Even if they do not intent to share the data with the NSA or the police, it can be used by these agencies. There are many laws and loopholes in laws that law enforcement and the intelligence community can take advantage of. Apple should feel an obligation to secure user data so that no one can get to it. The company would not even say whether or not they had served up user data when it as requested by these parties.
VPN iPhone and Local Data Encryption
In 2013, news spread of a backdoor that was open from Apple systems for the NSA. Apple vehemently denied these allegations. But in February this year, specific evidence surfaced in the Snowden documents that showed just how much the NSA could take from Apple. VPN iPhone encryption became a popular solution for online security after this. Now we hear again of how open Apple’s access is to all their iPhone users’ data. The company is going too far with this, endangering user privacy.
Zdziarski uncovered the truth about how far into the cookie jar Apple’s hand reaches. When faced with questions about the personal data it takes from users, Apple said it used it for diagnostics. But the amount and type of data is too incredible to be merely to give engineers a clue. And because of how they do it, VPN iPhone encryption cannot secure everything from being taken. Users need to add local data encryption and be careful what they store on their devices. Apple can see full contact lists, stored pictures, and actual text messages, for example. Why Apple would want or need these for diagnostics is beyond comprehension.
Possibly the worst aspect of this latest discovery is that it cannot be turned off by users. They don’t know about it and can’t do anything about it. And users can’t backtrack to know the security status of their data. There is no way for anyone to know what devices the backup encryption process has given trusted status to. And even if any of these could be identified, users would have to wipe their iPhones to break the connections. And Zdziarski demonstrated just how much data he could pull off an iPhone from one of these trusted devices. VPN iPhone encryption and local data encryption are necessary to protect data from being read if it is taken.