Digital forensics firm Stroz Freidberg says it has verified the existence of an iOS backdoor and has issued advice and tools to help minimise the risk
Digital forensics firm Stroz Freidberg has released a free tool that claims to protect consumers and businesses from an iOS backdoor that could allow an attacker to access personal data on iPhones and iPads by exploiting pairing records.
The backdoor was revealed by security researcher Jonathan Zdiarski last month and is opened when a user elects to ‘trust’ a computer when an iOS device is connected, a process necessary for functions like syncing and software updates.
However if an outsider gains access to these pairing records, either on the device or on the computer, they can expose user, application, diagnostic, file and system data over a USB or Wi-Fi connection.
iOS backdoor tool
Stroz Freidberg says it was able to verify Zdiarski’s research by recreating many of the scenarios he describes on both iOS 7 and iOS 8, and has accordingly created ‘UnTRUST’, a free open source tool that deletes pairing records from a device when it is connected to a computer.
“Enterprises today rely heavily on mobile devices for day-to-day business operations,” says Erin Nealy Cox, executive managing director and lead of the incident response practice at Stroz Friedberg. “The breach of even one employee’s iPhone has the potential to expose a company’s valuable information to their competitors or the public-at-large.”
The tool is available from the company’s GitHub repository, along with a whitepaper outlining the risks and security advice for business who want to minimise their exposure to the vulnerability.
This includes using the tool to delete all pairing records, trusting only one computer, disabling Wi-Fi when not needed and encrypting data-at-rest wherever possible. It is also recommended that all software on both computer and mobile device is kept up to date and enterprises deploy mobile device management (MDM) platforms to secure corporate smartphones and tablets.
Apple has acknowledged the existence of the backdoor, claiming it is a troubleshooting tool. However this explanation has been refuted by Zdiarski, who says it simply doesn’t make sense.
How well do you know Apple? Take our quiz!