Last week I mentioned laws which affect our rights and freedoms with regards to personal data online.
I am going to revisit the topic this week, following some revelations by a forensic scientist about certain ‘back doors’ that have been built into every iOS device.
Giving a talk at HOPE/X, Jonathan Zdziarski detailed multiple undocumented services (programs which run in the background) that are resident in iOS. They have interesting names like lockdownd, mobile.file_relay, and house_arrest. What these services do, is give Apple (and potentially law enforcement agencies) a ‘back door’ into your iPhone or iPad, that bypasses any security you may have set up. Your iPhone or iPad only needs to be powered on for these services to run, so your data is potentially exposed even when you think your device is nicely locked and secure.
Scary stuff eh?
These revelations shouldn’t really be a surprise to anyone, following the hoo-haa over Edward Snowdon, the NSA, GCHQ and other government agencies globally that has been in the news for many months now.
The question is, is there anything we can do? We can’t rely on big business to take the lead and supply solutions to keep our data safe, despite the fact that companies like Google have switched to encryption on all of their services as a result of the ongoing fiasco. There will always be other companies that don’t behave in that way.
Businesses of course listen to one thing, money. If data security concerns drive a wedge between big business and a public with money to spend, then big business will need to change their practices and adapt to survive. It’s the same story with government bodies, although they listen to voters instead of money alone!
Is all of this scare mongering really necessary? Good things can and do come from a select few people with access to our dirty laundry, who are then able to foil plots and catch criminals. Aren’t they a necessity to ensure our collective safety and our futures? Also, I would hasten to point out, that unless you are of particular interest to law enforcement agencies around the world, there is next to no chance that a real person will sneak in and read your emails. It is just not practical.
So, should we just accept that we live in a surveillance society and hope that the real criminals don’t find those back doors?